Auth Flow QA
Dedicated auth testing: signup, login, sessions, guards, reset, and the edge cases that expose fake auth.
The Route
0/5 verifiedTest the signup surface
Account creation is the front door - test it including the ugly inputs.
Test the login surface
Login must pass friends and stop strangers - test both.
Test the session lifecycle
Sessions are where fake auth dies - test persistence hard.
Test guards at both layers
Routes and APIs must both reject the logged-out - verify by attack.
Test recovery and close
Reset flows and the final edge sweep complete the audit.
Context Pack
Paste this first. It briefs the AI on requirements, constraints, and the Definition of Done before your first build prompt.
Paste this into your AI builder first. It teaches the AI what you want before you give it the build prompt.
Related routes
More QA flows that share ground with this one.
Security Basics Review
The essential security pass for AI-built apps: secrets, auth enforcement, input handling, and data exposure.
+2 more steps to Done
Best forproduction-grade builds with strict verification
Evidence Checklist
Prove your app works with evidence: build a claim-by-claim verification pack with receipts.
+2 more steps to Done
Best foryour first pass at this - no prior setup assumed
Mobile QA Checklist
A rigorous mobile QA pass: layouts, touch, keyboards, and the full core journey on phone-sized screens.
+2 more steps to Done
Best foryour first pass at this - no prior setup assumed