diff --git a/tests/test_coupon_proxy.py b/tests/test_coupon_proxy.py index 41033e9..c993181 100644 --- a/tests/test_coupon_proxy.py +++ b/tests/test_coupon_proxy.py @@ -44,10 +44,21 @@ def access_token(client) -> str: return r.json()["access_token"] -def test_coupon_step_requires_auth(client) -> None: - """无 token → 401(get_current_user 拦下)。""" - r = client.post("/api/v1/coupon/step", json=_stub_request_body()) - assert r.status_code == 401 +def test_coupon_step_no_auth_required(client) -> None: + """MVP 不鉴权:不带 token 也能转发(已去掉 CurrentUser,device_id 透传)。 + + 历史:本测试原断言"无 token → 401",但 coupon/step 已去鉴权(见 docs/待办与 + 技术债.md「已解决」),401 断言已过时,改为验证不带 token 也能正常透传。 + """ + async def fake_post(self, url, json=None, **kw): + mock_resp = MagicMock() + mock_resp.status_code = 200 + mock_resp.json = lambda: {"success": True} + return mock_resp + + with patch.object(httpx.AsyncClient, "post", fake_post): + r = client.post("/api/v1/coupon/step", json=_stub_request_body()) + assert r.status_code == 200, r.text def test_coupon_step_passes_body_through(client, access_token) -> None: