@jskit-ai/auth-web 0.1.9 → 0.1.11

package/src/client/views/DefaultLoginView.vue

@@ -12,7 +12,7 @@
             <v-chip color="primary" size="small" label>Secure</v-chip>
           </div>
 
-          <div v-if="!isForgot && !isOtp" class="mode-switch d-flex ga-2 pa-1 mb-5">
+          <div v-if="!isForgot && !isOtp && !isEmailConfirmationPending" class="mode-switch d-flex ga-2 pa-1 mb-5">
             <v-btn
               data-testid="auth-mode-sign-in"
               class="text-none"
@@ -35,140 +35,166 @@
           </div>
 
           <v-form @submit.prevent="submitAuth" novalidate>
-            <div
-              v-if="showRememberedAccount"
-              class="remembered-account d-flex align-center justify-space-between ga-3 mb-4"
-            >
-              <div class="remembered-copy flex-grow-1">
-                <p class="remembered-title">Welcome back, {{ rememberedAccountDisplayName }}</p>
-                <p class="remembered-email">{{ rememberedAccountMaskedEmail }}</p>
+            <template v-if="isEmailConfirmationPending">
+              <div class="email-confirmation-state mb-5">
+                <p class="email-confirmation-message mb-0">
+                  {{ emailConfirmationMessage }}
+                </p>
               </div>
-              <v-btn variant="text" color="secondary" class="text-none" @click="switchAccount">
-                {{ rememberedAccountSwitchLabel }}
-              </v-btn>
-            </div>
-
-            <v-text-field
-              v-model="email"
-              label="Email"
-              variant="outlined"
-              density="comfortable"
-              type="email"
-              autocomplete="email"
-              :error-messages="emailErrorMessages"
-              @blur="emailTouched = true"
-              class="mb-3"
-            />
-
-            <v-text-field
-              v-if="!isForgot && !isOtp"
-              v-model="password"
-              label="Password"
-              :type="showPassword ? 'text' : 'password'"
-              variant="outlined"
-              density="comfortable"
-              :autocomplete="isRegister ? 'new-password' : 'current-password'"
-              :error-messages="passwordErrorMessages"
-              :append-inner-icon="showPassword ? '$eyeOff' : '$eye'"
-              @click:append-inner="showPassword = !showPassword"
-              @blur="passwordTouched = true"
-              class="mb-3"
-            />
-
-            <v-text-field
-              v-if="isRegister"
-              v-model="confirmPassword"
-              label="Confirm password"
-              :type="showConfirmPassword ? 'text' : 'password'"
-              variant="outlined"
-              density="comfortable"
-              autocomplete="new-password"
-              :error-messages="confirmPasswordErrorMessages"
-              :append-inner-icon="showConfirmPassword ? '$eyeOff' : '$eye'"
-              @click:append-inner="showConfirmPassword = !showConfirmPassword"
-              @blur="confirmPasswordTouched = true"
-              class="mb-3"
-            />
-
-            <v-text-field
-              v-if="isOtp"
-              v-model="otpCode"
-              label="One-time code"
-              variant="outlined"
-              density="comfortable"
-              autocomplete="one-time-code"
-              :error-messages="otpCodeErrorMessages"
-              @blur="otpCodeTouched = true"
-              class="mb-3"
-            />
-
-            <div v-if="isLogin" class="aux-links d-flex justify-end mb-4">
-              <v-btn variant="text" color="secondary" @click="switchMode('forgot')">Forgot password?</v-btn>
-              <v-btn variant="text" color="secondary" @click="switchMode('otp')">Use one-time code</v-btn>
-            </div>
 
-            <v-checkbox
-              v-if="isLogin || isOtp"
-              v-model="rememberAccountOnDevice"
-              label="Remember this account on this device"
-              density="compact"
-              hide-details
-              class="mb-4"
-            />
+              <div class="switch-row d-flex align-center justify-space-between ga-3">
+                <v-btn class="text-none" variant="tonal" color="primary" @click="goToMainScreen">
+                  Go to main screen
+                </v-btn>
+                <v-btn
+                  class="text-none"
+                  variant="outlined"
+                  color="secondary"
+                  :loading="registerConfirmationResendPending"
+                  @click="resendRegisterConfirmationEmail"
+                >
+                  Resend confirmation email
+                </v-btn>
+                <v-btn variant="text" color="secondary" @click="switchMode('login')">Back to sign in</v-btn>
+              </div>
+            </template>
 
