"""Sign/verify roundtrip for the short-lived pending-verification cookie.

The pending cookie carries the email + user_id under verification. It is
NOT an auth cookie — never grants access beyond /verify and /verify/resend
— so the only properties we test are: round-trips correctly, rejects bad
signatures, and the salt is distinct from the session cookie's so a session
cookie can never be mistaken for a pending cookie."""
from __future__ import annotations

from app import auth


def test_pending_cookie_roundtrip():
    cookie = auth.sign_pending("user@example.com", 42)
    out = auth.verify_pending(cookie)
    assert out == {"email": "user@example.com", "uid": 42}


def test_pending_cookie_rejects_garbage():
    assert auth.verify_pending("totally-bogus") is None
    assert auth.verify_pending("") is None


def test_pending_cookie_does_not_validate_as_session():
    """Distinct salts: a pending-cookie value must not validate against the
    session deserialiser. Otherwise an unverified user could feed their
    pending cookie back as cassandra_session and bypass /verify."""
    cookie = auth.sign_pending("user@example.com", 42)
    assert auth.verify_session(cookie) is None


def test_session_cookie_does_not_validate_as_pending():
    cookie = auth.sign_session(7)
    assert auth.verify_pending(cookie) is None