Page:
Feature: Login Test Cases
Clone
2
Feature: Login Test Cases
jramos edited this page 2026-01-28 20:39:55 -07:00
Table of Contents
- Authentication Feature - Test Cases
[[TOC]]
Authentication Feature - Test Cases
Feature Branch: feature/login Date: 2026-01-28 Tester: _______________
Pre-Test Setup
- Backend server running on port 3001
- Frontend server running on port 3000
- Database has been set up with
node setup.js - Can access http://[SERVER_IP]:3000 in browser
1. Login Page Display
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 1.1 | Navigate to app URL when not logged in | Login page displays | PASS |
| 1.2 | Login page shows username field | Field is visible and editable | PASS |
| 1.3 | Login page shows password field | Field is visible and editable | PASS |
| 1.4 | Login page shows "Sign In" button | Button is visible | PASS |
| 1.5 | Default credentials hint is shown | Shows "admin / admin123" | PASS |
2. Login Functionality
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 2.1 | Login with valid credentials (admin/admin123) | Redirects to dashboard | PASS |
| 2.2 | Login with invalid username | Shows "Invalid username or password" | PASS |
| 2.3 | Login with invalid password | Shows "Invalid username or password" | PASS |
| 2.4 | Login with empty username | Form validation prevents submit | PASS |
| 2.5 | Login with empty password | Form validation prevents submit | PASS |
| 2.6 | Press Enter in password field | Submits form (same as clicking Sign In) | PASS |
3. Session Persistence
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 3.1 | Refresh page after login | Stays logged in, dashboard displays | PASS |
| 3.2 | Open new browser tab to same URL | Already logged in | PASS |
| 3.3 | Close browser, reopen, navigate to app | Still logged in (within 24hrs) |
4. Logout
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 4.1 | Click user menu in header | Dropdown menu appears | PASS |
| 4.2 | Click "Sign Out" in dropdown | Returns to login page | PASS |
| 4.3 | After logout, try to access dashboard URL directly | Redirects to login page | PASS |
| 4.4 | After logout, check browser cookies | session_id cookie is cleared | PASS |
5. User Menu Display
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 5.1 | User menu shows username | Displays "admin" | PASS |
| 5.2 | User menu shows role | Displays "admin" role | PASS |
| 5.3 | User menu dropdown shows email | Shows admin@localhost | PASS |
| 5.4 | Admin user sees "Manage Users" option | Option is visible | PASS |
6. Role-Based UI - Admin Role
Login as: admin/admin123
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 6.1 | "Add CVE/Vendor" button in header | Visible | PASS |
| 6.2 | "Upload Document" button on CVE records | Visible | PASS |
| 6.3 | "Delete" button on documents | Visible | PASS |
| 6.4 | "Manage Users" in user menu | Visible | PASS |
| 6.5 | Can open User Management panel | Panel opens | PASS |
7. User Management (Admin)
Login as: admin/admin123
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 7.1 | Open User Management panel | Shows list of users | PASS |
| 7.2 | Click "Add User" button | Add user form appears | PASS |
| 7.3 | Create user: editor1 / editor1@test.com / password123 / Editor | User created successfully | PASS |
| 7.4 | Create user: viewer1 / viewer1@test.com / password123 / Viewer | User created successfully | PASS |
| 7.5 | Edit existing user (change email) | Changes saved | PASS |
| 7.6 | Toggle user active status | Status changes | PASS |
| 7.7 | Delete a user (not self) | User deleted | PASS |
| 7.8 | Try to delete own account | Error: "Cannot delete your own account" | PASS |
| 7.9 | Try to deactivate own account | Error: "Cannot deactivate your own account" | PASS |
| 7.10 | Try to remove own admin role | Error: "Cannot remove your own admin role" | PASS |
| 7.11 | Create duplicate username | Error: "Username or email already exists" | PASS |
8. Role-Based UI - Editor Role
Logout and login as: editor1/password123
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 8.1 | "Add CVE/Vendor" button in header | Visible | PASS |
| 8.2 | "Upload Document" button on CVE records | Visible | PASS |
| 8.3 | "Delete" button on documents | NOT visible | PASS |
| 8.4 | "Manage Users" in user menu | NOT visible | PASS |
| 8.5 | Can add a new CVE | CVE created successfully | PASS |
| 8.6 | Can upload a document | Document uploaded successfully | PASS |
9. Role-Based UI - Viewer Role
Logout and login as: viewer1/password123
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 9.1 | "Add CVE/Vendor" button in header | NOT visible | PASS |
| 9.2 | "Upload Document" button on CVE records | NOT visible | PASS |
| 9.3 | "Delete" button on documents | NOT visible | PASS |
| 9.4 | "Manage Users" in user menu | NOT visible | PASS |
| 9.5 | Can view CVE list | CVEs display correctly | PASS |
| 9.6 | Can view documents (click View) | Documents accessible | PASS |
| 9.7 | Can use Quick CVE Status Check | Search works | PASS |
| 9.8 | Can use filters (vendor, severity) | Filters work | PASS |
10. Deactivated User
As admin, deactivate viewer1 account
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 10.1 | Try to login as deactivated user | Error: "Account is disabled" | PASS |
| 10.2 | Reactivate user (as admin) | User can login again | PASS |
11. Error Handling
| # | Test Case | Expected Result | Pass/Fail |
|---|---|---|---|
| 11.1 | Stop backend, try to login | Shows "Failed to fetch" or connection error | PASS |
| 11.2 | Backend returns 500 error | Error message displayed to user | PASS |
Sign-Off
| Role | Name | Date | Signature |
|---|---|---|---|
| Tester | Jordan Ramos | 1/28/26 | jramos |
| Developer | Jordan Ramos | 1/28/26 | jramos |
Notes / Issues Found: