(ns auto-ap.auth.middleware-test
  (:require
   [auto-ap.integration.util :refer [wrap-setup]]
   [auto-ap.routes.utils :as routes-utils]
   [clojure.test :refer [deftest is testing use-fixtures]]))

(use-fixtures :each wrap-setup)

(deftest test-wrap-client-redirect-unauthenticated
  (testing "Behavior 8.1: It should convert 401 responses to HTMX redirects for unauthenticated users"
    (let [handler (routes-utils/wrap-client-redirect-unauthenticated
                   (fn [req] {:status 401 :body "Unauthorized"}))
          response (handler {:uri "/protected"})]
      (is (= 401 (:status response)))
      (is (= "/login?redirect-to=%2Fprotected" (get-in response [:headers "hx-redirect"])))))

  (testing "Non-401 responses pass through unchanged"
    (let [handler (routes-utils/wrap-client-redirect-unauthenticated
                   (fn [req] {:status 200 :body "OK"}))
          response (handler {:uri "/protected"})]
      (is (= 200 (:status response)))
      (is (nil? (get-in response [:headers "hx-redirect"]))))))