#[cfg(test)]
mod tests {
    use crate::modes::server::common::check_auth;
    use axum::http::{HeaderMap, HeaderValue};

    #[test]
    fn test_auth_with_no_password_required() {
        let headers = HeaderMap::new();
        let password = None;

        // When no password is required, auth should pass
        assert!(check_auth(&headers, &password));
    }

    #[test]
    fn test_auth_with_bearer_token() {
        let mut headers = HeaderMap::new();
        headers.insert(
            "authorization",
            HeaderValue::from_static("Bearer secret123"),
        );

        let password = Some("secret123".to_string());

        // Valid bearer token should pass
        assert!(check_auth(&headers, &password));
    }

    #[test]
    fn test_auth_with_invalid_bearer_token() {
        let mut headers = HeaderMap::new();
        headers.insert(
            "authorization",
            HeaderValue::from_static("Bearer wrongtoken"),
        );

        let password = Some("secret123".to_string());

        // Invalid bearer token should fail
        assert!(!check_auth(&headers, &password));
    }

    #[test]
    fn test_auth_with_basic_auth() {
        let mut headers = HeaderMap::new();
        // Basic auth for "keep:secret123" base64 encoded
        headers.insert(
            "authorization",
            HeaderValue::from_static("Basic a2VlcDpzZWNyZXQxMjM="),
        );

        let password = Some("secret123".to_string());

        // Valid basic auth should pass
        assert!(check_auth(&headers, &password));
    }

    #[test]
    fn test_auth_with_invalid_basic_auth() {
        let mut headers = HeaderMap::new();
        // Basic auth for "keep:wrongpass" base64 encoded
        headers.insert(
            "authorization",
            HeaderValue::from_static("Basic a2VlcDp3cm9uZ3Bhc3M="),
        );

        let password = Some("secret123".to_string());

        // Invalid basic auth should fail
        assert!(!check_auth(&headers, &password));
    }

    #[test]
    fn test_auth_with_missing_auth_header() {
        let headers = HeaderMap::new();
        let password = Some("secret123".to_string());

        // Missing auth header should fail when password is required
        assert!(!check_auth(&headers, &password));
    }

    #[test]
    fn test_auth_with_malformed_auth_header() {
        let mut headers = HeaderMap::new();
        headers.insert("authorization", HeaderValue::from_static("Invalid header"));

        let password = Some("secret123".to_string());

        // Malformed auth header should fail
        assert!(!check_auth(&headers, &password));
    }
}