test(e2e): Update tests to handle untrusted password on sign-in (#7345)

octoper · octoper · commit d473b529652b · 2025-12-03T17:19:43.000+02:00
diff --git a/.changeset/funny-crabs-crash.md b/.changeset/funny-crabs-crash.md
@@ -0,0 +1,3 @@
+---
+
+---
diff --git a/integration/tests/session-tasks-sign-in-reset-password.test.ts b/integration/tests/session-tasks-sign-in-reset-password.test.ts
@@ -1,4 +1,4 @@
-import { test } from '@playwright/test';
+import { expect, test } from '@playwright/test';
 
 import { hash } from '../models/helpers';
 import { appConfigs } from '../presets';
@@ -28,6 +28,13 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword
       await u.po.signIn.setPassword(user.password);
       await u.po.signIn.continue();
 
+      await expect(
+        u.page.getByText(
+          "Your password appears to have been compromised or it's no longer trusted and cannot be used. Please use another method to continue.",
+        ),
+      ).toBeVisible();
+      await u.po.signIn.getAltMethodsEmailCodeButton().click();
+
       await u.page.getByRole('textbox', { name: 'code' }).click();
       await u.page.keyboard.type('424242', { delay: 100 });
 
@@ -62,7 +69,8 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword
       await u.services.users.passwordUntrusted(createdUser.id);
       const fakeOrganization = u.services.organizations.createFakeOrganization();
       await u.services.organizations.createBapiOrganization({
-        ...fakeOrganization,
+        name: fakeOrganization.name,
+        slug: fakeOrganization.slug + Date.now().toString(),
         createdBy: createdUser.id,
       });
 
@@ -73,9 +81,15 @@ testAgainstRunningApps({ withEnv: [appConfigs.envs.withSessionTasksResetPassword
       await u.po.signIn.setPassword(user.password);
       await u.po.signIn.continue();
 
-      await u.page.getByRole('textbox', { name: 'code' }).fill('424242');
+      await expect(
+        u.page.getByText(
+          "Your password appears to have been compromised or it's no longer trusted and cannot be used. Please use another method to continue.",
+        ),
+      ).toBeVisible();
+      await u.po.signIn.getAltMethodsEmailCodeButton().click();
 
-      await u.po.expect.toBeSignedIn();
+      await u.page.getByRole('textbox', { name: 'code' }).click();
+      await u.page.keyboard.type('424242', { delay: 100 });
 
       // Redirects back to tasks when accessing protected route by `auth.protect`
       await u.page.goToRelative('/page-protected');
