Skip to content

auth.md

Latest commit

 

History

History
68 lines (51 loc) · 3 KB

auth.md

File metadata and controls

68 lines (51 loc) · 3 KB
Raw

QA: Authentication — LangGraph (Python)

Prerequisites

  • Demo deployed and accessible at /demos/auth
  • Railway service showcase-langgraph-python healthy
  • OPENAI_API_KEY set on Railway

Test Steps

1. Initial authenticated state

  • Navigate to /demos/auth
  • Verify the banner is visible with a green/success appearance (data-testid="auth-banner", data-authenticated="true")
  • Verify auth-status text reads "✓ Signed in as demo user"
  • Verify the "Sign out" button is visible and enabled (data-testid="auth-sign-out-button")
  • Verify the "Sign in" button is NOT present
  • Verify is mounted below the banner
  • Verify no auth-demo-error surface is shown (data-testid="auth-demo-error" absent)
  • Verify no console errors on page load (the /info handshake should succeed)

2. Authenticated send → assistant response

  • Type "Hello" and click send
  • Within 30 seconds, an assistant response is rendered in the transcript
  • No auth-demo-error surface appears

3. Sign out flips the banner and surfaces 401 without crashing

  • Click "Sign out"
  • Within 1 second, the banner flips to amber/warning appearance (data-authenticated="false")
  • Verify auth-status text reads "⚠ Signed out — the agent will reject your messages until you sign in."
  • Verify the "Sign in" button is visible (data-testid="auth-authenticate-button")
  • Verify the "Sign out" button is no longer present
  • Type "Hello again" and click send
  • Within 15 seconds, the page-level error surface appears:
    • data-testid="auth-demo-error" visible with text containing "401" and/or "Unauthorized"
  • Verify the banner is STILL visible — the page must not white-screen
  • Verify no assistant response appears for the unauthenticated send

4. Sign in clears the error and restores sends

  • Click "Sign in"
  • Within 1 second, the banner flips back to green (data-authenticated="true")
  • Verify the auth-demo-error surface is cleared
  • Type "Hello" and click send
  • Within 30 seconds, an assistant response is rendered

5. Refresh resets state to authenticated

  • Hard-reload the page
  • Banner is green on first render (default state is authenticated; state does NOT persist)
  • No error surface on first render

6. Error Handling

  • With DevTools Network panel blocking /api/copilotkit-auth, send a message while authenticated
  • Verify a network-level error surfaces cleanly (no uncaught promise rejection in console)
  • Restore network; verify sends work again without a page reload

Expected Results

  • Page loads authenticated by default — no 401 crash on initial /info fetch
  • Banner state flips within 1s of Sign out / Sign in clicks
  • Post-sign-out sends produce a visible 401 error within 15s via auth-demo-error
  • Page never white-screens after sign out — banner and composer remain mounted
  • Authenticated sends produce an assistant response within 30s
  • Refresh fully resets auth state (back to authenticated)