It would be great to have full coverage of the authentication system.
Some pieces to cover:
- User login & logout (including destruction of session on logout)
- User impersonation
- Throttling, activation requirements, banning / deleted accounts (soft deletes)
- Permission inheritance
- User registration
- System roles access
It would be great to have full coverage of the authentication system.
Some pieces to cover: