70c97233c5
- Use localhost instead of 127.0.0.1 as TARGET_URL so the WebAuthn RP ID
is a valid domain (the spec forbids IP addresses)
- Replace request.post('/logout') with page.context().clearCookies() since
Playwright's request fixture has a separate cookie jar from the page
- Add registerPasskey() helper that waits for 'load' event to reliably
detect the page reload after successful registration
- Track credential count with getCredentialCount() since credentials
accumulate across serial tests sharing the same database
- Fix login.spec.js selector from #webauthn-login-form to #webauthn-login-btn
to match the actual template
All 57 E2E tests now pass (50 migrated + 7 WebAuthn).
64 lines
2.6 KiB
JavaScript
64 lines
2.6 KiB
JavaScript
// @ts-check
|
|
const { test, expect } = require('@playwright/test');
|
|
|
|
const fixtures = JSON.parse(process.env.E2E_FIXTURES || '{}');
|
|
|
|
test.describe('Full user journey', () => {
|
|
test('register via magic link, set password, logout, login', async ({ page }) => {
|
|
// Verify fixtures are loaded
|
|
expect(fixtures.register_token).toBeTruthy();
|
|
|
|
// ---- Step 1: Register via magic link ----
|
|
await page.goto(`/register/${fixtures.register_token}`);
|
|
|
|
// Should redirect to /manage/credentials?setup=1
|
|
await page.waitForURL('**/manage/credentials?setup=1', { timeout: 5000 });
|
|
expect(page.url()).toContain('/manage/credentials');
|
|
|
|
// Should show welcome message
|
|
const welcome = page.locator('[role="status"]');
|
|
await expect(welcome).toBeVisible();
|
|
const welcomeText = await welcome.textContent();
|
|
expect(welcomeText).toContain('Welcome');
|
|
|
|
// Page title should contain Porchlight
|
|
await expect(page).toHaveTitle(/Porchlight/);
|
|
|
|
// ---- Step 2: Set password ----
|
|
const passwordInput = page.locator('#password');
|
|
const confirmInput = page.locator('#confirm');
|
|
await expect(passwordInput).toBeVisible();
|
|
await expect(confirmInput).toBeVisible();
|
|
|
|
await passwordInput.fill('mypassword123');
|
|
await confirmInput.fill('mypassword123');
|
|
await page.click('#password-section button[type="submit"]');
|
|
|
|
// Wait for success message
|
|
const successMsg = page.locator('#password-section [role="status"]');
|
|
await expect(successMsg).toBeVisible({ timeout: 5000 });
|
|
await expect(successMsg).toContainText('Password updated');
|
|
|
|
// ---- Step 3: Logout ----
|
|
// Clear the session cookie via the browser context (the request fixture
|
|
// has a separate cookie jar and cannot clear the page's session).
|
|
await page.context().clearCookies();
|
|
|
|
// Navigate to credentials — should redirect to login since we're logged out
|
|
await page.goto('/manage/credentials');
|
|
await page.waitForURL('**/login', { timeout: 5000 });
|
|
expect(page.url()).toContain('/login');
|
|
|
|
// ---- Step 4: Login with the password we just set ----
|
|
await page.fill('#username', fixtures.register_username);
|
|
await page.fill('#password', 'mypassword123');
|
|
await page.click('form[hx-post="/login/password"] button[type="submit"]');
|
|
|
|
// Wait for redirect to credentials page
|
|
await page.waitForURL('**/manage/credentials', { timeout: 5000 });
|
|
expect(page.url()).toContain('/manage/credentials');
|
|
|
|
// Should NOT show setup message (no ?setup=1)
|
|
await expect(page.locator('[role="status"]:has-text("Welcome")')).toHaveCount(0);
|
|
});
|
|
});
|