test(backend): add failing tests for step 10 — AuthService and AuthController

backend/src/test/kotlin/com/condado/newsletter/service/AuthServiceTest.kt

@@ -0,0 +1,62 @@
+package com.condado.newsletter.service
+
+import io.mockk.every
+import io.mockk.mockk
+import org.assertj.core.api.Assertions.assertThat
+import org.junit.jupiter.api.BeforeEach
+import org.junit.jupiter.api.Test
+import org.junit.jupiter.api.assertThrows
+
+class AuthServiceTest {
+
+    private val jwtService: JwtService = mockk()
+    private lateinit var authService: AuthService
+
+    @BeforeEach
+    fun setUp() {
+        authService = AuthService(
+            jwtService = jwtService,
+            appPassword = "testpassword"
+        )
+    }
+
+    @Test
+    fun should_returnJwtToken_when_correctPasswordProvided() {
+        every { jwtService.generateToken() } returns "jwt-token"
+
+        val token = authService.login("testpassword")
+
+        assertThat(token).isEqualTo("jwt-token")
+    }
+
+    @Test
+    fun should_throwUnauthorizedException_when_wrongPasswordProvided() {
+        assertThrows<UnauthorizedException> {
+            authService.login("wrongpassword")
+        }
+    }
+
+    @Test
+    fun should_returnValidClaims_when_jwtTokenParsed() {
+        val realJwtService = JwtService(
+            secret = "test-secret-key-for-testing-only-must-be-at-least-32-characters",
+            expirationMs = 86400000L
+        )
+        val token = realJwtService.generateToken()
+
+        assertThat(realJwtService.validateToken(token)).isTrue()
+    }
+
+    @Test
+    fun should_returnFalse_when_expiredTokenValidated() {
+        val realJwtService = JwtService(
+            secret = "test-secret-key-for-testing-only-must-be-at-least-32-characters",
+            expirationMs = 1L
+        )
+        val token = realJwtService.generateToken()
+
+        Thread.sleep(10) // wait for expiration
+
+        assertThat(realJwtService.validateToken(token)).isFalse()
+    }
+}