8de9e0b5c3
8 test suites verifying: - Auth guards on 19 GET endpoints (Issue #4) - Timing-safe API key comparison (Issue #5) - Legacy cookie auth removal (Issue #7) - Login rate limiting (Issue #8) - CSRF Origin header validation (Issue #20) - DELETE body standardization (Issue #18) - Query limit caps at 200 (Issue #19) - Login flow and session lifecycle Also fixes migration 013 crash on fresh DB when gateways table doesn't exist (created lazily by gateways API, not in migrations). |
||
|---|---|---|
| .. | ||
| README.md | ||
| auth-guards.spec.ts | ||
| csrf-validation.spec.ts | ||
| delete-body.spec.ts | ||
| legacy-cookie-removed.spec.ts | ||
| limit-caps.spec.ts | ||
| login-flow.spec.ts | ||
| rate-limiting.spec.ts | ||
| timing-safe-auth.spec.ts | ||
README.md
E2E Tests
Place Playwright end-to-end specs here.
Example:
tests/smoke.spec.ts