package auth

import (
	"testing"
)

func TestHashPassword(t *testing.T) {
	hash, err := HashPassword("mypassword")
	if err != nil {
		t.Fatalf("HashPassword = %v", err)
	}
	if hash == "" {
		t.Fatal("hash is empty")
	}
	if hash == "mypassword" {
		t.Fatal("hash should not equal the plaintext password")
	}
}

func TestVerifyPasswordCorrect(t *testing.T) {
	hash, err := HashPassword("mypassword")
	if err != nil {
		t.Fatalf("HashPassword = %v", err)
	}

	if err := VerifyPassword(hash, "mypassword"); err != nil {
		t.Fatalf("VerifyPassword = %v", err)
	}
}

func TestVerifyPasswordWrong(t *testing.T) {
	hash, err := HashPassword("mypassword")
	if err != nil {
		t.Fatalf("HashPassword = %v", err)
	}

	if err := VerifyPassword(hash, "wrongpassword"); err == nil {
		t.Fatal("expected error for wrong password, got nil")
	}
}

func TestHashPasswordUnique(t *testing.T) {
	hash1, _ := HashPassword("mypassword")
	hash2, _ := HashPassword("mypassword")
	if hash1 == hash2 {
		t.Fatal("bcrypt should produce different hashes for the same password")
	}
}