-            <div v-if="isOtp" class="aux-links d-flex justify-end mb-4">
-              <v-btn
-                type="button"
-                variant="tonal"
-                color="secondary"
-                :loading="otpRequestPending"
-                @click="requestOtpCode"
+            <template v-else>
+              <div
+                v-if="showRememberedAccount"
+                class="remembered-account d-flex align-center justify-space-between ga-3 mb-4"
               >
-                Send one-time code
-              </v-btn>
-            </div>
+                <div class="remembered-copy flex-grow-1">
+                  <p class="remembered-title">Welcome back, {{ rememberedAccountDisplayName }}</p>
+                  <p class="remembered-email">{{ rememberedAccountMaskedEmail }}</p>
+                </div>
+                <v-btn variant="text" color="secondary" class="text-none" @click="switchAccount">
+                  {{ rememberedAccountSwitchLabel }}
+                </v-btn>
+              </div>
+
+              <v-text-field
+                v-model="email"
+                label="Email"
+                variant="outlined"
+                density="comfortable"
+                type="email"
+                autocomplete="email"
+                :error-messages="emailErrorMessages"
+                @blur="emailTouched = true"
+                class="mb-3"
+              />
+
+              <v-text-field
+                v-if="!isForgot && !isOtp"
+                v-model="password"
+                label="Password"
+                :type="showPassword ? 'text' : 'password'"
+                variant="outlined"
+                density="comfortable"
+                :autocomplete="isRegister ? 'new-password' : 'current-password'"
+                :error-messages="passwordErrorMessages"
+                :append-inner-icon="showPassword ? mdiEyeOff : mdiEye"
+                @click:append-inner="togglePasswordVisibility"
+                @blur="passwordTouched = true"
+                class="mb-3"
+              />
+
+              <v-text-field
+                v-if="isRegister"
+                v-model="confirmPassword"
+                label="Confirm password"
+                :type="showConfirmPassword ? 'text' : 'password'"
+                variant="outlined"
+                density="comfortable"
+                autocomplete="new-password"
+                :error-messages="confirmPasswordErrorMessages"
+                :append-inner-icon="showConfirmPassword ? mdiEyeOff : mdiEye"
+                @click:append-inner="toggleConfirmPasswordVisibility"
+                @blur="confirmPasswordTouched = true"
+                class="mb-3"
+              />
+
+              <v-text-field
+                v-if="isOtp"
+                v-model="otpCode"
+                label="One-time code"
+                variant="outlined"
+                density="comfortable"
+                autocomplete="one-time-code"
+                :error-messages="otpCodeErrorMessages"
+                @blur="otpCodeTouched = true"
+                class="mb-3"
+              />
 
-            <div v-if="isLogin || isRegister" class="oauth-actions d-grid ga-2 mb-4">
+              <div v-if="isLogin" class="aux-links d-flex justify-end mb-4">
+                <v-btn variant="text" color="secondary" @click="switchMode('forgot')">Forgot password?</v-btn>
+                <v-btn variant="text" color="secondary" @click="switchMode('otp')">Use one-time code</v-btn>
+              </div>
+
+              <v-checkbox
+                v-if="isLogin || isOtp"
+                v-model="rememberAccountOnDevice"
+                label="Remember this account on this device"
+                density="compact"
+                hide-details
+                class="mb-4"
+              />
+
+              <div v-if="isOtp" class="aux-links d-flex justify-end mb-4">
+                <v-btn
+                  type="button"
+                  variant="tonal"
+                  color="secondary"
+                  :loading="otpRequestPending"
+                  @click="requestOtpCode"
+                >
+                  Send one-time code
+                </v-btn>
+              </div>
+
+              <div v-if="isLogin || isRegister" class="oauth-actions d-grid ga-2 mb-4">
+                <v-btn
+                  v-for="provider in oauthProviders"
+                  :key="provider.id"
+                  block
+                  variant="outlined"
+                  color="secondary"
+                  :disabled="loading"
+                  :prepend-icon="oauthProviderIcon(provider)"
+                  class="text-none oauth-provider-button"
+                  @click="startOAuthSignIn(provider.id)"
+                >
+                  {{ oauthProviderButtonLabel(provider) }}
+                </v-btn>
+              </div>
               <v-btn
-                v-for="provider in oauthProviders"
-                :key="provider.id"
+                data-testid="auth-submit"
                 block
-                variant="outlined"
-                color="secondary"
-                :disabled="loading"
-                :prepend-icon="oauthProviderIcon(provider)"
-                class="text-none oauth-provider-button"
-                @click="startOAuthSignIn(provider.id)"
+                color="primary"
+                size="large"
+                :loading="loading"
+                :disabled="!canSubmit"
+                type="submit"
               >
-                {{ oauthProviderButtonLabel(provider) }}
+                {{ submitLabel }}
               </v-btn>
-            </div>
-            <v-btn
-              data-testid="auth-submit"
-              block
-              color="primary"
-              size="large"
-              :loading="loading"
-              :disabled="!canSubmit"
-              type="submit"
-            >
-              {{ submitLabel }}
-            </v-btn>
 
