arcodange/dance-lessons-coach
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
0cc28242224e5e0e090d97ec536dee9cbe427f1d
dance-lessons-coach/features/user_authentication.feature
Gabriel Radureau 40898edc52
Some checks failed
CI/CD Pipeline / CI Pipeline (pull_request) Successful in 7m36s
Details
CI/CD Pipeline / CI Pipeline (push) Has been cancelled
Details
🧪 test: add comprehensive BDD scenarios for authentication system 
- Added 18 new authentication test scenarios
- Increased BDD test coverage from 14 to 25 scenarios
- Added input validation for registration and login endpoints
- Added step definitions for new test scenarios
- All authentication edge cases now covered

Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
2026-04-07 00:36:00 +02:00

130 lines
5.5 KiB
Gherkin
Raw Blame History

# features/user_authentication.feature
Feature: User Authentication
As a user
I want to authenticate with the system
So I can access personalized features
Scenario: Successful user authentication
Given the server is running
And a user "testuser" exists with password "testpass123"
When I authenticate with username "testuser" and password "testpass123"
Then the authentication should be successful
And I should receive a valid JWT token
Scenario: Failed authentication with wrong password
Given the server is running
And a user "testuser" exists with password "testpass123"
When I authenticate with username "testuser" and password "wrongpassword"
Then the authentication should fail
And the response should contain error "invalid_credentials"
Scenario: Failed authentication with non-existent user
Given the server is running
When I authenticate with username "nonexistent" and password "somepassword"
Then the authentication should fail
And the response should contain error "invalid_credentials"
Scenario: Admin authentication with master password
Given the server is running
When I authenticate as admin with master password "admin123"
Then the authentication should be successful
And I should receive a valid JWT token
And the token should contain admin claims
Scenario: User registration
Given the server is running
When I register a new user "newuser_" with password "newpass123"
Then the registration should be successful
And I should be able to authenticate with the new credentials
Scenario: Password reset request by admin
Given the server is running
And a user "resetuser" exists with password "oldpass123"
And I am authenticated as admin
When I request password reset for user "resetuser"
Then the password reset should be allowed
And the user should be flagged for password reset
Scenario: User completes password reset
Given the server is running
And a user "resetuser" exists and is flagged for password reset
When I complete password reset for "resetuser" with new password "newpass123"
Then the password reset should be successful
And I should be able to authenticate with the new password
Scenario: Failed password reset for non-existent user
Given the server is running
When I request password reset for user "nonexistent"
Then the password reset should fail
And the response should contain error "server_error"
Scenario: Failed password reset completion for non-existent user
Given the server is running
When I complete password reset for "nonexistent" with new password "newpass123"
Then the password reset should fail
And the response should contain error "server_error"
Scenario: Failed password reset completion for user not flagged
Given the server is running
And a user "normaluser" exists with password "oldpass123"
When I complete password reset for "normaluser" with new password "newpass123"
Then the password reset should fail
And the response should contain error "server_error"
Scenario: Failed registration with existing username
Given the server is running
And a user "existinguser" exists with password "testpass123"
When I register a new user "existinguser" with password "newpass123"
Then the registration should fail
And the response should contain error "user_exists"
And the status code should be 409
Scenario: Failed registration with invalid username
Given the server is running
When I register a new user "ab" with password "validpass123"
Then the registration should fail
And the status code should be 400
Scenario: Failed registration with invalid password
Given the server is running
When I register a new user "validuser" with password "short"
Then the registration should fail
And the status code should be 400
Scenario: Failed authentication with empty username
Given the server is running
When I authenticate with username "" and password "somepassword"
Then the authentication should fail with validation error
And the status code should be 400
Scenario: Failed authentication with empty password
Given the server is running
When I authenticate with username "someuser" and password ""
Then the authentication should fail with validation error
And the status code should be 400
Scenario: Failed admin authentication with wrong password
Given the server is running
When I authenticate as admin with master password "wrongadmin"
Then the authentication should fail
And the response should contain error "invalid_credentials"
Scenario: Multiple consecutive authentications
Given the server is running
And a user "multiuser" exists with password "testpass123"
When I authenticate with username "multiuser" and password "testpass123"
Then the authentication should be successful
And I should receive a valid JWT token
When I authenticate with username "multiuser" and password "testpass123" again
Then the authentication should be successful
And I should receive a different JWT token
Scenario: JWT token validation
Given the server is running
And a user "tokenuser" exists with password "testpass123"
When I authenticate with username "tokenuser" and password "testpass123"
Then the authentication should be successful
And I should receive a valid JWT token
When I validate the received JWT token
Then the token should be valid
And it should contain the correct user ID
Reference in New Issue View Git Blame Copy Permalink