Authentication - Frontend Manual Test Cases

Test Environment: http://localhost:4200 [or test server URL] Tester: _______________ Date: _______________

Prerequisites

Backend server running on http://localhost:5000
Frontend running on http://localhost:4200
Test accounts available (see Test Data section)
Modern browser (Chrome recommended)

Test Data

Role	Email	Password
Admin (Tenant Administrator)	`tn@thaiscada.com` [or your admin email]	`Test1234*` [or your password]
Contractor	`safety-contractor1-0@outlook.com` [or your contractor email]	`Test1234*` [or your password]
Multi-role User	(user with multiple roles assigned)

Test Summary

Category	Total	Dev
1. Login	6	6
2. Logout	2	2
3. Forgot Password	3	3
4. Session Expiry	2	2
Total	13	13

Precondition: User is logged out, browser cache cleared

Step	Action	Expected Result	Dev	QA
1	Open browser and navigate to `http://localhost:4200`	Redirected to login page (`/auth/login`)	✅	[ ]
2	Verify login form is displayed	Form shows "อีเมล" (Email) and "รหัสผ่าน" (Password) fields	✅	[ ]
3	Enter email: `tn@thaiscada.com` [or your admin email]	Email field accepts input	✅	[ ]
4	Enter password: `Test1234*` [or your password]	Password field shows masked characters	✅	[ ]
5	Click "เข้าสู่ระบบ" (Login) button	Loading spinner appears on button	✅	[ ]
6	Wait for authentication	Redirected to `/tools/settings/employer` (admin default page)	✅	[ ]
7	Verify user is logged in	User menu in header shows user name	✅	[ ]

[Screenshot: Login form with filled credentials] [Screenshot: Dashboard after successful login]

Notes: _______________

Precondition: User is logged out

Step	Action	Expected Result	Dev	QA
1	Navigate to login page	Login form displayed	✅	[ ]
2	Enter email: `safety-contractor1-0@outlook.com` [or your contractor email]	Email field accepts input	✅	[ ]
3	Enter password: `Test1234*` [or your password]	Password field shows masked characters	✅	[ ]
4	Click "เข้าสู่ระบบ" (Login) button	Loading spinner appears	✅	[ ]
5	Wait for authentication	Redirected to `/tasks/my-tasks` (contractor default page)	✅	[ ]

[Screenshot: Contractor dashboard]

Notes: _______________

Precondition: User is on login page

Step	Action	Expected Result	Dev	QA
1	Enter email: `invalid-email` (no @ symbol)	Email field accepts input	✅	[ ]
2	Enter password: `Test1234*`	Password field accepts input	✅	[ ]
3	Click "เข้าสู่ระบบ" (Login) button	Form validation error displayed	✅	[ ]
4	Verify error message	Email field shows validation error (red border/message)	✅	[ ]

[Screenshot: Email validation error]

Notes: _______________

Precondition: User is on login page

Step	Action	Expected Result	Dev	QA
1	Enter email: `tn@thaiscada.com` [or valid email]	Email field accepts input	✅	[ ]
2	Enter password: `WrongPassword123`	Password field accepts input	✅	[ ]
3	Click "เข้าสู่ระบบ" (Login) button	Loading spinner appears, then stops	✅	[ ]
4	Verify error feedback	Error snackbar or dialog appears with authentication error	✅	[ ]
5	Verify still on login page	Login form still displayed, not redirected	✅	[ ]

[Screenshot: Login error message]

Notes: _______________

Precondition: User is on login page

Step	Action	Expected Result	Dev	QA
1	Enter email: `nonexistent@example.com`	Email field accepts input	✅	[ ]
2	Enter password: `AnyPassword123`	Password field accepts input	✅	[ ]
3	Click "เข้าสู่ระบบ" (Login) button	Loading spinner appears, then stops	✅	[ ]
4	Verify error feedback	Error message indicates authentication failed	✅	[ ]

[Screenshot: Non-existent account error]

Notes: _______________

Precondition: User is on login page

Step	Action	Expected Result	Dev	QA
1	Leave email field empty	Field is empty	✅	[ ]
2	Leave password field empty	Field is empty	✅	[ ]
3	Click "เข้าสู่ระบบ" (Login) button	Form validation triggers	✅	[ ]
4	Verify email field error	Email field shows required error	✅	[ ]
5	Verify password field error	Password field shows required error	✅	[ ]
6	Enter only email, leave password empty		✅	[ ]
7	Click login button	Password field shows required error	✅	[ ]

[Screenshot: Empty field validation errors]

Notes: _______________

2. Logout Tests

TC-AUTH-007: Logout from dashboard

Precondition: User is logged in as admin

Step	Action	Expected Result	Dev	QA
1	Verify user is logged in	User menu visible in header/sidebar	✅	[ ]
2	Click user menu or profile icon	Dropdown menu appears	✅	[ ]
3	Click "ออกจากระบบ" (Logout) option	Logout action triggered	✅	[ ]
4	Wait for logout to complete	Redirected to login page	✅	[ ]
5	Verify login page displayed	Login form visible at `/auth/login`	✅	[ ]

[Screenshot: User menu with logout option] [Screenshot: Login page after logout]

Notes: _______________

TC-AUTH-008: Verify session cleared after logout

Precondition: User just logged out (after TC-AUTH-007)

