arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

🧪 test: add failing BDD tests for user authentication system

Browse Source 
Added comprehensive BDD feature file and step definitions for user authentication
following ADR-0018. All tests are failing as expected per TDD practice.

- Created features/user_authentication.feature with 7 scenarios
- Added 17 step definitions for authentication flows
- Tests cover: user auth, admin auth, registration, password reset
- All tests fail with descriptive error messages

Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
This commit is contained in:
Gabriel Radureau
2026-04-06 22:56:12 +02:00
parent 10c909581c
commit 424eeab7d9
2 changed files with 164 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
features/user_authentication.feature Normal file
View File

@@ -0,0 +1,53 @@
# features/user_authentication.feature
Feature: User Authentication
As a user
I want to authenticate with the system
So I can access personalized features
Scenario: Successful user authentication
Given the server is running
And a user "testuser" exists with password "testpass123"
When I authenticate with username "testuser" and password "testpass123"
Then the authentication should be successful
And I should receive a valid JWT token
Scenario: Failed authentication with wrong password
Given the server is running
And a user "testuser" exists with password "testpass123"
When I authenticate with username "testuser" and password "wrongpassword"
Then the authentication should fail
And the response should contain error "invalid_credentials"
Scenario: Failed authentication with non-existent user
Given the server is running
When I authenticate with username "nonexistent" and password "somepassword"
Then the authentication should fail
And the response should contain error "invalid_credentials"
Scenario: Admin authentication with master password
Given the server is running
When I authenticate as admin with master password "admin123"
Then the authentication should be successful
And I should receive a valid JWT token
And the token should contain admin claims
Scenario: User registration
Given the server is running
When I register a new user "newuser" with password "newpass123"
Then the registration should be successful
And I should be able to authenticate with the new credentials
Scenario: Password reset request by admin
Given the server is running
And a user "resetuser" exists with password "oldpass123"
And I am authenticated as admin
When I request password reset for user "resetuser"
Then the password reset should be allowed
And the user should be flagged for password reset
Scenario: User completes password reset
Given the server is running
And a user "resetuser" exists and is flagged for password reset
When I complete password reset for "resetuser" with new password "newpass123"
Then the password reset should be successful
And I should be able to authenticate with the new password

