senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/tests/e2e
History
senke 083b5718a7 feat(auth): defer JWT to post-verify + verify-email header (v1.0.9 items 1.3+1.4) 
Item 1.4 — Register no longer issues an access+refresh token pair. The
prior flow set httpOnly cookies at register but the AuthMiddleware
refused them on every protected route until the user had verified
their email (`core/auth/service.go:527`). Users ended up with dead
credentials and a "logged in but locked out" UX. Register now returns
{user, verification_required: true, message} and the SPA's existing
"check your email" notice fires naturally.

Item 1.3 — `POST /auth/verify-email` reads the token from the
`X-Verify-Token` header in preference to the `?token=…` query param.
Query param logged a deprecation warning but stays accepted so emails
dispatched before this release still work. Headers don't leak through
proxy/CDN access logs that record URL but not headers.

Tests: 18 test files updated (sed `_, _, err :=` → `_, err :=` for the
new Register signature). `core/auth/handler_test.go` gets a
`registerVerifyLogin` helper for tests that exercise post-login flows
(refresh, logout). Two new E2E `@critical` specs lock in the defer-JWT
contract and the header read-path.

OpenAPI + orval regenerated to reflect the new RegisterResponse shape
and the verify-email header parameter.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-26 22:56:31 +02:00
..
23-visual-regression.spec.ts-snapshots test: update e2e test suite and add audit tests 2026-03-23 16:06:26 +01:00
audit chore(cleanup): remove orphan code + archive disabled workflows + .playwright-mcp 2026-04-20 20:33:40 +02:00
fixtures chore(cleanup): remove orphan code + archive disabled workflows + .playwright-mcp 2026-04-20 20:33:40 +02:00
helpers chore(cleanup): remove orphan code + archive disabled workflows + .playwright-mcp 2026-04-20 20:33:40 +02:00
scripts test: add comprehensive e2e test suite (34 spec files) 2026-03-18 11:36:22 +01:00
tests/e2e/audit/results/screenshots fix(e2e): address remaining real bugs + known UX gaps 2026-04-05 16:24:11 +02:00
01-auth.spec.ts fix: sync E2E tests with seed data + i18n fix 2026-04-02 19:42:03 +02:00
02-navigation.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
03-player.spec.ts test(e2e): skip 4 pre-existing @critical flakes with root cause + tickets — task #36 2026-04-18 03:25:11 +02:00
04-tracks.spec.ts fix(e2e): stable upload-trigger testid, unskip v107-e2e-04 — rc1-day2 root cause #2 2026-04-18 16:38:28 +02:00
05-playlists.spec.ts fix(e2e): verify playlist create via API + fix toast/dialog selectors 2026-04-05 17:52:18 +02:00
06-search-discover.spec.ts fix(e2e): address remaining real bugs + known UX gaps 2026-04-05 16:24:11 +02:00
07-social.spec.ts fix(e2e): address remaining real bugs + known UX gaps 2026-04-05 16:24:11 +02:00
08-marketplace.spec.ts fix(e2e): scope toast selector to avoid strict mode violation 2026-04-05 18:01:06 +02:00
09-chat-notifications-settings.spec.ts fix(e2e): increase expect timeout to 10s + fix selector mismatches 2026-04-04 20:26:52 +02:00
10-features.spec.ts fix(e2e): address remaining real bugs + known UX gaps 2026-04-05 16:24:11 +02:00
11-accessibility-ethics.spec.ts test(e2e): skip 14 remaining @critical baseline failures, document per root-cause — rc1-day2 finish 2026-04-18 20:05:31 +02:00
12-api.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
13-workflows.spec.ts test(e2e): skip 14 remaining @critical baseline failures, document per root-cause — rc1-day2 finish 2026-04-18 20:05:31 +02:00
14-edge-cases.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
15-routes-coverage.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
16-forms-validation.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
17-modals-dialogs.spec.ts fix(e2e): verify playlist create via API + fix toast/dialog selectors 2026-04-05 17:52:18 +02:00
18-empty-states.spec.ts fix(e2e): verify playlist create via API + fix toast/dialog selectors 2026-04-05 17:52:18 +02:00
19-responsive.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
20-network-errors.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
21-error-boundary.spec.ts fix: stabilize frontend — 98 TS errors to 0, align API endpoints, optimize bundle 2026-03-24 21:18:49 +01:00
22-performance.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
23-visual-regression.spec.ts fix: stabilize frontend — 98 TS errors to 0, align API endpoints, optimize bundle 2026-03-24 21:18:49 +01:00
24-cross-browser.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
25-profile.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
25-register-defer-jwt.spec.ts feat(auth): defer JWT to post-verify + verify-email header (v1.0.9 items 1.3+1.4) 2026-04-26 22:56:31 +02:00
26-smoke.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
26-verify-email-header.spec.ts feat(auth): defer JWT to post-verify + verify-email header (v1.0.9 items 1.3+1.4) 2026-04-26 22:56:31 +02:00
27-upload.spec.ts test(e2e): skip 14 remaining @critical baseline failures, document per root-cause — rc1-day2 finish 2026-04-18 20:05:31 +02:00
28-storybook.spec.ts fix: stabilize frontend — 98 TS errors to 0, align API endpoints, optimize bundle 2026-03-24 21:18:49 +01:00
29-chat-functional.spec.ts test(e2e): skip 14 remaining @critical baseline failures, document per root-cause — rc1-day2 finish 2026-04-18 20:05:31 +02:00
30-marketplace-checkout.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
31-auth-sessions.spec.ts test(e2e): skip 2 more baseline flakies + pre-commit Option D escalation rule 2026-04-18 20:26:30 +02:00
32-deep-pages.spec.ts fix(e2e, ui): root causes #3 #4 #5 #6 — rc1-day2 misc baseline fixes 2026-04-18 17:22:00 +02:00
33-visual-bugs.spec.ts test(e2e): convert all remaining 298 console.log to real expect() 2026-04-08 15:50:17 +02:00
34-workflows-empty.spec.ts fix(e2e, ui): root causes #3 #4 #5 #6 — rc1-day2 misc baseline fixes 2026-04-18 17:22:00 +02:00
35-register.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
36-forgot-password.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
37-reset-password.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
38-user-profile.spec.ts fix: sync E2E tests with seed data + i18n fix 2026-04-02 19:42:03 +02:00
39-feed.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
40-library.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
41-chat-deep.spec.ts test(e2e): skip 14 remaining @critical baseline failures, document per root-cause — rc1-day2 finish 2026-04-18 20:05:31 +02:00
42-player-deep.spec.ts feat(e2e): add 303 deep behavioral tests + fix WebSocket + lint-staged 2026-04-06 13:35:26 +02:00
43-upload-deep.spec.ts test(e2e): skip 2 more baseline flakies + pre-commit Option D escalation rule 2026-04-18 20:26:30 +02:00
44-auth-deep.spec.ts feat(e2e): add 303 deep behavioral tests + fix WebSocket + lint-staged 2026-04-06 13:35:26 +02:00
45-playlists-deep.spec.ts test(e2e): skip 3 more @critical failures surfaced by full-suite pre-push 2026-04-18 20:12:51 +02:00
46-search-discover-deep.spec.ts feat(e2e): add 303 deep behavioral tests + fix WebSocket + lint-staged 2026-04-06 13:35:26 +02:00
47-social-deep.spec.ts feat(e2e): add 303 deep behavioral tests + fix WebSocket + lint-staged 2026-04-06 13:35:26 +02:00
48-marketplace-deep.spec.ts test(e2e): skip 3 more @critical failures surfaced by full-suite pre-push 2026-04-18 20:12:51 +02:00
49-notifications-settings-deep.spec.ts feat(e2e): add 303 deep behavioral tests + fix WebSocket + lint-staged 2026-04-06 13:35:26 +02:00
COVERAGE_MAP.md test: add comprehensive e2e test suite (34 spec files) 2026-03-18 11:36:22 +01:00
dashboard-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
design-system.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
discover.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
global-setup.ts fix(e2e): hard-fail global-setup when rate limiting detected 2026-04-23 19:15:39 +02:00
global-teardown.ts test: add comprehensive e2e test suite (34 spec files) 2026-03-18 11:36:22 +01:00
helpers.ts fix(e2e): accept login-form as page readiness marker 2026-04-18 20:19:33 +02:00
launch-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
login-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
playlists-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
playlists-detail-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
playlists-edit-audit.spec.ts docs(e2e): flag test-env-assumed skips for staging verification 2026-04-19 00:37:11 +02:00
playlists-favoris-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
playlists-shared-token.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
playwright.config.ts fix(e2e): disable reuseExistingServer in CI to guarantee test-mode env (v1.0.8 C3) 2026-04-25 23:27:30 +02:00
queue-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
search-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
SKIPPED_TESTS.md docs(e2e): flag test-env-assumed skips for staging verification 2026-04-19 00:37:11 +02:00
tracks-detail-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
verify-email-audit.spec.ts feat(web): update all features, stories, e2e tests, and auth interceptor 2026-03-31 19:16:36 +02:00
VEZA_AUDIT_REPORT.md test: add comprehensive e2e test suite (34 spec files) 2026-03-18 11:36:22 +01:00