Ah, just realized something... even though the credentials are being
checked, I haven't verified that the HTTP response when they're
invalid or for an unknown user are the same as what I'm using in the
test. That should be done before this branch is merged.
Ah, just realized something... even though the credentials are being
checked, I haven't verified that the HTTP response when they're
invalid or for an unknown user are the same as what I'm using in the
test. That should be done before this branch is merged.