Step	Action	Expected Result	Dev	QA
1	After logout, click browser back button	Should NOT return to authenticated page	✅	[ ]
2	Try to navigate directly to `/tools/settings/employer`	Redirected to login page	✅	[ ]
3	Open browser developer tools (F12)	DevTools opens	✅	[ ]
4	Check Application > Local Storage	`role` and `organization` keys should be cleared	✅	[ ]
5	Refresh the page	Should remain on login page	✅	[ ]

[Screenshot: DevTools showing cleared storage]

Notes: _______________

3. Forgot Password Tests

TC-AUTH-009: Open forgot password dialog

Precondition: User is on login page

Step	Action	Expected Result	Dev	QA
1	Locate "ลืมรหัสผ่าน?" (Forgot Password?) link	Link visible below login form	✅	[ ]
2	Click "ลืมรหัสผ่าน?" link	Dialog/modal opens	✅	[ ]
3	Verify dialog content	Dialog shows email input field and submit button	✅	[ ]
4	Click outside dialog or close button	Dialog closes, returns to login form	✅	[ ]

[Screenshot: Forgot password dialog]

Notes: _______________

TC-AUTH-010: Submit valid email for password reset

Precondition: Forgot password dialog is open

Step	Action	Expected Result	Dev	QA
1	Open forgot password dialog	Dialog displayed	✅	[ ]
2	Enter email: `tn@thaiscada.com` [or valid email]	Email field accepts input	✅	[ ]
3	Click "ตกลง" (OK) or submit button	Loading indicator appears	✅	[ ]
4	Wait for response	Success dialog/message appears	✅	[ ]
5	Verify success message	Message indicates email was sent with reset instructions	✅	[ ]
6	Close success dialog	Returns to login page	✅	[ ]

[Screenshot: Password reset success message]

Notes: Check email inbox for actual reset link (optional verification)

TC-AUTH-011: Submit invalid email format in forgot password

Precondition: Forgot password dialog is open

Step	Action	Expected Result	Dev	QA
1	Open forgot password dialog	Dialog displayed	✅	[ ]
2	Enter email: `invalid-email` (no @ symbol)	Email field accepts input	✅	[ ]
3	Click submit button	Form validation triggers	✅	[ ]
4	Verify validation error	Email field shows validation error	✅	[ ]
5	Leave email empty and click submit	Required field error appears	✅	[ ]

[Screenshot: Forgot password validation error]

Notes: _______________

4. Session Expiry Tests

TC-AUTH-014: Re-authentication dialog appears on token expiry

Precondition: User is logged in, session has expired or token refresh failed

Step	Action	Expected Result	Dev	QA
1	Login and wait for session to expire (or manually invalidate token)	Session expires	✅	[ ]
2	Perform an action that requires API call	API call triggers	✅	[ ]
3	Verify re-authentication dialog appears	Non-dismissible dialog with email/password fields	✅	[ ]
4	Enter valid credentials	Credentials accepted	✅	[ ]
5	Click re-authenticate button	Dialog closes, original action completes	✅	[ ]

[Screenshot: Re-authentication dialog]

Notes: To test this, you may need to: (1) wait for token expiry, (2) manually clear cookies in DevTools, or (3) restart backend server

Precondition: Re-authentication dialog is displayed

Step	Action	Expected Result	Dev	QA
1	When re-auth dialog appears, click "ยกเลิก" (Cancel) button	Cancel action triggered	✅	[ ]
2	Verify redirect	Redirected to login page (`/auth`)	✅	[ ]
3	Verify session cleared	Must re-login to access application	✅	[ ]

[Screenshot: Login page after cancel]

Notes: _______________

Test Execution Notes

Tester Comments:

Issues Found:

Issue ID	Test Case	Description	Severity

Sign-off:

Role	Name	Date	Signature
Tester
Reviewer

Prerequisites​

Test Data​

Test Summary​

1. Login Tests​

TC-AUTH-001: Login with valid admin credentials​

TC-AUTH-002: Login with valid contractor credentials​

TC-AUTH-003: Login with invalid email format​

TC-AUTH-004: Login with wrong password​

TC-AUTH-005: Login with non-existent account​

TC-AUTH-006: Login form validation (empty fields)​

2. Logout Tests​

TC-AUTH-007: Logout from dashboard​

TC-AUTH-008: Verify session cleared after logout​

3. Forgot Password Tests​

TC-AUTH-009: Open forgot password dialog​

TC-AUTH-010: Submit valid email for password reset​

TC-AUTH-011: Submit invalid email format in forgot password​

4. Session Expiry Tests​

TC-AUTH-014: Re-authentication dialog appears on token expiry​

TC-AUTH-015: Cancel re-auth redirects to login​

Test Execution Notes​

Prerequisites

Test Data

Test Summary

1. Login Tests

TC-AUTH-001: Login with valid admin credentials

TC-AUTH-002: Login with valid contractor credentials

TC-AUTH-003: Login with invalid email format

TC-AUTH-004: Login with wrong password

TC-AUTH-005: Login with non-existent account

TC-AUTH-006: Login form validation (empty fields)

2. Logout Tests

TC-AUTH-007: Logout from dashboard

TC-AUTH-008: Verify session cleared after logout

3. Forgot Password Tests

TC-AUTH-009: Open forgot password dialog

TC-AUTH-010: Submit valid email for password reset

TC-AUTH-011: Submit invalid email format in forgot password

4. Session Expiry Tests

TC-AUTH-014: Re-authentication dialog appears on token expiry

TC-AUTH-015: Cancel re-auth redirects to login

Test Execution Notes