-            <div v-if="isRegister" class="switch-row mt-4 d-flex align-center justify-space-between ga-3">
-              <span class="text-medium-emphasis">Already have an account?</span>
-              <v-btn variant="text" color="secondary" @click="switchMode('login')">Back to sign in</v-btn>
-            </div>
+              <div v-if="isRegister" class="switch-row mt-4 d-flex align-center justify-space-between ga-3">
+                <span class="text-medium-emphasis">Already have an account?</span>
+                <v-btn variant="text" color="secondary" @click="switchMode('login')">Back to sign in</v-btn>
+              </div>
 
-            <div v-else-if="isForgot" class="switch-row mt-4 d-flex align-center justify-space-between ga-3">
-              <span class="text-medium-emphasis">Remembered your password?</span>
-              <v-btn variant="text" color="secondary" @click="switchMode('login')">Back to sign in</v-btn>
-            </div>
+              <div v-else-if="isForgot" class="switch-row mt-4 d-flex align-center justify-space-between ga-3">
+                <span class="text-medium-emphasis">Remembered your password?</span>
+                <v-btn variant="text" color="secondary" @click="switchMode('login')">Back to sign in</v-btn>
+              </div>
 
-            <div v-else-if="isOtp" class="switch-row mt-4 d-flex align-center justify-space-between ga-3">
-              <span class="text-medium-emphasis">Want to use another method?</span>
-              <v-btn variant="text" color="secondary" @click="switchMode('login')">Back to sign in</v-btn>
-            </div>
+              <div v-else-if="isOtp" class="switch-row mt-4 d-flex align-center justify-space-between ga-3">
+                <span class="text-medium-emphasis">Want to use another method?</span>
+                <v-btn variant="text" color="secondary" @click="switchMode('login')">Back to sign in</v-btn>
+              </div>
+            </template>
           </v-form>
         </v-card-text>
       </v-card>
@@ -177,7 +203,31 @@
 </template>
 
 <script setup>
-import { useDefaultLoginView } from "../composables/useDefaultLoginView.js";
+import { onMounted } from "vue";
+import { useQueryClient } from "@tanstack/vue-query";
+import { mdiEye, mdiEyeOff } from "@mdi/js";
+import { useShellWebErrorRuntime } from "@jskit-ai/shell-web/client/error";
+import { useWebPlacementContext } from "@jskit-ai/shell-web/client/placement";
+import { useLoginViewState } from "../composables/loginView/useLoginViewState.js";
+import { useLoginViewValidation } from "../composables/loginView/useLoginViewValidation.js";
+import { useLoginViewActions } from "../composables/loginView/useLoginViewActions.js";
+
+const {
+  context: placementContext
+} = useWebPlacementContext();
+const queryClient = useQueryClient();
+const errorRuntime = useShellWebErrorRuntime();
+
+const state = useLoginViewState({ placementContext });
+const validation = useLoginViewValidation({ state });
+const actions = useLoginViewActions({
+  state,
+  validation,
+  queryClient,
+  errorRuntime
+});
+
+onMounted(actions.initializeOnMounted);
 
