import { describe, it, expect } from "vitest";

import { hashPassword, verifyPassword } from "@/lib/password";

describe("password hashing", () => {
  it("round-trips a correct password", async () => {
    const plain = "correct horse battery staple";
    const hash = await hashPassword(plain);
    expect(hash).not.toEqual(plain);
    expect(hash.startsWith("$2")).toBe(true);
    expect(await verifyPassword(plain, hash)).toBe(true);
  });

  it("rejects incorrect password", async () => {
    const hash = await hashPassword("rightpass123");
    expect(await verifyPassword("wrongpass", hash)).toBe(false);
  });

  it("produces different hashes for the same plaintext (salted)", async () => {
    const plain = "samepw";
    const a = await hashPassword(plain);
    const b = await hashPassword(plain);
    expect(a).not.toEqual(b);
    expect(await verifyPassword(plain, a)).toBe(true);
    expect(await verifyPassword(plain, b)).toBe(true);
  });
});