makiolaj/GearBox
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 10 Wiki Activity
Files
73c3d69dba578b5f4bdb49d83d48f4134a7c997d
GearBox/.planning/phases/15-external-authentication/15-VALIDATION.md
Jean-Luc Makiola 625862f5ae feat(15-01): add Logto service to Docker Compose and create init script 
- Add Logto OIDC provider to docker-compose.yml and docker-compose.dev.yml
- Create docker/init-logto-db.sql to initialize separate Logto database on Postgres
- Add OIDC env vars (issuer, client ID/secret, auth secret) to app service
- Document all required env vars in .env.example
2026-04-04 20:37:57 +02:00

80 lines
3.0 KiB
Markdown
Raw Blame History

---
phase: 15
slug: external-authentication
status: draft
nyquist_compliant: false
wave_0_complete: false
created: 2026-04-04
---
# Phase 15 — Validation Strategy
> Per-phase validation contract for feedback sampling during execution.
---
## Test Infrastructure
| Property | Value |
|----------|-------|
| **Framework** | Bun test runner + Playwright |
| **Config file** | `bunfig.toml` (Bun), `playwright.config.ts` (E2E) |
| **Quick run command** | `bun test tests/middleware/auth.test.ts` |
| **Full suite command** | `bun test && bun run test:e2e` |
| **Estimated runtime** | ~30 seconds |
---
## Sampling Rate
- **After every task commit:** Run `bun test tests/middleware/auth.test.ts`
- **After every plan wave:** Run `bun test`
- **Before `/gsd:verify-work`:** Full suite must be green
- **Max feedback latency:** 30 seconds
---
## Per-Task Verification Map
| Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status |
|---------|------|------|-------------|-----------|-------------------|-------------|--------|
| 15-01-01 | 01 | 1 | AUTH-04 | integration | `docker compose -f docker-compose.dev.yml up -d && curl http://localhost:3001/oidc/.well-known/openid-configuration` | ❌ W0 | ⬜ pending |
| 15-02-01 | 02 | 1 | AUTH-03 | unit | `bun test tests/middleware/auth.test.ts` | ✅ (needs update) | ⬜ pending |
| 15-02-02 | 02 | 1 | AUTH-01 | manual | N/A (requires running Logto) | N/A | ⬜ pending |
| 15-02-03 | 02 | 1 | AUTH-02 | manual | N/A (requires running Logto) | N/A | ⬜ pending |
| 15-03-01 | 03 | 2 | AUTH-05 | e2e | `bun run test:e2e` | ✅ (needs update) | ⬜ pending |
*Status: ⬜ pending · ✅ green · ❌ red · ⚠️ flaky*
---
## Wave 0 Requirements
- [ ] Update `tests/middleware/auth.test.ts` — remove user/session tests, add OIDC session mock
- [ ] Update `tests/services/auth.service.test.ts` — remove user/session tests, keep API key tests
- [ ] Update `tests/routes/auth.test.ts` — update for new auth route structure
- [ ] Update `e2e/seed.ts` — remove users table insert, add API key seed
- [ ] Update `e2e/auth.spec.ts` — replace login form tests with redirect-based flow or API key auth
---
## Manual-Only Verifications
| Behavior | Requirement | Why Manual | Test Instructions |
|----------|-------------|------------|-------------------|
| User registers via Logto | AUTH-01 | Requires running Logto instance with UI interaction | Start docker-compose.dev.yml, navigate to /login, complete Logto registration, verify dashboard loads |
| User logs in via Logto | AUTH-02 | Requires running Logto instance with UI interaction | Start docker-compose.dev.yml, navigate to /login, complete Logto login, verify existing data visible |
---
## Validation Sign-Off
- [ ] All tasks have `<automated>` verify or Wave 0 dependencies
- [ ] Sampling continuity: no 3 consecutive tasks without automated verify
- [ ] Wave 0 covers all MISSING references
- [ ] No watch-mode flags
- [ ] Feedback latency < 30s
- [ ] `nyquist_compliant: true` set in frontmatter
**Approval:** pending
Reference in New Issue View Git Blame Copy Permalink