senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/tests/e2e/01-auth.spec.ts
senke a3f4ac6b70 fix: sync E2E tests with seed data + i18n fix 
- Update E2E test credentials to match actual seed users
  (user@veza.music, artist@veza.music, admin@veza.music, mod@veza.music)
- Fix hardcoded "Suggested Accounts" in SuggestionsWidget with i18n key
- Replace hardcoded amelie_dubois references with CONFIG.users.creator
- Refactor auth, player, upload E2E tests for reliability
- Add tmt test plans and scripts for CI integration
- Simplify CI workflow

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-02 19:42:03 +02:00

242 lines
9.8 KiB
TypeScript
Raw Blame History

import { test, expect } from '@chromatic-com/playwright';
import { CONFIG, loginViaUI, navigateTo, assertNoDebugText } from './helpers';
test.describe('AUTH — Inscription', () => {
test('01. La page /register se charge correctement', async ({ page }) => {
await navigateTo(page, '/register');
await expect(page.getByTestId('register-form')).toBeVisible({ timeout: 10_000 });
await expect(page.locator('#register-username')).toBeVisible({ timeout: 5_000 });
await expect(page.locator('#register-email')).toBeVisible({ timeout: 5_000 });
await expect(page.locator('#register-password')).toBeVisible({ timeout: 5_000 });
await assertNoDebugText(page);
});
test('02. Inscription avec email + mot de passe valides', async ({ page }) => {
test.setTimeout(60_000);
await navigateTo(page, '/register');
await expect(page.getByTestId('register-form')).toBeVisible({ timeout: 10_000 });
const uniqueSuffix = Date.now();
const uniqueEmail = `e2e-${uniqueSuffix}@veza.test`;
await page.locator('#register-username').fill(`e2e-user-${uniqueSuffix}`);
await page.locator('#register-email').fill(uniqueEmail);
await page.locator('#register-password').fill('SecurePass123!@#');
await page.locator('#register-password_confirm').fill('SecurePass123!@#');
// Accept terms
const termsCheckbox = page.locator('#register-terms');
await expect(termsCheckbox).toBeAttached({ timeout: 5_000 });
await termsCheckbox.click({ force: true });
await page.waitForTimeout(300);
const submitBtn = page.getByTestId('register-submit');
await expect(submitBtn).toBeVisible({ timeout: 5_000 });
await submitBtn.click();
// Must get a success indication: redirect OR verification notice
const successIndicator = page.getByText(/vérification|verification|email envoyé|check your email|inscription réussie/i)
.or(page.locator('[role="status"]').first());
await expect(
successIndicator.first(),
).toBeVisible({ timeout: 20_000 });
});
test('03. Inscription avec email deja existant -> erreur claire', async ({ page }) => {
await navigateTo(page, '/register');
await expect(page.getByTestId('register-form')).toBeVisible({ timeout: 10_000 });
await page.locator('#register-username').fill('duplicate-user');
await page.locator('#register-email').fill(CONFIG.users.listener.email);
await page.locator('#register-password').fill('SecurePass123!@#');
await page.locator('#register-password_confirm').fill('SecurePass123!@#');
const termsCheckbox = page.locator('#register-terms');
await expect(termsCheckbox).toBeAttached({ timeout: 5_000 });
await termsCheckbox.click({ force: true });
await page.waitForTimeout(300);
await page.getByTestId('register-submit').click();
// Must show an error — not silently succeed
const errorIndicator = page.getByRole('alert')
.or(page.getByText(/existe déjà|already exists|email.*taken/i));
await expect(errorIndicator.first()).toBeVisible({ timeout: 10_000 });
});
test('04. Validation cote client — mot de passe trop court', async ({ page }) => {
await navigateTo(page, '/register');
await page.locator('#register-password').fill('123');
await page.locator('#register-password').press('Tab');
await page.waitForTimeout(500);
// Also submit to trigger validation
await page.locator('#register-email').fill('valid@test.com');
await page.locator('#register-username').fill('testuser');
await page.locator('#register-password_confirm').fill('123');
await page.getByTestId('register-submit').click();
await page.waitForTimeout(500);
// Must display a validation error
const errorMsg = page.locator('#register-password-error')
.or(page.getByRole('alert'))
.or(page.getByText(/trop court|too short|minimum|au moins|at least|caractères|doit contenir/i));
await expect(errorMsg.first()).toBeVisible({ timeout: 5_000 });
});
test('05. Validation cote client — email invalide', async ({ page }) => {
await navigateTo(page, '/register');
await page.locator('#register-email').fill('not-an-email');
await page.locator('#register-email').blur();
await expect(
page.getByText(/email.*invalide|invalid.*email|format/i),
).toBeVisible({ timeout: 3_000 });
});
});
test.describe('AUTH — Connexion', () => {
test('06. La page /login se charge correctement', async ({ page }) => {
await navigateTo(page, '/login');
await expect(page.getByTestId('login-form')).toBeVisible({ timeout: 10_000 });
