- Refactored `useIsAuthenticated` and `useCurrentUser` to use `useAuth` from `AuthContext` instead of `useAuthStore`.
- Updated test setups to inject `AuthProvider` with mocked store hooks for improved test isolation and consistency.
- Replaced legacy `useAuthStore` mocks with `AuthContext`-compatible implementations in affected tests.
- Remove redundant unit tests for `PasswordChangeForm` that rely on `isDirty` state handling, as this functionality is now covered by E2E Playwright tests.
- Add `/* istanbul ignore next */` comments to exclude untestable code paths related to form submission and `isDirty` state.
- Implement comprehensive tests for `ProfileSettingsForm`, `PasswordChangeForm`, and `SessionCard` components to validate rendering, interactions, and state handling.
- Add tests for session management hooks (`useSession`, `useRevokeSession`, and `useRevokeAllOtherSessions`) to verify logic and API integration.
- Ensure coverage of edge cases, error handling, and success callbacks across all new tests.
- Implement `ProfileSettingsForm` and `PasswordChangeForm` components to manage user profile and password updates.
- Add `SessionCard` for session management and related API hooks (`useSession`).
- Update settings page tests to include user state mock and React Query provider for better test reliability.
- Enhance `PasswordSettingsPage` and `ProfileSettingsPage` tests to verify component rendering and user interaction.
- Improve API hook structure with dedicated hooks for session and user profile management.
- Wrap `console.log` calls in `if (process.env.NODE_ENV === 'development')` to prevent production logs in `forms/page.tsx`.
- Refactor token refresh logic by relying solely on the `refreshPromise` to avoid race conditions.
- Remove outdated `isRefreshing` flag, utilizing `refreshPromise` as the primary lock.
- Update comments in `IMPLEMENTATION_PLAN.md` to reflect the current progress and eliminate redundant sections.
- Introduced smoke tests for Login, Register, Password Reset, Password Reset Confirm, and Settings pages.
- Enhanced test coverage for all dynamic imports using mocks and added Jest exclusions for non-testable Next.js files.
- Added component-specific test files for better structure and maintainability.
- Improved test isolation by mocking navigation, providers, and rendering contexts.
- Added tests to validate `ThemeProvider` updates resolved theme on system preference changes and ignores changes for non-system themes.
- Introduced tests to ensure `authStore` gracefully handles invalid tokens, storage errors, and logs errors appropriately during authentication state transitions.
- Improved test coverage by adding defensive error handling cases and refining token validation logic.
- Introduced `useFormError.test.tsx` to validate error handling, server error integration, and form behavior.
- Added `FormField.test.tsx`, covering rendering, accessibility, error handling, and prop forwarding.
- Updated Jest coverage exclusions to include `middleware.ts` (no logic to test).
- Enhance `AuthGuard` tests with 150ms delay skeleton rendering.
- Add new test files: `Skeletons.test.tsx` to validate skeleton components and `admin/page.test.tsx` for admin dashboard.
- Refactor `AuthGuard` tests to utilize `jest.useFakeTimers` for delay simulation.
- Improve coverage for loading states, fallback behavior, and rendering logic.
- **ThemeToggle:** Introduce comprehensive tests to validate button functionality, dropdown options, and active theme indicators.
- **ThemeProvider:** Add tests for theme management, localStorage persistence, system preferences, and DOM updates.
- **Header & Footer:** Verify header rendering, user menu functionality, and footer content consistency.
- **AuthInitializer:** Ensure authentication state is correctly loaded from storage on mount.
- Extracted password reset logic into `PasswordResetConfirmContent` wrapped in `Suspense` for cleaner and more modular component structure.
- Updated ESLint config to ignore generated files and added rules for stricter code quality (`eslint-comments`, `@typescript-eslint` adjustments).
- Automated insertion of `eslint-disable` in auto-generated TypeScript files through `generate-api-client.sh`.
- Replaced unsafe `any` type casts with safer `Record<string, unknown>` type assertions for TypeScript compliance.
- Added `lint:tests` script for pre-commit test coverage checks.
- Improved `useAuth` hooks and related type guards for better runtime safety and maintainability.
- Introduced comprehensive tests for `RegisterForm`, `PasswordResetRequestForm`, and `PasswordResetConfirmForm` covering successful submissions, validation errors, and API error handling.
- Refactored forms to handle unexpected errors gracefully and improve test coverage for edge cases.
- Updated `crypto` and `storage` modules with robust error handling for storage issues and encryption key management.
- Removed unused `axios-mock-adapter` dependency for cleaner dependency management.
- Migrated `useAuth` hooks to use functions from auto-generated API client for improved maintainability and OpenAPI compliance.
- Replaced manual API calls with SDK functions (`login`, `register`, `logout`, etc.) and added error type guards for runtime safety (`isTokenWithUser`, `isSuccessResponse`).
- Enhanced hooks with better error logging, optional success callbacks, and stricter type annotations.
- Refactored `Logout` and `LogoutAll` mutations to handle missing tokens gracefully and clear local state on server failure.
- Added tests for API type guards and updated functionality of hooks to validate proper behaviors.
- Removed legacy `client-config.ts` to align with new API client utilization.
- Improved inline documentation for hooks with detailed descriptions and usage guidance.
- Implemented comprehensive tests for `useAuth` hooks (`useIsAuthenticated`, `useCurrentUser`, and `useIsAdmin`) with mock states and coverage for edge cases.
- Added tests for `AuthGuard` to validate route protection, admin access control, loading states, and use of fallback components.
- Updated `.gitignore` to exclude `coverage.json`.
- Implemented `PasswordResetRequestForm` and `PasswordResetConfirmForm` components with email and password validation, strength indicators, and error handling.
- Added dedicated pages for requesting and confirming password resets, integrated with React Query hooks and Next.js API routes.
- Included tests for validation rules, UI states, and token handling to ensure proper functionality and coverage.
- Updated ESLint and configuration files for new components and pages.
- Enhanced `IMPLEMENTATION_PLAN.md` with updated task details and documentation for password reset workflows.
- Integrated OpenAPI-generated TypeScript SDK (`sdk.gen.ts`, `types.gen.ts`, `client.gen.ts`) for API interactions.
- Refactored `authStore` tests to include storage mock reset logic with default implementations.
- Deleted legacy `config` module and replaced its usage with the new runtime-validated `app.config`.
- Removed old custom Axios `apiClient` with outdated token refresh logic.
- Cleaned up redundant crypto-related mocks in storage tests and replaced them with real encryption/decryption during testing.
- Updated Jest coverage exclusions to reflect the new file structure and generated client usage.
- Introduced Web Crypto API polyfills (`@peculiar/webcrypto`) for Node.js to enable SSR-safe cryptography utilities.
- Added Jest setup file for global mocks (e.g., `localStorage`, `sessionStorage`, and `TextEncoder/Decoder`).
- Enhanced token validation behavior in `storage` tests to reject incomplete tokens.
- Replaced runtime configuration validation with clamping using `parseIntSafe` constraints for improved reliability.
- Updated `package.json` and `package-lock.json` to include new dependencies (`@peculiar/webcrypto` and related libraries).
- Removed outdated `crypto` tests; added dedicated and structured tests for `authStore`, `storage`, and `app.config`.
- Enhanced test coverage for user and token validation, secure persistence, state management, and configuration parsing.
- Consolidated encryption and storage error handling with thorough validation to ensure SSR-safety and resilience.
- Improved runtime validations for tokens and configuration with stricter type checks and fallback mechanisms.
