Auth Flow QA
0/5 steps0%

Step 3 of 5

Test the session lifecycle

Sessions are where fake auth dies - test persistence hard.

First time here? Paste the Context Pack first so the AI understands your project - open it from the header above.

Prompt Capsule
Execute session tests: refresh on a protected page (session persists, no logged-out flash); close and reopen the tab (persists); logout (session fully cleared - verify by trying a protected API call after); back button after logout (no protected content from cache); two browsers/sessions simultaneously (both work independently); token/session tampering (edit the stored token - app must reject and recover cleanly, not crash).
Paste into EmergentFull Build: complete implementation prompt with explicit requirements

Quick is short. Full Build is recommended for most steps. Strict forces real logic when the AI keeps faking output.

Actual change check

Expected after this step

An executed session lifecycle table including tamper and back-button checks.

Should NOT happen

  • An existing feature broke
  • A button only logs to console
  • Data disappears after refresh
  • Errors fail silently with no visible state

This is what should exist before you continue. If reality does not match, do not move on.

Track what changed, failed, or needs follow-up. Notes export with the flow.

Made with Emergent