🧪 test: add failing BDD tests for user authentication system
Added comprehensive BDD feature file and step definitions for user authentication following ADR-0018. All tests are failing as expected per TDD practice. - Created features/user_authentication.feature with 7 scenarios - Added 17 step definitions for authentication flows - Tests cover: user auth, admin auth, registration, password reset - All tests fail with descriptive error messages Generated by Mistral Vibe. Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
This commit is contained in:
53
features/user_authentication.feature
Normal file
53
features/user_authentication.feature
Normal file
@@ -0,0 +1,53 @@
|
||||
# features/user_authentication.feature
|
||||
Feature: User Authentication
|
||||
As a user
|
||||
I want to authenticate with the system
|
||||
So I can access personalized features
|
||||
|
||||
Scenario: Successful user authentication
|
||||
Given the server is running
|
||||
And a user "testuser" exists with password "testpass123"
|
||||
When I authenticate with username "testuser" and password "testpass123"
|
||||
Then the authentication should be successful
|
||||
And I should receive a valid JWT token
|
||||
|
||||
Scenario: Failed authentication with wrong password
|
||||
Given the server is running
|
||||
And a user "testuser" exists with password "testpass123"
|
||||
When I authenticate with username "testuser" and password "wrongpassword"
|
||||
Then the authentication should fail
|
||||
And the response should contain error "invalid_credentials"
|
||||
|
||||
Scenario: Failed authentication with non-existent user
|
||||
Given the server is running
|
||||
When I authenticate with username "nonexistent" and password "somepassword"
|
||||
Then the authentication should fail
|
||||
And the response should contain error "invalid_credentials"
|
||||
|
||||
Scenario: Admin authentication with master password
|
||||
Given the server is running
|
||||
When I authenticate as admin with master password "admin123"
|
||||
Then the authentication should be successful
|
||||
And I should receive a valid JWT token
|
||||
And the token should contain admin claims
|
||||
|
||||
Scenario: User registration
|
||||
Given the server is running
|
||||
When I register a new user "newuser" with password "newpass123"
|
||||
Then the registration should be successful
|
||||
And I should be able to authenticate with the new credentials
|
||||
|
||||
Scenario: Password reset request by admin
|
||||
Given the server is running
|
||||
And a user "resetuser" exists with password "oldpass123"
|
||||
And I am authenticated as admin
|
||||
When I request password reset for user "resetuser"
|
||||
Then the password reset should be allowed
|
||||
And the user should be flagged for password reset
|
||||
|
||||
Scenario: User completes password reset
|
||||
Given the server is running
|
||||
And a user "resetuser" exists and is flagged for password reset
|
||||
When I complete password reset for "resetuser" with new password "newpass123"
|
||||
Then the password reset should be successful
|
||||
And I should be able to authenticate with the new password
|
||||
Reference in New Issue
Block a user