import { test, expect } from '@playwright/test' test.describe('Authentication Flow', () => { const testUser = { email: 'test@example.com', password: 'password123', } test.beforeEach(async ({ page }) => { await page.goto('/') }) test('should redirect to login when accessing protected route', async ({ page }) => { await page.goto('/dashboard') await expect(page).toHaveURL(/.*login/) }) test('should show sign in form', async ({ page }) => { await page.goto('/login') await expect(page.locator('input[name="email"]')).toBeVisible() await expect(page.locator('input[name="password"]')).toBeVisible() await expect(page.locator('button[type="submit"]')).toContainText('Sign In') }) test('should handle invalid credentials', async ({ page }) => { await page.goto('/login') await page.fill('input[name="email"]', 'invalid@example.com') await page.fill('input[name="password"]', 'wrongpassword') await page.click('button[type="submit"]') await expect(page.locator('.text-red-600')).toBeVisible() }) test('should sign in successfully', async ({ page }) => { await page.goto('/login') await page.fill('input[name="email"]', testUser.email) await page.fill('input[name="password"]', testUser.password) await page.click('button[type="submit"]') await expect(page).toHaveURL(/.*dashboard/) }) test('should persist session on page reload', async ({ page }) => { await page.goto('/login') await page.fill('input[name="email"]', testUser.email) await page.fill('input[name="password"]', testUser.password) await page.click('button[type="submit"]') await expect(page).toHaveURL(/.*dashboard/) await page.reload() await expect(page).toHaveURL(/.*dashboard/) }) test('should sign out successfully', async ({ page }) => { await page.goto('/login') await page.fill('input[name="email"]', testUser.email) await page.fill('input[name="password"]', testUser.password) await page.click('button[type="submit"]') await expect(page).toHaveURL(/.*dashboard/) await page.click('[data-testid="user-menu-button"]') await page.click('button:has-text("Sign Out")') await expect(page).toHaveURL(/.*login/) }) test('should handle session expiration', async ({ page }) => { await page.goto('/login') await page.fill('input[name="email"]', testUser.email) await page.fill('input[name="password"]', testUser.password) await page.click('button[type="submit"]') await expect(page).toHaveURL(/.*dashboard/) await page.evaluate(() => { localStorage.removeItem('bct_auth_session') }) await page.reload() await expect(page).toHaveURL(/.*login/) }) }) test.describe('Role-based Access Control', () => { test('should show admin panel for admin users', async ({ page }) => { await page.goto('/login') await page.fill('input[name="email"]', 'admin@example.com') await page.fill('input[name="password"]', 'password123') await page.click('button[type="submit"]') await expect(page).toHaveURL(/.*dashboard/) await page.click('[data-testid="user-menu-button"]') await expect(page.locator('a:has-text("Admin Dashboard")')).toBeVisible() }) test('should hide admin panel for regular users', async ({ page }) => { await page.goto('/login') await page.fill('input[name="email"]', 'user@example.com') await page.fill('input[name="password"]', 'password123') await page.click('button[type="submit"]') await expect(page).toHaveURL(/.*dashboard/) await page.click('[data-testid="user-menu-button"]') await expect(page.locator('a:has-text("Admin Dashboard")')).not.toBeVisible() }) test('should deny access to admin routes for regular users', async ({ page }) => { await page.goto('/login') await page.fill('input[name="email"]', 'user@example.com') await page.fill('input[name="password"]', 'password123') await page.click('button[type="submit"]') await page.goto('/admin/dashboard') await expect(page.locator('h2:has-text("Access Denied")')).toBeVisible() }) }) test.describe('Password Reset', () => { test('should show reset password form', async ({ page }) => { await page.goto('/login') await page.click('a:has-text("Forgot password?")') await expect(page.locator('input[name="email"]')).toBeVisible() await expect(page.locator('button[type="submit"]')).toContainText('Send Reset Email') }) test('should handle password reset request', async ({ page }) => { await page.goto('/reset-password') await page.fill('input[name="email"]', 'test@example.com') await page.click('button[type="submit"]') await expect(page.locator('.text-green-600')).toContainText('Reset email sent') }) }) test.describe('Sign Up Flow', () => { test('should show sign up form', async ({ page }) => { await page.goto('/signup') await expect(page.locator('input[name="email"]')).toBeVisible() await expect(page.locator('input[name="password"]')).toBeVisible() await expect(page.locator('input[name="confirmPassword"]')).toBeVisible() await expect(page.locator('button[type="submit"]')).toContainText('Sign Up') }) test('should handle password mismatch', async ({ page }) => { await page.goto('/signup') await page.fill('input[name="email"]', 'newuser@example.com') await page.fill('input[name="password"]', 'password123') await page.fill('input[name="confirmPassword"]', 'differentpassword') await page.click('button[type="submit"]') await expect(page.locator('.text-red-600')).toContainText('Passwords do not match') }) test('should create new account successfully', async ({ page }) => { await page.goto('/signup') await page.fill('input[name="email"]', 'newuser@example.com') await page.fill('input[name="password"]', 'password123') await page.fill('input[name="confirmPassword"]', 'password123') await page.click('button[type="submit"]') await expect(page.locator('.text-green-600')).toContainText('Account created successfully') }) })