 const {
   authTitle,
@@ -186,38 +236,57 @@ const {
   isOtp,
   isLogin,
   isRegister,
+  isEmailConfirmationPending,
+  emailConfirmationMessage,
   showRememberedAccount,
   switchMode,
-  submitAuth,
+  goToMainScreen,
   rememberedAccountDisplayName,
   rememberedAccountMaskedEmail,
   rememberedAccountSwitchLabel,
   switchAccount,
   email,
-  emailErrorMessages,
   emailTouched,
   password,
   showPassword,
-  passwordErrorMessages,
   passwordTouched,
   confirmPassword,
   showConfirmPassword,
-  confirmPasswordErrorMessages,
   confirmPasswordTouched,
   otpCode,
-  otpCodeErrorMessages,
   otpCodeTouched,
   rememberAccountOnDevice,
   otpRequestPending,
-  requestOtpCode,
+  registerConfirmationResendPending,
   oauthProviders,
   loading,
+  submitLabel
+} = state;
+
+const {
+  emailErrorMessages,
+  passwordErrorMessages,
+  confirmPasswordErrorMessages,
+  otpCodeErrorMessages,
+  canSubmit
+} = validation;
+
+const {
+  submitAuth,
+  requestOtpCode,
+  resendRegisterConfirmationEmail,
   oauthProviderIcon,
   startOAuthSignIn,
-  oauthProviderButtonLabel,
-  canSubmit,
-  submitLabel
-} = useDefaultLoginView();
+  oauthProviderButtonLabel
+} = actions;
+
+function togglePasswordVisibility() {
+  showPassword.value = !showPassword.value;
+}
+
+function toggleConfirmPasswordVisibility() {
+  showConfirmPassword.value = !showConfirmPassword.value;
+}
 </script>
 
 <style scoped>
@@ -251,6 +320,18 @@ const {
   background-color: rgba(57, 84, 71, 0.08);
 }
 
+.email-confirmation-state {
+  border-radius: 12px;
+  border: 1px solid rgba(57, 84, 71, 0.2);
+  background: rgba(57, 84, 71, 0.07);
+  padding: 16px;
+}
+
+.email-confirmation-message {
+  color: #1d2c24;
+  line-height: 1.5;
+}
+
 .remembered-account {
   border-radius: 12px;
   border: 1px solid rgba(57, 84, 71, 0.2);

package/src/server/constants/authActionIds.js

@@ -1,5 +1,6 @@
 const AUTH_ACTION_IDS = Object.freeze({
   REGISTER: "auth.register",
+  REGISTER_CONFIRMATION_RESEND: "auth.register.confirmation.resend",
   LOGIN_PASSWORD: "auth.login.password",
   LOGIN_OTP_REQUEST: "auth.login.otp.request",
   LOGIN_OTP_VERIFY: "auth.login.otp.verify",

package/src/server/controllers/AuthController.js

@@ -35,6 +35,12 @@ class AuthController {
     });
   }
 
+  async resendRegisterConfirmation(request, reply) {
+    const payload = request.body || {};
+    const result = await this.service.resendRegisterConfirmation(request, payload);
+    reply.code(200).send(result);
+  }
+
   async login(request, reply) {
     const payload = request.body || {};
     const result = await this.service.login(request, payload);