await expect(page.getByTestId('login-submit')).toBeVisible({ timeout: 5_000 });
await assertNoDebugText(page);
});
test('07. Connexion avec identifiants valides @critical', async ({ page }) => {
await loginViaUI(page, CONFIG.users.listener.email, CONFIG.users.listener.password);
// Must not be on /login anymore
await expect(page).not.toHaveURL(/login/);
// Authenticated layout must be visible
await expect(page.getByTestId('app-sidebar')).toBeVisible({ timeout: 5_000 });
});
test('08. Connexion avec mauvais mot de passe -> erreur claire', async ({ page }) => {
test.setTimeout(60_000);
await navigateTo(page, '/login');
await expect(page.getByTestId('login-form')).toBeVisible({ timeout: 10_000 });
const emailInput = page.locator('input[type="email"]');
await emailInput.clear();
await emailInput.fill(CONFIG.users.listener.email);
const passwordInput = page.locator('input[type="password"]').first();
await passwordInput.clear();
await passwordInput.fill('WrongPassword123!');
await page.getByTestId('login-submit').click();
// Must show error AND stay on /login
const errorIndicator = page.getByRole('alert')
.or(page.getByText(/incorrect|invalid|erreur|error|identifiants/i));
await expect(errorIndicator.first()).toBeVisible({ timeout: 15_000 });
await expect(page).toHaveURL(/login/);
});
test('09. Lien mot de passe oublie fonctionne', async ({ page }) => {
await navigateTo(page, '/login');
await expect(page.getByTestId('login-form')).toBeVisible({ timeout: 10_000 });
const forgotLink = page.getByRole('link', { name: /forgot password/i })
.or(page.locator('a[href="/forgot-password"]'));
await expect(forgotLink.first()).toBeVisible({ timeout: 8_000 });
await forgotLink.first().click();
await expect(page).toHaveURL(/forgot-password/, { timeout: 10_000 });
});
test('10. Lien vers inscription depuis la page login', async ({ page }) => {
await navigateTo(page, '/login');
await expect(page.getByTestId('login-form')).toBeVisible({ timeout: 10_000 });
const registerLink = page.getByRole('link', { name: /sign up/i })
.or(page.locator('a[href="/register"]'));
await expect(registerLink.first()).toBeVisible({ timeout: 8_000 });
await registerLink.first().click();
await expect(page).toHaveURL(/register/, { timeout: 10_000 });
});
});
test.describe('AUTH — Sessions et securite', () => {
test('11. Redirection vers /login si non authentifie @critical', async ({ page }) => {
test.setTimeout(60_000);
await page.goto('/dashboard', { waitUntil: 'domcontentloaded' });
// Must redirect to login
await expect(page).toHaveURL(/login/, { timeout: 20_000 });
});
test('12. L\'utilisateur est authentifie apres connexion (auth-storage)', async ({ page }) => {
test.setTimeout(60_000);
await loginViaUI(page, CONFIG.users.listener.email, CONFIG.users.listener.password);
// Verify isAuthenticated is true in the Zustand auth-storage
const isAuthenticated = await page.evaluate(() => {
const raw = localStorage.getItem('auth-storage');
if (!raw) return false;
try {
const parsed = JSON.parse(raw);
return parsed?.state?.isAuthenticated === true;
} catch {
return false;
}
});
expect(isAuthenticated, 'auth-storage should have isAuthenticated=true after login').toBeTruthy();
});
test('13. Deconnexion fonctionne correctement', async ({ page }) => {
test.setTimeout(60_000);
await loginViaUI(page, CONFIG.users.listener.email, CONFIG.users.listener.password);
// Find and click sign out — try header menu first, then sidebar
const userMenu = page.getByTestId('user-menu');
await expect(userMenu).toBeVisible({ timeout: 5_000 });
await userMenu.click();
await page.waitForTimeout(800);
const signOutBtn = page.locator('button.text-destructive').first()
.or(page.locator('button').filter({ hasText: /sign out|déconnexion|logout/i }).first());
await expect(signOutBtn).toBeVisible({ timeout: 3_000 });
await signOutBtn.click();
// Must redirect to /login
await expect(page).toHaveURL(/login/, { timeout: 20_000 });
// Auth state must be cleared
const isAuthenticated = await page.evaluate(() => {
const raw = localStorage.getItem('auth-storage');
if (!raw) return false;
try {
return JSON.parse(raw)?.state?.isAuthenticated === true;
} catch {
return false;
}
});
expect(isAuthenticated, 'auth-storage should be cleared after logout').toBeFalsy();
});
test('14. Protection CSRF — la page login charge sans erreur CSRF', async ({ page }) => {
await navigateTo(page, '/login');
const body = await page.textContent('body') || '';
expect(body).not.toMatch(/csrf.*error|forbidden/i);
});
});
test.describe('AUTH — OAuth', () => {
test('15. Boutons OAuth visibles sur la page login', async ({ page }) => {
await navigateTo(page, '/login');
// At least one OAuth provider button must be visible
const oauthBtn = page.getByRole('button', { name: /google|github|discord|spotify/i }).first()
.or(page.locator('[data-provider]').first())
.or(page.locator('a[href*="oauth"]').first());
await expect(oauthBtn).toBeVisible({ timeout: 5_000 });
});
});
Reference in a new issue View git blame Copy permalink