Enhance API and configuration for Telegram miniapp

- Added support for CORS origins and a new environment variable for miniapp access control. - Implemented date validation for API requests to ensure correct date formats. - Updated FastAPI app to allow access without Telegram initData for local development. - Enhanced error handling and logging for better debugging. - Added tests for API functionality and Telegram initData validation. - Updated README with new environment variable details and testing instructions. - Modified Docker and Git ignore files to include additional directories and files.
2026-02-17 17:21:35 +03:00
parent 7cdf1edc34
commit 5dc8c8f255
19 changed files with 447 additions and 64 deletions
--- a/tests/init.py
+++ b/tests/init.py
@@ -0,0 +1 @@
+# Tests package.
--- a/tests/test_config.py
+++ b/tests/test_config.py
@@ -0,0 +1,37 @@
+"""Tests for config.is_admin and config.can_access_miniapp."""
+import pytest
+
+import config
+
+
+def test_is_admin_true_when_in_admin_list(monkeypatch):
+    monkeypatch.setattr(config, "ADMIN_USERNAMES", {"admin1", "admin2"})
+    assert config.is_admin("admin1") is True
+    assert config.is_admin("ADMIN1") is True
+    assert config.is_admin("admin2") is True
+
+
+def test_is_admin_false_when_not_in_list(monkeypatch):
+    monkeypatch.setattr(config, "ADMIN_USERNAMES", {"admin1"})
+    assert config.is_admin("other") is False
+    assert config.is_admin("") is False
+
+
+def test_can_access_miniapp_allowed_username(monkeypatch):
+    monkeypatch.setattr(config, "ALLOWED_USERNAMES", {"user1"})
+    monkeypatch.setattr(config, "ADMIN_USERNAMES", set())
+    assert config.can_access_miniapp("user1") is True
+    assert config.can_access_miniapp("USER1") is True
+
+
+def test_can_access_miniapp_admin_has_access(monkeypatch):
+    monkeypatch.setattr(config, "ALLOWED_USERNAMES", set())
+    monkeypatch.setattr(config, "ADMIN_USERNAMES", {"admin1"})
+    assert config.can_access_miniapp("admin1") is True
+
+
+def test_can_access_miniapp_denied(monkeypatch):
+    monkeypatch.setattr(config, "ALLOWED_USERNAMES", {"user1"})
+    monkeypatch.setattr(config, "ADMIN_USERNAMES", set())
+    assert config.can_access_miniapp("other") is False
+    assert config.can_access_miniapp("") is False