// 用户管理 API 测试
const request = require('supertest');
const app = require('../../backend/src/index');

describe('User API', () => {
  let token;

  beforeAll(async () => {
    // Login first
    const loginRes = await request(app)
      .post('/api/auth/login')
      .send({ username: 'testuser', password: 'test123' });
    token = loginRes.body.token;
  });

  describe('GET /api/user/profile', () => {
    it('should get user profile', async () => {
      const response = await request(app)
        .get('/api/user/profile')
        .set('Authorization', `Bearer ${token}`);
      
      expect(response.status).toBe(200);
      expect(response.body).toHaveProperty('user');
    });

    it('should reject without token', async () => {
      const response = await request(app)
        .get('/api/user/profile');
      
      expect(response.status).toBe(401);
    });
  });

  describe('PUT /api/user/password', () => {
    it('should update password', async () => {
      const response = await request(app)
        .put('/api/user/password')
        .set('Authorization', `Bearer ${token}`)
        .send({ 
          oldPassword: 'test123', 
          newPassword: 'newpass123' 
        });
      
      expect(response.status).toBe(200);
    });
  });
});