Skip to main content
QA Training
All Prompts
intermediate
Featured

Generate E2E Login Flow Tests

Comprehensive end-to-end tests for a login flow including valid credentials, invalid credentials, empty fields, MFA, and session persistence.

Who this is for

QA engineers and SDETs who need to automate login flow testing in Playwright, Cypress, or Selenium. Suitable for anyone from intermediate automation engineers to lead SDETs building a regression suite for an auth-critical application.

Prompt Template

You are a senior SDET specialising in test automation.

<context>
Framework: {{framework}} {{frameworkVersion}}
Application: {{appType}} ({{techStack}})
Authentication: {{authType}} (e.g., JWT, session cookies, OAuth)
</context>

Generate a complete E2E test suite for a login flow covering these exact scenarios:

<scenarios>
1. Valid credentials — successful login and redirect
2. Invalid password — error message display
3. Invalid email format — inline validation
4. Empty fields — required field validation
5. Account lockout after 5 failed attempts
6. Session persistence after page refresh
7. Logout flow and session invalidation
8. Token handling and refresh for {{authType}}
</scenarios>

<instructions>
Follow these strict constraints:
- Use Page Object Model pattern
- All selectors MUST use data-testid attributes
- No hard-coded waits — use explicit waits only
- Include beforeEach/afterEach cleanup
- Add descriptive test names following "should [behaviour] when [condition]"
- Handle network errors gracefully with proper assertions
</instructions>
Tags
login
authentication
e2e
session
mfa

How to use this prompt

  1. 1Copy the prompt using the Copy button above.
  2. 2Fill in the placeholders: {{framework}} (e.g. Playwright), {{frameworkVersion}} (e.g. >=1.44), {{appType}} (e.g. SaaS web app), {{techStack}} (e.g. Next.js + Supabase), {{authType}} (e.g. JWT).
  3. 3Paste into your AI assistant (ChatGPT, Claude, Gemini, or Copilot Chat).
  4. 4Review the generated Page Object Model structure and test file — confirm locator strategy matches your app's data-testid setup.
  5. 5Copy the test file into your repo and run it against a staging environment to verify coverage.

Example output

An 8-test Playwright suite using Page Object Model covering: valid login, invalid password, invalid email format, empty fields, account lockout after 5 failures, session persistence after refresh, full logout flow, and JWT token refresh — all with data-testid selectors and explicit waits only.

Limitations

  • Generated locators use data-testid by default — if your app uses aria-labels or CSS selectors, specify this in the appType placeholder for better results.
  • MFA test scenarios are generated as stubs — you'll need to integrate your auth provider's test credentials or stub the MFA flow in your test environment.
  • The prompt does not know your specific routing structure — check that redirect URLs in post-login assertions match your app's actual paths.

Frequently asked questions

Which frameworks work with this prompt?v

Playwright (TypeScript/JavaScript), Cypress, and Selenium WebDriver (Java, Python). Specify your framework in the {{framework}} placeholder and the AI will adjust the API syntax accordingly.

How do I test MFA if I can't automate the one-time code?v

Most auth providers offer a test mode or bypass token for automation. Alternatively, use a TOTP library (e.g. otplib) to generate codes programmatically, or stub the MFA verification endpoint in your staging environment.

Can I use this for OAuth / social login (Google, GitHub)?v

Yes — set {{authType}} to 'OAuth2 / Google Sign-In' and the prompt generates tests for the OAuth redirect flow, callback handling, and session creation. You'll need to stub the OAuth provider in your test environment to avoid real credentials.