tests/authentication: Use API endpoint in token_auth_cannot_find_token() that actually supports token auth

`GET /api/v1/me/updates` only supports cookie authentication, so this test was a bit misleading before

Author: Turbo87

src/tests/authentication.rs

@@ -1,6 +1,7 @@
 use crate::tests::TestApp;
-use crate::tests::util::{MockRequestExt, RequestHelper, Response};
+use crate::tests::util::{MockRequestExt, MockTokenUser, RequestHelper, Response};
 
+use crate::tests::builders::PublishBuilder;
 use crate::tests::util::encode_session_header;
 use http::{Method, StatusCode, header};
 use insta::assert_snapshot;
@@ -18,11 +19,11 @@ async fn anonymous_user_unauthorized() {
 
 #[tokio::test(flavor = "multi_thread")]
 async fn token_auth_cannot_find_token() {
-    let (_, anon) = TestApp::init().empty().await;
-    let mut request = anon.request_builder(Method::GET, URL);
-    request.header(header::AUTHORIZATION, "cio1tkfake-token");
-    let response: Response<()> = anon.run(request).await;
+    let (app, _anon) = TestApp::full().empty().await;
 
+    let client = MockTokenUser::with_auth_header("cio1tkfake-token".to_string(), app.clone());
+    let pb = PublishBuilder::new("foo", "1.0.0");
+    let response = client.publish_crate(pb).await;
     assert_snapshot!(response.status(), @"403 Forbidden");
     assert_snapshot!(response.text(), @r#"{"errors":[{"detail":"authentication failed"}]}"#);
 }