e48f3b5ece
- Changed `NUXT_SESSION_SECRET` to `NUXT_SESSION_PASSWORD` across configuration files and documentation to align with the usage in nuxt-auth-utils. - Updated related comments and documentation to reflect the new variable name, ensuring clarity for developers and users.
6.0 KiB
6.0 KiB
Testing Guide
This document provides testing credentials, test data, and guidelines for automated testing.
Test User Credentials (Staging)
⚠️ Important: These credentials are ONLY for the staging environment. NEVER use them in production!
Cidaas Staging Test User
- Email:
bm@noxware.de - Password:
%654321qQ! - Environment:
https://experimenta-staging.cidaas.de - User ID (experimenta_id):
97dcde33-d12e-4275-a0d5-e01cfbea37c2
Usage:
- Used by automated tests (Playwright E2E, Vitest integration tests)
- Manual testing during development
- Authentication flow validation
User Profile:
- First Name: Bastian
- Last Name: Masanek
- Email verified: Yes
Setting Up Automated Tests
1. Environment Variables
Add these to your .env file for automated testing:
# Test Credentials (Staging only - for automated testing)
TEST_USER_EMAIL=bm@noxware.de
TEST_USER_PASSWORD=%654321qQ!
2. Playwright E2E Tests
Playwright tests use these credentials to test the complete authentication flow.
Example test:
// tests/e2e/auth.spec.ts
import { test, expect } from '@playwright/test'
test('user can login with valid credentials', async ({ page }) => {
const email = process.env.TEST_USER_EMAIL!
const password = process.env.TEST_USER_PASSWORD!
await page.goto('http://localhost:3000/auth')
await page.fill('input[type="email"]', email)
await page.fill('input[type="password"]', password)
await page.click('button[type="submit"]')
// Verify successful login
await expect(page).toHaveURL('http://localhost:3000/')
await expect(page.locator('text=Willkommen zurück')).toBeVisible()
})
Run Playwright tests:
pnpm test:e2e
3. Vitest Integration Tests
Vitest tests use these credentials for API endpoint testing.
Example test:
// tests/integration/auth.test.ts
import { describe, it, expect } from 'vitest'
import { setup, $fetch } from '@nuxt/test-utils'
describe('Authentication API', async () => {
await setup()
it('POST /api/auth/login - successful login', async () => {
const response = await $fetch('/api/auth/login', {
method: 'POST',
body: {
email: process.env.TEST_USER_EMAIL,
password: process.env.TEST_USER_PASSWORD,
},
})
expect(response.success).toBe(true)
})
})
Run Vitest tests:
pnpm test
Test Data
Test Products (Mock Data for Development)
For local development and testing, you can use these mock product IDs:
// Mock Makerspace Annual Pass
{
navProductId: 'MAK-001',
name: 'Makerspace Jahreskarte',
description: 'Unbegrenzter Zugang zum Makerspace für 1 Jahr',
price: 120.00,
category: 'annual-pass',
stock: 100,
}
Test Orders (Mock Data)
// Mock completed order
{
orderNumber: 'TEST-2025-0001',
userId: '...',
status: 'completed',
totalAmount: 120.00,
paymentMethod: 'paypal',
paymentId: 'PAYPAL-TEST-12345',
}
Testing Workflows
Complete Checkout Flow (E2E)
- Login with test credentials
- Browse products and add to cart
- Proceed to checkout
- Fill billing address (pre-filled from test user profile)
- Complete PayPal payment (sandbox)
- Verify order creation in database
- Verify order submission to X-API (staging)
Authentication Flow (Integration)
- Register new user via Cidaas API (staging)
- Verify email (manual step in staging)
- Login with new credentials
- Create session and verify JWT token
- Access protected endpoints with session
- Logout and verify session cleared
CI/CD Integration
GitLab CI Environment Variables
Add these secrets to GitLab CI/CD settings:
TEST_USER_EMAIL(Protected, Masked)TEST_USER_PASSWORD(Protected, Masked)
GitLab CI configuration:
test:
stage: test
script:
- pnpm install
- pnpm test
- pnpm test:e2e
variables:
TEST_USER_EMAIL: $TEST_USER_EMAIL
TEST_USER_PASSWORD: $TEST_USER_PASSWORD
Security Best Practices
✅ Do's
- Use test credentials only in staging environment
- Store credentials in environment variables (
.env), never hardcode - Use separate test user accounts (not real user accounts)
- Rotate test credentials regularly
- Add test credentials to GitLab CI/CD as protected, masked variables
❌ Don'ts
- Never commit
.envfile to git (already in.gitignore) - Never use test credentials in production environment
- Never use real user credentials for automated testing
- Never hardcode credentials in test files
- Never share test credentials publicly (GitHub, Slack, etc.)
Troubleshooting
Test User Login Fails
Problem: Automated tests fail with "Invalid credentials" error
Solutions:
- Verify
TEST_USER_EMAILandTEST_USER_PASSWORDare set in.env - Check Cidaas staging environment is accessible
- Verify test user account still exists in Cidaas
- Check if password was changed in Cidaas Admin Panel
Session Tests Fail
Problem: Session-related tests fail unexpectedly
Solutions:
- Verify
NUXT_SESSION_PASSWORDis set in.env - Clear Redis cache:
docker-compose -f docker-compose.dev.yml restart redis - Check session expiration settings in
nuxt.config.ts
E2E Tests Time Out
Problem: Playwright tests time out waiting for elements
Solutions:
- Increase timeout in
playwright.config.ts - Check if dev server is running (
pnpm dev) - Verify network connectivity to staging environment
- Check browser console for JavaScript errors
Related Documentation
- CIDAAS_INTEGRATION.md - Authentication implementation details
- ARCHITECTURE.md - System architecture and data flows
- PRD.md - Product requirements and user stories
- Main README: ../tests/README.md - Test suite overview
Last Updated: 2025-11-01