Test user login fails: keycloak-test-users.env has wrong usernames #249

New issue

Open

opened 2026-06-18 21:03:57 +00:00 by ldraney · 0 comments

ldraney commented 2026-06-18 21:03:57 +00:00

Owner

Copy link

Type

Bug

Lineage

Standalone — discovered during TestFlight onboarding session.

Repo

ldraney/landscaping-assistant

What Broke

Test user credentials in ~/secrets/landscaping-assistant/keycloak-test-users.env list short-form usernames (e.g. lucas-super-admin), but the actual Keycloak usernames are full email addresses (e.g. lucas-super-admin@test.landscaping.local). Login fails with "Invalid username or password."

Root cause: the landscaping realm has registrationEmailAsUsername = true, so when test users were created their email became their username. The secrets file was written with short-form names that don't exist in Keycloak.

Repro Steps

1. Go to https://landscaping-assistant.app
2. Click "Sign in"
3. Enter username lucas-super-admin and password Test1234!
4. Observe: "Invalid username or password."
5. Enter username lucas-super-admin@test.landscaping.local with same password
6. Observe: Login succeeds

Expected Behavior

Credentials documented in keycloak-test-users.env should work as-is without needing to know the @test.landscaping.local suffix.

Environment

• Cluster/namespace: prod
• Keycloak realm: landscaping (auth.palinks.app)
• Affected users: all 5 test users (lucas-super-admin, lucas-admin, lucas-lead, lucas-crew, lucas-client)

Acceptance Criteria

• All test users can log in using credentials from keycloak-test-users.env without modification
• keycloak-test-users.env documents the correct usernames
• No regression in production login flow

Related

• project-landscaping-assistant — project this affects
• docs/keycloak-setup.md — documents test users with short-form names

### Type Bug ### Lineage Standalone — discovered during TestFlight onboarding session. ### Repo `ldraney/landscaping-assistant` ### What Broke Test user credentials in `~/secrets/landscaping-assistant/keycloak-test-users.env` list short-form usernames (e.g. `lucas-super-admin`), but the actual Keycloak usernames are full email addresses (e.g. `lucas-super-admin@test.landscaping.local`). Login fails with "Invalid username or password." Root cause: the landscaping realm has `registrationEmailAsUsername = true`, so when test users were created their email became their username. The secrets file was written with short-form names that don't exist in Keycloak. ### Repro Steps 1. Go to https://landscaping-assistant.app 2. Click "Sign in" 3. Enter username `lucas-super-admin` and password `Test1234!` 4. Observe: "Invalid username or password." 5. Enter username `lucas-super-admin@test.landscaping.local` with same password 6. Observe: Login succeeds ### Expected Behavior Credentials documented in `keycloak-test-users.env` should work as-is without needing to know the `@test.landscaping.local` suffix. ### Environment - Cluster/namespace: prod - Keycloak realm: landscaping (auth.palinks.app) - Affected users: all 5 test users (lucas-super-admin, lucas-admin, lucas-lead, lucas-crew, lucas-client) ### Acceptance Criteria - [ ] All test users can log in using credentials from keycloak-test-users.env without modification - [ ] keycloak-test-users.env documents the correct usernames - [ ] No regression in production login flow ### Related - `project-landscaping-assistant` — project this affects - `docs/keycloak-setup.md` — documents test users with short-form names

ldraney referenced this issue 2026-06-18 21:13:13 +00:00

Add iOS pipeline and custom domain docs #250

ldraney referenced this issue 2026-06-18 21:14:43 +00:00

Add iOS pipeline and custom domain docs #250

ldraney referenced this issue 2026-06-18 21:17:03 +00:00

Add iOS pipeline and custom domain docs #250

ldraney referenced this issue 2026-06-18 21:19:14 +00:00

Add iOS pipeline and custom domain docs #250

ldraney referenced this issue 2026-06-18 21:49:56 +00:00

Add iOS pipeline and custom domain docs #250

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

docs/update-app-architecture

revert-213

move-other-crew-bottom-remove-schedule

feature/today-view-improvements

154-enable-assume-ssl

revert-145-person-icon

docs/user-stories-auth

docs/update-infra-pipeline-post-incident

fix-cache-step-blocking-deploy

fix-kaniko-registry-pull

deactivate-from-today

feature/quick-address-entry

No results found.

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

ldraney/landscaping-assistant#249

No description provided.