server: implement user authentication (none by default)

server/tests/conftest.py

@@ -0,0 +1,16 @@
+import pytest
+
+
+@pytest.fixture(scope="function", autouse=True)
+@pytest.mark.asyncio
+async def setup_database():
+    from reflector.settings import settings
+    from tempfile import NamedTemporaryFile
+
+    with NamedTemporaryFile() as f:
+        settings.DATABASE_URL = f"sqlite:///{f.name}"
+        from reflector.db import engine, metadata
+
+        metadata.create_all(bind=engine)
+
+        yield

server/tests/test_transcripts.py

@@ -1,10 +1,11 @@
 import pytest
 from httpx import AsyncClient
-from reflector.app import app
 
 
 @pytest.mark.asyncio
 async def test_transcript_create():
+    from reflector.app import app
+
     async with AsyncClient(app=app, base_url="http://test/v1") as ac:
         response = await ac.post("/transcripts", json={"name": "test"})
         assert response.status_code == 200
@@ -21,6 +22,8 @@ async def test_transcript_create():
 
 @pytest.mark.asyncio
 async def test_transcript_get_update_name():
+    from reflector.app import app
+
     async with AsyncClient(app=app, base_url="http://test/v1") as ac:
         response = await ac.post("/transcripts", json={"name": "test"})
         assert response.status_code == 200
@@ -42,9 +45,35 @@ async def test_transcript_get_update_name():
 
 
 @pytest.mark.asyncio
-async def test_transcripts_list():
+async def test_transcripts_list_anonymous():
     # XXX this test is a bit fragile, as it depends on the storage which
     #     is shared between tests
+    from reflector.app import app
+
+    async with AsyncClient(app=app, base_url="http://test/v1") as ac:
+        response = await ac.get("/transcripts")
+        assert response.status_code == 401
+
+
+@pytest.fixture
+@pytest.mark.asyncio
+async def authenticated_client():
+    from reflector.app import app
+    from reflector.auth import current_user, current_user_optional
+
+    app.dependency_overrides[current_user] = lambda: {"sub": "randomuserid"}
+    app.dependency_overrides[current_user_optional] = lambda: {"sub": "randomuserid"}
+    yield
+    del app.dependency_overrides[current_user]
+    del app.dependency_overrides[current_user_optional]
+
+
+@pytest.mark.asyncio
+async def test_transcripts_list_authenticated(authenticated_client):
+    # XXX this test is a bit fragile, as it depends on the storage which
+    #     is shared between tests
+    from reflector.app import app
+
     async with AsyncClient(app=app, base_url="http://test/v1") as ac:
         response = await ac.post("/transcripts", json={"name": "testxx1"})
         assert response.status_code == 200
@@ -64,6 +93,8 @@ async def test_transcripts_list():
 
 @pytest.mark.asyncio
 async def test_transcript_delete():
+    from reflector.app import app
+
     async with AsyncClient(app=app, base_url="http://test/v1") as ac:
         response = await ac.post("/transcripts", json={"name": "testdel1"})
         assert response.status_code == 200

server/tests/test_transcripts_rtc_ws.py

@@ -8,7 +8,6 @@ import json
 from unittest.mock import patch
 from httpx import AsyncClient
 
-from reflector.app import app
 from uvicorn import Config, Server
 import threading
 import asyncio
@@ -76,6 +75,7 @@ async def test_transcript_rtc_and_websocket(tmpdir, dummy_transcript, dummy_llm)
     # to be able to connect with aiortc
 
     from reflector.settings import settings
+    from reflector.app import app
 
     settings.DATA_DIR = Path(tmpdir)