Description
The project currently uses GitHub OAuth for authentication. However, this login method is inconvenient for automated testing because:
- In virtual/test environments, GitHub is not logged in
- Cannot automatically bypass OAuth authorization flow
- Test accounts need a way to access the main application without manual OAuth
We need a solution to allow test accounts to log in through an alternative mechanism in test environments.
Technical Approach
Environment Variable + Test Token Injection
Core idea: Inject a test JWT token via environment variable, bypassing OAuth in test environments.
- Extend
AuthService: Read token from environment variable BRICKS_TEST_TOKEN first
- Add
isTestMode(): Detect if running in test environment
- Adapt
LoginScreen: Show quick login entry in test mode
- Run command:
flutter test --dart-define=BRICKS_TEST_TOKEN=xxx
Security Considerations
- Test tokens should have limited permissions/validity
isTestMode() check ensures test logic won't trigger in production- Test tokens should be rotated regularly, not hardcoded
Acceptance Criteria
Related
- Thread: 1488041850974765056
Description
The project currently uses GitHub OAuth for authentication. However, this login method is inconvenient for automated testing because:
We need a solution to allow test accounts to log in through an alternative mechanism in test environments.
Technical Approach
Environment Variable + Test Token Injection
Core idea: Inject a test JWT token via environment variable, bypassing OAuth in test environments.
AuthService: Read token from environment variableBRICKS_TEST_TOKENfirstisTestMode(): Detect if running in test environmentLoginScreen: Show quick login entry in test modeflutter test --dart-define=BRICKS_TEST_TOKEN=xxxSecurity Considerations
isTestMode()check ensures test logic won't trigger in productionAcceptance Criteria
AuthServicesupports reading test token from environment variableisTestMode()method correctly detects test environmentLoginScreencan skip OAuth in test mode--dart-defineRelated