HSNAKDValidation Labhakdogan.com

Pillar 02 · Scenario Area

Real-world end-to-end flows that map to a Jira-shaped story

Each scenario carries the artefacts a hiring manager actually inspects: user story, acceptance criteria, manual steps, expected outcome, bug-risk inventory, and a copy-pasteable Playwright spec.

Authentication

Login, registration, OTP, password recovery, session expiry — the front door of every product.

Authentication

Valid login

Demo credentials happy path that lands on the dashboard with a personalized welcome.

Email + password fields accept valid inputSubmit fires a single auth call (no double clicks)

Open scenario →

Authentication

Invalid login

Negative path: wrong password surfaces a stable, accessible error message.

Submitting wrong password shows an inline errorError copy is stable text usable for assertions

Open scenario →

Authentication

Forgot password

Email submission triggers a reset confirmation; rate limit prevents spam.

Email field validates format before submittingSuccessful submission reveals confirmation copy

Open scenario →

Authentication

OTP verification

Six-digit code modal validates length, supports paste, and rejects expired codes.

Six independent inputs auto-advance focus on each digitPasting a 6-digit value distributes across all inputs

Open scenario →

Authentication

Session timeout

Idle session expires, prompting the user to sign in again without losing the route they were on.

After idle expiry, all authed routes redirect to /loginThe intended path is preserved as ?next=/wallet

Open scenario →

E-Commerce

Cart, checkout, promo codes — money-moving flows where flakiness costs revenue.

E-Commerce

Add to cart

Adding a product updates the badge counter and opens the mini-cart drawer.

Cart badge increments by 1 per clickMini-cart drawer opens with the product line

Open scenario →

E-Commerce

Remove from cart

Removing the last item empties the cart and disables checkout.

Trash icon removes the lineCart total recomputes

Open scenario →

E-Commerce

Checkout

Three-step checkout: shipping → payment → review with Place Order side effects.

Each step requires its mandatory fieldsStepper allows backward navigation but not forward skip

Open scenario →

E-Commerce

Promo code validation

Coupon engine accepts QA20, rejects EXPIRED, and ignores invalid casing differences.

QA20 reduces total by 20%Codes are case-insensitive

Open scenario →

Wallet & Fintech

Deposits, withdrawals, currency, pending state — precision-critical UI that must never round wrong.

Wallet & Fintech

Deposit validation

Deposit field rejects negatives, more than 2 decimal places, and amounts above the per-tx cap.

Negative amounts are blockedMore than 2 decimal places are blocked

Open scenario →

Wallet & Fintech

Withdraw limits

Daily withdraw cap blocks the next request once the rolling window is exhausted.

Withdrawals up to $5,000/day succeedBeyond the cap, the API returns a 403 with reason 'limit_reached'

Open scenario →

Wallet & Fintech

Currency switch

Switching currency re-formats balances and disables fiat-only actions for crypto rails.

All balances re-format on switchDecimal precision differs by currency (USD=2, BTC=8)

Open scenario →

Wallet & Fintech

Pending transactions

Pending row remains in the ledger with a spinner until settlement, then transitions to posted.

Pending row has a clock icon + 'Pending' chipOn settlement, chip flips to 'Posted' with a green dot

Open scenario →

Admin Panel

Search, filter, export, RBAC — back-office surfaces where bugs become incidents.

Admin Panel

User search

Debounced search filters the table and preserves the active filter when paginating.

Search debounces to 250msFilter persists across page navigation

Open scenario →

Admin Panel

Table filters

Compound filter (role + status) narrows the data set and reflects the chip count.

Multiple filters apply with AND semanticsChips render for each active filter

Open scenario →

Admin Panel

Export CSV

CSV export streams the active filter set, not the entire table, and uses a stable filename.

CSV reflects the active filter setFilename matches /^validation-lab-users-\d{8}.csv$/

Open scenario →

Admin Panel

Role permissions

Non-admins receive a 403-style empty state on /admin; the route does not even render the data shell.

Non-admins see a 'Insufficient role' stateNo admin API calls are made for non-admins

Open scenario →

Advanced

Network interception, retries, races — the proof points that separate seniors from juniors.

Advanced

Network interception

page.route fulfils a deterministic balance so the wallet UI is decoupled from any backend.

Mock is set up before navigationNetwork panel shows route.fulfill

Open scenario →

Advanced

API error fallback

When the ledger returns 500, the UI shows a stable error surface without crashing the route.

500 response renders an error regionApp shell + nav remain visible

Open scenario →

Advanced

Retry flow

First attempt 500s, second attempt succeeds — UI must reach the success state without a manual reload.

First call returns 500Second call returns 200

Open scenario →

Advanced

Slow backend handling

A 3-second backend delay must show a skeleton state, not a blank page; user input must not be lost.

Skeleton appears within 100msForm state is preserved during the wait

Open scenario →

Advanced

Race conditions

Two rapid filter changes must commit only the latest result — not the slower-arriving prior request.

Latest request wins regardless of arrival orderSpinner reflects the latest in-flight request

Open scenario →