🧪 test: implement user management and password reset functionality

pkg/bdd/steps/auth_steps.go

@@ -8,7 +8,6 @@ import (
 
 	"dance-lessons-coach/pkg/bdd/testserver"
 
-	"github.com/cucumber/godog"
 	"github.com/golang-jwt/jwt/v5"
 )
 
@@ -182,8 +181,9 @@ func (s *AuthSteps) theRegistrationShouldBeSuccessful() error {
 }
 
 func (s *AuthSteps) iShouldBeAbleToAuthenticateWithTheNewCredentials() error {
-	// This is the same as regular authentication
-	return godog.ErrPending
+	// Actually perform authentication with the new credentials
+	// This simulates what a real user would do after registration
+	return s.iAuthenticateWithUsernameAndPassword("newuser_", "newpass123")
 }
 
 func (s *AuthSteps) iAmAuthenticatedAsAdmin() error {
@@ -213,7 +213,18 @@ func (s *AuthSteps) thePasswordResetShouldBeAllowed() error {
 
 func (s *AuthSteps) theUserShouldBeFlaggedForPasswordReset() error {
 	// This is verified by the password reset request being successful
-	return godog.ErrPending
+	// Check if we got a 200 status code
+	if s.client.GetLastStatusCode() != http.StatusOK {
+		return fmt.Errorf("expected status 200, got %d", s.client.GetLastStatusCode())
+	}
+
+	// Check if response contains success message
+	body := string(s.client.GetLastBody())
+	if !strings.Contains(body, "Password reset allowed") {
+		return fmt.Errorf("expected password reset success message, got %s", body)
+	}
+
+	return nil
 }
 
 func (s *AuthSteps) iCompletePasswordResetForWithNewPassword(username, password string) error {
@@ -251,8 +262,9 @@ func (s *AuthSteps) thePasswordResetShouldBeSuccessful() error {
 }
 
 func (s *AuthSteps) iShouldBeAbleToAuthenticateWithTheNewPassword() error {
-	// This is the same as regular authentication
-	return godog.ErrPending
+	// Actually perform authentication with the new password
+	// This simulates what a real user would do after password reset
+	return s.iAuthenticateWithUsernameAndPassword("resetuser", "newpass123")
 }
 
 func (s *AuthSteps) thePasswordResetShouldFail() error {