80 lines
3.9 KiB
TypeScript
80 lines
3.9 KiB
TypeScript
import { test, expect } from "@playwright/test";
|
|
|
|
// ─────────────────────────────────────────────────────────────
|
|
// Login flow: credentials → /api/login JSON → redirect to /admin
|
|
// ─────────────────────────────────────────────────────────────
|
|
test("login with valid credentials redirects to /admin and shows admin dashboard", async ({
|
|
page,
|
|
}) => {
|
|
// Navigate to login page
|
|
await page.goto("/login");
|
|
|
|
// Fill credentials
|
|
await page.fill("#email", process.env.TEST_ADMIN_EMAIL!);
|
|
await page.fill("#password", process.env.TEST_ADMIN_PASSWORD!);
|
|
|
|
// Submit form
|
|
await page.click('button[type="submit"]');
|
|
|
|
// Wait for navigation to /admin — the JSON response + client nav must happen
|
|
await page.waitForURL("**/admin", { timeout: 10000 });
|
|
|
|
// Admin dashboard must be rendered (Control Center heading or admin layout)
|
|
await expect(page.locator("body")).not.toContainText("Access Denied");
|
|
await expect(page.locator("body")).not.toContainText("Login failed");
|
|
});
|
|
|
|
// ─────────────────────────────────────────────────────────────
|
|
// Login failure: bad password shows error, stays on /login
|
|
// ─────────────────────────────────────────────────────────────
|
|
test("login with wrong password shows error and stays on /login", async ({
|
|
page,
|
|
}) => {
|
|
await page.goto("/login");
|
|
|
|
await page.fill("#email", process.env.TEST_ADMIN_EMAIL!);
|
|
await page.fill("#password", "wrongpassword123!");
|
|
|
|
await page.click('button[type="submit"]');
|
|
|
|
// Error message should appear
|
|
await expect(page.locator('[role="alert"]')).toBeVisible({ timeout: 5000 });
|
|
// Should NOT navigate away from login
|
|
await expect(page).toHaveURL(/\/login/);
|
|
});
|
|
|
|
// ─────────────────────────────────────────────────────────────
|
|
// Login with missing fields shows validation error
|
|
// ─────────────────────────────────────────────────────────────
|
|
test("login with missing email shows validation error", async ({ page }) => {
|
|
await page.goto("/login");
|
|
|
|
// Don't fill email, only password
|
|
await page.fill("#password", "something");
|
|
|
|
await page.click('button[type="submit"]');
|
|
|
|
// Browser validation should fire (email required)
|
|
await expect(page.locator("#email")).toHaveAttribute("required", "");
|
|
});
|
|
|
|
// ─────────────────────────────────────────────────────────────
|
|
// Session persistence: after login, navigating to /admin
|
|
// should load without re-authenticating
|
|
// ─────────────────────────────────────────────────────────────
|
|
test("admin session persists across page reloads", async ({ page }) => {
|
|
// Login first
|
|
await page.goto("/login");
|
|
await page.fill("#email", process.env.TEST_ADMIN_EMAIL!);
|
|
await page.fill("#password", process.env.TEST_ADMIN_PASSWORD!);
|
|
await page.click('button[type="submit"]');
|
|
await page.waitForURL("**/admin", { timeout: 10000 });
|
|
|
|
// Reload the page
|
|
await page.reload();
|
|
|
|
// Should still be on /admin (session cookie keeps user logged in)
|
|
await expect(page).toHaveURL(/\/admin/);
|
|
await expect(page.locator("body")).not.toContainText("Access Denied");
|
|
});
|