arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
08202a578dab2efe6ca7599bb61ae964f3bdc539
dance-lessons-coach/features/user_authentication.feature
Gabriel Radureau 08202a578d
Some checks failed
CI/CD Pipeline / CI Pipeline (push) Has been cancelled
Details
CI/CD Pipeline / CI Pipeline (pull_request) Successful in 15m34s
Details
📝 docs: add comprehensive SOLID analysis and code review findings 
- Documented SOLID principle violations across codebase
- Identified security best practice improvements needed
- Analyzed performance optimization opportunities
- Added detailed refactoring recommendations
- Updated ADR-0018 with JWT secret rotation reference
- Enabled gitea-client skill for programmer agent

This commit captures the current state analysis before implementing improvements.
2026-04-06 23:49:03 +02:00

53 lines
2.2 KiB
Gherkin
Raw Blame History

# features/user_authentication.feature
Feature: User Authentication
As a user
I want to authenticate with the system
So I can access personalized features
Scenario: Successful user authentication
Given the server is running
And a user "testuser" exists with password "testpass123"
When I authenticate with username "testuser" and password "testpass123"
Then the authentication should be successful
And I should receive a valid JWT token
Scenario: Failed authentication with wrong password
Given the server is running
And a user "testuser" exists with password "testpass123"
When I authenticate with username "testuser" and password "wrongpassword"
Then the authentication should fail
And the response should contain error "invalid_credentials"
Scenario: Failed authentication with non-existent user
Given the server is running
When I authenticate with username "nonexistent" and password "somepassword"
Then the authentication should fail
And the response should contain error "invalid_credentials"
Scenario: Admin authentication with master password
Given the server is running
When I authenticate as admin with master password "admin123"
Then the authentication should be successful
And I should receive a valid JWT token
And the token should contain admin claims
Scenario: User registration
Given the server is running
When I register a new user "newuser_" with password "newpass123"
Then the registration should be successful
And I should be able to authenticate with the new credentials
Scenario: Password reset request by admin
Given the server is running
And a user "resetuser" exists with password "oldpass123"
And I am authenticated as admin
When I request password reset for user "resetuser"
Then the password reset should be allowed
And the user should be flagged for password reset
Scenario: User completes password reset
Given the server is running
And a user "resetuser" exists and is flagged for password reset
When I complete password reset for "resetuser" with new password "newpass123"
Then the password reset should be successful
And I should be able to authenticate with the new password
Reference in New Issue View Git Blame Copy Permalink