package/src/server/routes/authRoutes.js

@@ -1,15 +1,18 @@
 import { withStandardErrorResponses } from "@jskit-ai/http-runtime/shared/validators/errorResponses";
-import { authRegisterCommand } from "@jskit-ai/auth-core/shared/commands/authRegisterCommand";
-import { authLoginPasswordCommand } from "@jskit-ai/auth-core/shared/commands/authLoginPasswordCommand";
-import { authLoginOtpRequestCommand } from "@jskit-ai/auth-core/shared/commands/authLoginOtpRequestCommand";
-import { authLoginOtpVerifyCommand } from "@jskit-ai/auth-core/shared/commands/authLoginOtpVerifyCommand";
-import { authLoginOAuthStartCommand } from "@jskit-ai/auth-core/shared/commands/authLoginOAuthStartCommand";
-import { authLoginOAuthCompleteCommand } from "@jskit-ai/auth-core/shared/commands/authLoginOAuthCompleteCommand";
-import { authPasswordResetRequestCommand } from "@jskit-ai/auth-core/shared/commands/authPasswordResetRequestCommand";
-import { authPasswordRecoveryCompleteCommand } from "@jskit-ai/auth-core/shared/commands/authPasswordRecoveryCompleteCommand";
-import { authPasswordResetCommand } from "@jskit-ai/auth-core/shared/commands/authPasswordResetCommand";
-import { authLogoutCommand } from "@jskit-ai/auth-core/shared/commands/authLogoutCommand";
-import { authSessionReadCommand } from "@jskit-ai/auth-core/shared/commands/authSessionReadCommand";
+import {
+  authRegisterCommand,
+  authRegisterConfirmationResendCommand,
+  authLoginPasswordCommand,
+  authLoginOtpRequestCommand,
+  authLoginOtpVerifyCommand,
+  authLoginOAuthStartCommand,
+  authLoginOAuthCompleteCommand,
+  authPasswordResetRequestCommand,
+  authPasswordRecoveryCompleteCommand,
+  authPasswordResetCommand,
+  authLogoutCommand,
+  authSessionReadCommand
+} from "@jskit-ai/auth-core/shared/commands";
 import { AUTH_PATHS } from "@jskit-ai/auth-core/shared/authPaths";
 
 function buildRoutes(controller) {
@@ -41,6 +44,27 @@ function buildRoutes(controller) {
       },
       handler: handler("register")
     },
+    {
+      path: AUTH_PATHS.REGISTER_CONFIRMATION_RESEND,
+      method: "POST",
+      auth: "public",
+      meta: {
+        tags: ["auth"],
+        summary: "Resend sign-up email confirmation"
+      },
+      bodyValidator: authRegisterConfirmationResendCommand.operation.bodyValidator,
+      responseValidators: withStandardErrorResponses(
+        {
+          200: authRegisterConfirmationResendCommand.operation.responseValidator
+        },
+        { includeValidation400: true }
+      ),
+      rateLimit: {
+        max: 5,
+        timeWindow: "1 minute"
+      },
+      handler: handler("resendRegisterConfirmation")
+    },
     {
       path: AUTH_PATHS.LOGIN,
       method: "POST",

package/src/server/services/AuthWebService.js

@@ -19,6 +19,13 @@ class AuthWebService {
     });
   }
 
+  async resendRegisterConfirmation(request, payload) {
+    return request.executeAction({
+      actionId: AUTH_ACTION_IDS.REGISTER_CONFIRMATION_RESEND,
+      input: payload
+    });
+  }
+
   async login(request, payload) {
     return request.executeAction({
       actionId: AUTH_ACTION_IDS.LOGIN_PASSWORD,

package/test/authGuardRuntime.test.js

@@ -105,6 +105,50 @@ test("auth guard runtime keeps previous auth state on transient refresh failure"
   assert.equal(placementRuntime.setCalls.length, setCallCountBeforeTransientFailure);
 });
 
+test("auth guard runtime redirects callback hashes on non-login routes to /auth/login", async () => {
+  const originalWindow = globalThis.window;
+  let redirectedTo = "";
+  globalThis.window = {
+    location: {
+      pathname: "/home",
+      search: "",
+      hash: "#access_token=access&refresh_token=refresh",
+      replace(target) {
+        redirectedTo = String(target || "");
+      }
+    }
+  };
+
+  try {
+    const placementRuntime = createPlacementRuntimeStub();
+    let fetchCalls = 0;
+    const runtime = createAuthGuardRuntime({
+      placementRuntime,
+      fetchImplementation: async () => {
+        fetchCalls += 1;
+        return {
+          ok: true,
+          async json() {
+            return {
+              authenticated: false
+            };
+          }
+        };
+      }
+    });
+
+    const state = await runtime.initialize();
+    assert.equal(state.authenticated, false);
+    assert.equal(fetchCalls, 0);
+    assert.equal(
+      redirectedTo,
+      "/auth/login?returnTo=%2Fhome#access_token=access&refresh_token=refresh"
+    );
+  } finally {
+    globalThis.window = originalWindow;
+  }
+});
+
 test("auth guard runtime only updates placement auth context", async () => {
   const placementRuntime = createPlacementRuntimeStub({
     user: {

package/test/clientSurface.test.js

@@ -51,13 +51,18 @@ test("auth-web removes legacy client wrapper modules", () => {
   }
 });
 
