Cognito live testing
Shared test account credentials live in villa_backend_sdk/testing/cognito_test_account.json (safe to commit).
| Field | Value |
|---|---|
| Username | villa-sdk-test@villamarket.dev |
| Password | VillaSdkTest2026! |
| User pool | villaMembers2 (ap-southeast-1_bul3MgmNE) |
| App client | villa-backend-sdk-dev |
How integration tests authenticate
Integration tests log in once per session via tests/integration/conftest.py:
1. Try login() with the fixture credentials
2. If that fails, call public SignUp (same as a real app user — **no IAM admin**)
3. Attach the Cognito **ID token** as Authorization: Bearer … on all HTTP calls
Unit tests stay fully mocked. Integration tests that use integration_client always carry a JWT.
Prerequisites
1. App client has **Username and password** enabled (ALLOW_USER_PASSWORD_AUTH).
2. Self-registration enabled on the user pool (not admin-only).
3. VILLA_COGNITO_CLIENT_SECRET is the value from **Show client secret** — not the Client Secret ID.
Set env vars locally (.env) or in Cursor Secrets / GitHub Actions.
Confirm the test user (one-time)
After SignUp, Cognito sends a verification email. For the shared test account, confirm once in the AWS Console:
**Cognito → villaMembers2 → Users → villa-sdk-test@villamarket.dev → Confirm user**
App users confirm via email code using client.auth.confirm_sign_up(username, code).
Register or verify the test user
python3 scripts/provision_cognito_test_user.py
python3 scripts/smoke_test_cognito_login.pyprovision_cognito_test_user.py uses the SDK SignUp API — the same path your chat app users would take.
Run integration tests
set -a && source .env && set +a
pytest tests/integration -m integration -vIf the user registers but email confirmation is required, confirm the account once or enable auto-confirm on the dev pool.