111
pkg/bdd/steps/steps.go
View File

@@ -31,6 +31,26 @@ func InitializeAllSteps(ctx *godog.ScenarioContext, client *testserver.Client) {
ctx.Step(`^I send a POST request to v2 greet with name "([^"]*)"$`, sc.iSendPOSTRequestToV2GreetWithName) ctx.Step(`^I send a POST request to v2 greet with name "([^"]*)"$`, sc.iSendPOSTRequestToV2GreetWithName)
ctx.Step(`^I send a POST request to v2 greet with invalid JSON "([^"]*)"$`, sc.iSendPOSTRequestToV2GreetWithInvalidJSON) ctx.Step(`^I send a POST request to v2 greet with invalid JSON "([^"]*)"$`, sc.iSendPOSTRequestToV2GreetWithInvalidJSON)
ctx.Step(`^the response should contain error "([^"]*)"$`, sc.theResponseShouldContainError) ctx.Step(`^the response should contain error "([^"]*)"$`, sc.theResponseShouldContainError)
// User Authentication Steps
ctx.Step(`^a user "([^"]*)" exists with password "([^"]*)"$`, sc.aUserExistsWithPassword)
ctx.Step(`^I authenticate with username "([^"]*)" and password "([^"]*)"$`, sc.iAuthenticateWithUsernameAndPassword)
ctx.Step(`^the authentication should be successful$`, sc.theAuthenticationShouldBeSuccessful)
ctx.Step(`^I should receive a valid JWT token$`, sc.iShouldReceiveAValidJWTToken)
ctx.Step(`^the authentication should fail$`, sc.theAuthenticationShouldFail)
ctx.Step(`^I authenticate as admin with master password "([^"]*)"$`, sc.iAuthenticateAsAdminWithMasterPassword)
ctx.Step(`^the token should contain admin claims$`, sc.theTokenShouldContainAdminClaims)
ctx.Step(`^I register a new user "([^"]*)" with password "([^"]*)"$`, sc.iRegisterANewUserWithPassword)
ctx.Step(`^the registration should be successful$`, sc.theRegistrationShouldBeSuccessful)
ctx.Step(`^I should be able to authenticate with the new credentials$`, sc.iShouldBeAbleToAuthenticateWithTheNewCredentials)
ctx.Step(`^I am authenticated as admin$`, sc.iAmAuthenticatedAsAdmin)
ctx.Step(`^I request password reset for user "([^"]*)"$`, sc.iRequestPasswordResetForUser)
ctx.Step(`^the password reset should be allowed$`, sc.thePasswordResetShouldBeAllowed)
ctx.Step(`^the user should be flagged for password reset$`, sc.theUserShouldBeFlaggedForPasswordReset)
ctx.Step(`^I complete password reset for "([^"]*)" with new password "([^"]*)"$`, sc.iCompletePasswordResetForWithNewPassword)
ctx.Step(`^I should be able to authenticate with the new password$`, sc.iShouldBeAbleToAuthenticateWithTheNewPassword)
ctx.Step(`^a user "([^"]*)" exists and is flagged for password reset$`, sc.aUserExistsAndIsFlaggedForPasswordReset)
ctx.Step(`^the password reset should be successful$`, sc.thePasswordResetShouldBeSuccessful)
} }
func (sc *StepContext) iRequestAGreetingFor(name string) error { func (sc *StepContext) iRequestAGreetingFor(name string) error {
@@ -107,3 +127,94 @@ func (sc *StepContext) theResponseShouldContainError(expectedError string) error
} }
return nil return nil
} }
// User Authentication Steps
func (sc *StepContext) aUserExistsWithPassword(username, password string) error {
// This will need to be implemented when user management is available
return fmt.Errorf("user management not yet implemented")
}
func (sc *StepContext) iAuthenticateWithUsernameAndPassword(username, password string) error {
// This will need to be implemented when authentication endpoints are available
return fmt.Errorf("authentication not yet implemented")
}
func (sc *StepContext) theAuthenticationShouldBeSuccessful() error {
// This will need to be implemented when authentication is available
return fmt.Errorf("authentication not yet implemented")
}
func (sc *StepContext) iShouldReceiveAValidJWTToken() error {
// This will need to be implemented when JWT generation is available
return fmt.Errorf("JWT generation not yet implemented")
}
func (sc *StepContext) theAuthenticationShouldFail() error {
// This will need to be implemented when authentication is available
return fmt.Errorf("authentication not yet implemented")
}
func (sc *StepContext) iAuthenticateAsAdminWithMasterPassword(password string) error {
// This will need to be implemented when admin authentication is available
return fmt.Errorf("admin authentication not yet implemented")
}
func (sc *StepContext) theTokenShouldContainAdminClaims() error {
// This will need to be implemented when JWT claims are available
return fmt.Errorf("JWT claims not yet implemented")
}
func (sc *StepContext) iRegisterANewUserWithPassword(username, password string) error {
// This will need to be implemented when user registration is available
return fmt.Errorf("user registration not yet implemented")
}
func (sc *StepContext) theRegistrationShouldBeSuccessful() error {
// This will need to be implemented when user registration is available
return fmt.Errorf("user registration not yet implemented")
}
func (sc *StepContext) iShouldBeAbleToAuthenticateWithTheNewCredentials() error {
// This will need to be implemented when authentication is available
return fmt.Errorf("authentication not yet implemented")
}
func (sc *StepContext) iAmAuthenticatedAsAdmin() error {
// This will need to be implemented when admin authentication is available
return fmt.Errorf("admin authentication not yet implemented")
}
func (sc *StepContext) iRequestPasswordResetForUser(username string) error {
// This will need to be implemented when password reset is available
return fmt.Errorf("password reset not yet implemented")
}
func (sc *StepContext) thePasswordResetShouldBeAllowed() error {
// This will need to be implemented when password reset is available
return fmt.Errorf("password reset not yet implemented")
}
func (sc *StepContext) theUserShouldBeFlaggedForPasswordReset() error {
// This will need to be implemented when password reset is available
return fmt.Errorf("password reset not yet implemented")
}
func (sc *StepContext) iCompletePasswordResetForWithNewPassword(username, password string) error {
// This will need to be implemented when password reset is available
return fmt.Errorf("password reset not yet implemented")
}
func (sc *StepContext) aUserExistsAndIsFlaggedForPasswordReset(username string) error {
// This will need to be implemented when password reset is available
return fmt.Errorf("password reset not yet implemented")
}
func (sc *StepContext) thePasswordResetShouldBeSuccessful() error {
// This will need to be implemented when password reset is available
return fmt.Errorf("password reset not yet implemented")
}
func (sc *StepContext) iShouldBeAbleToAuthenticateWithTheNewPassword() error {
// This will need to be implemented when authentication is available
return fmt.Errorf("authentication not yet implemented")
}