Add skeleton for backend tests and tests for authentication and swagger doc

.github/workflows/python-app.yml

@@ -0,0 +1,43 @@
+# This workflow will install Python dependencies, run tests and lint with a single version of Python
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python
+
+name: Backend server test
+
+on:
+  push:
+    branches: [ "main" ]
+  pull_request:
+    branches: [ "main" ]
+
+permissions:
+  contents: read
+
+defaults:
+  run:
+    working-directory: ./server
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+    - name: Set up Python 3.13
+      uses: actions/setup-python@v3
+      with:
+        python-version: "3.13"
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install flake8 pytest
+        if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
+    - name: Lint with flake8
+      run: |
+        # stop the build if there are Python syntax errors or undefined names
+        flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
+        # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
+        flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
+    - name: Test with pytest
+      run: |
+        pytest

.vscode/settings.json

@@ -9,5 +9,8 @@
       "source.organizeImports": "explicit"
     },
     "editor.formatOnSave": true
-  }
+  },
+  "python.testing.pytestArgs": ["server"],
+  "python.testing.unittestEnabled": false,
+  "python.testing.pytestEnabled": true
 }

CONTRIBUTING.md

@@ -61,21 +61,22 @@ Now you've got a virtual environment with necessary Python packages installed lo
 
 ##### SQLite setup (temporary)
 The application can be run using SQLite for the database. This makes the setup process a little easier, because SQLite is built-in to Python.
- 
-To create a local SQLite database file, run the `_sqilite-setup.py` script in the server directory: 
+
+To create a local SQLite database file, run the `db_scripts/sqilite_setup.py` script in the server directory:
 
 ```bash
 cd server
-python _sqlite-setup.py
+python -m db_scripts.sqlite_setup
 ```
 
-This should create a "local.db" file in the server directory, which the server will use as long as it retrieves `DB_URL` from `config/sqlite.py`. 
+This should create a "local.db" file in the server directory, which the server will use as long as it retrieves `DB_URL` from `config/sqlite.py`.
 
 A GUI database client is generally useful for backend development, it makes it easy to look up or change records/schema for debugging or prototyping.
-HeidiSQL is pretty good but there are many alternatives. Here are some that support SQLite: \
-https://heidisql.com \
-https://dbeaver.io \
-https://sqlitebrowser.org
+HeidiSQL is pretty good but there are many alternatives. Here are some that support SQLite:
+
+* https://heidisql.com
+* https://dbeaver.io
+* https://sqlitebrowser.org
 
 #### WIP: Backend setup for every session
 
@@ -120,6 +121,19 @@ Now all of the Python intellisense and tooling in VSCode should work!
 
 The debug configuration for the Flask app is defined in [.vscode/launch.json](.vscode/launch.json). You can debug the Flask app in VS Code by opening the debug panel, choosing `Flask Api Server` in the dropdown, and clicking the green run button. `F5` will also start the debugger. You can then set breakpoints and step through the server code.
 
+### Testing the backend
+
+The backend uses [Pytest](https://docs.pytest.org/en/stable/index.html) to test the Flask app and other services. To run the backend tests activate the Python venv as shown above and then in a terminal run
+
+```bash
+cd server
+pytest
+```
+
+You can also [run and debug tests](https://code.visualstudio.com/docs/python/testing#_run-tests) directly in VSCode. Click on the **Testing** panel on the left (it looks like a flask) and choose tests to run there. Small play buttons also show up in test files when you open them. The link above shows more details.
+
+The Flask documentation provides more info about how to [test Flask apps](https://flask.palletsprojects.com/en/stable/testing/) that is quite useful.
+
 ### Commit messages
 
 WIP: Provide instructions on how to format commit messages.

server/.gitignore

@@ -14,4 +14,224 @@ venv.bak/
 # Flask secret key file
 flask_secret_key.txt
 
+# SQLite database
 local.db
+
+# Add more based on https://github.com/github/gitignore/blob/main/Python.gitignore
+
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[codz]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#   Usually these files are written by a python script from a template
+#   before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py.cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+# Pipfile.lock
+
+# UV
+#   Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+# uv.lock
+
+# poetry
+#   Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control.
+#   This is especially recommended for binary packages to ensure reproducibility, and is more
+#   commonly ignored for libraries.
+#   https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control
+# poetry.lock
+# poetry.toml
+
+# pdm
+#   Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control.
+#   pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python.
+#   https://pdm-project.org/en/latest/usage/project/#working-with-version-control
+# pdm.lock
+# pdm.toml
+.pdm-python
+.pdm-build/
+
+# pixi
+#   Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control.
+# pixi.lock
+#   Pixi creates a virtual environment in the .pixi directory, just like venv module creates one
+#   in the .venv directory. It is recommended not to include this directory in version control.
+.pixi
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# Redis
+*.rdb
+*.aof
+*.pid
+
+# RabbitMQ
+mnesia/
+rabbitmq/
+rabbitmq-data/
+
+# ActiveMQ
+activemq-data/
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.envrc
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+# PyCharm
+#   JetBrains specific template is maintained in a separate JetBrains.gitignore that can
+#   be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
+#   and can be added to the global gitignore or merged into this file.  For a more nuclear
+#   option (not recommended) you can uncomment the following to ignore the entire idea folder.
+# .idea/
+
+# Abstra
+#   Abstra is an AI-powered process automation framework.
+#   Ignore directories containing user credentials, local state, and settings.
+#   Learn more at https://abstra.io/docs
+.abstra/
+
+# Visual Studio Code
+#   Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore
+#   that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore
+#   and can be added to the global gitignore or merged into this file. However, if you prefer,
+#   you could uncomment the following to ignore the entire vscode folder
+# .vscode/
+
+# Ruff stuff:
+.ruff_cache/
+
+# PyPI configuration file
+.pypirc
+
+# Marimo
+marimo/_static/
+marimo/_lsp/
+__marimo__/
+
+# Streamlit
+.streamlit/secrets.toml

server/api/__init__.py

@@ -60,10 +60,11 @@ def get_or_create_secret_key():
 # Session acts as a "registry" of sessions; sessions provide an api for executing queries.
 # Methods for executing queries can be called on Session directly, which will
 # add a session to the registry if necessary and call those methods on the session object.
-# Calling Session.remove() ends a session and removes it from the registry. 
+# Calling Session.remove() ends a session and removes it from the registry.
 session_factory = sessionmaker(engine)
 Session = scoped_session(session_factory)
 
+
 # This should ensure one db session per request.
 @app.teardown_request
 def close_db_connection(_e):

server/api/routes.py

@@ -15,7 +15,6 @@
 from api.models import get_user_by_name, insert_user
 
 
-
 @app.route("/")
 def index():
     """
@@ -32,8 +31,6 @@ def index():
 def login():
     """
     Login endpoint. Establishes a session after successful login.
-
-    TODO fill out details
     ---
     parameters:
       - in: body
@@ -72,8 +69,11 @@ def login():
 
     # flask_login and this call to login_user handles the session for us
     if not login_user(user):
-        return "There was a problem logging in, your account may have been deactivated.", 401
-
+        return (
+            "There was a problem logging in, your account may have been deactivated.",
+            401,
+        )
+
     return "", 200
 
 
@@ -105,7 +105,7 @@ def add_user():
     parameters:
       - in: body
         name: user_data
-        required: 
+        required:
           - username
             password
             confirm_password
@@ -138,6 +138,7 @@ def add_user():
         # todo(?), return more helpful error messages to client
         return str(e), 400
 
+
 @app.route("/resource")
 @login_required
 def get_resource():