-test("auth-web runtime/useLoginView delegates to useDefaultLoginView", () => {
+test("auth-web runtime/useLoginView composes login view state, validation, and actions", () => {
   const runtimeUseLoginViewPath = fileURLToPath(new URL("../src/client/runtime/useLoginView.js", import.meta.url));
   const runtimeUseLoginViewSource = readFileSync(runtimeUseLoginViewPath, "utf8");
 
-  assert.match(runtimeUseLoginViewSource, /import\s+\{\s*useDefaultLoginView\s*\}\s+from\s+"..\/composables\/useDefaultLoginView\.js";/);
-  assert.match(runtimeUseLoginViewSource, /function\s+useLoginView\s*\(\)\s*\{\s*return\s+useDefaultLoginView\(\);\s*\}/);
-  assert.match(runtimeUseLoginViewSource, /export\s+\{\s*useLoginView,\s*useDefaultLoginView\s*\};/);
+  assert.match(runtimeUseLoginViewSource, /import\s+\{\s*useLoginViewState\s*\}\s+from\s+"..\/composables\/loginView\/useLoginViewState\.js";/);
+  assert.match(runtimeUseLoginViewSource, /import\s+\{\s*useLoginViewValidation\s*\}\s+from\s+"..\/composables\/loginView\/useLoginViewValidation\.js";/);
+  assert.match(runtimeUseLoginViewSource, /import\s+\{\s*useLoginViewActions\s*\}\s+from\s+"..\/composables\/loginView\/useLoginViewActions\.js";/);
+  assert.match(runtimeUseLoginViewSource, /const\s+state\s*=\s*useLoginViewState\(/);
+  assert.match(runtimeUseLoginViewSource, /const\s+validation\s*=\s*useLoginViewValidation\(\s*\{\s*state\s*\}\s*\)/);
+  assert.match(runtimeUseLoginViewSource, /const\s+actions\s*=\s*useLoginViewActions\(/);
+  assert.doesNotMatch(runtimeUseLoginViewSource, /useDefaultLoginView/);
+  assert.match(runtimeUseLoginViewSource, /export\s+\{\s*useLoginView\s*\};/);
 });
 
 test("auth-web package exports only minimal client runtime/view subpaths", () => {

package/test/providerRuntime.test.js

@@ -56,6 +56,12 @@ test("auth route provider registers routes and executes login/logout handlers",
   app.instance("authService", authService);
   app.instance("actionExecutor", {
     async execute({ actionId }) {
+      if (actionId === "auth.register.confirmation.resend") {
+        return {
+          ok: true,
+          message: "If an account exists for that email, a confirmation email has been sent."
+        };
+      }
       if (actionId === "auth.login.password") {
         return {
           session: { access_token: "a", refresh_token: "r" },
@@ -88,6 +94,15 @@ test("auth route provider registers routes and executes login/logout handlers",
   assert.equal(loginReply.statusCode, 200);
   assert.equal(loginReply.payload.username, "Ada");
 
+  const resendConfirmationRoute = fastify.routes.find(
+    (route) => route.method === "POST" && route.url === "/api/register/confirmation/resend"
+  );
+  assert.ok(resendConfirmationRoute);
+  const resendConfirmationReply = createReplyStub();
+  await resendConfirmationRoute.handler({ body: { email: "ada@example.com" } }, resendConfirmationReply);
+  assert.equal(resendConfirmationReply.statusCode, 200);
+  assert.equal(resendConfirmationReply.payload.ok, true);
+
   const logoutRoute = fastify.routes.find((route) => route.method === "POST" && route.url === "/api/logout");
   assert.ok(logoutRoute);
   const logoutReply = createReplyStub();

package/test/registerFlow.test.js

@@ -0,0 +1,40 @@
+import assert from "node:assert/strict";
+import { test } from "node:test";
+import { resolveRegisterCompletionState } from "../src/client/composables/loginView/registerCompletion.js";
+
+test("resolveRegisterCompletionState requires no immediate session when email confirmation is required", () => {
+  const result = resolveRegisterCompletionState({
+    ok: true,
+    requiresEmailConfirmation: true,
+    message: "Custom confirmation message"
+  });
+
+  assert.deepEqual(result, {
+    shouldCompleteLogin: false,
+    message: "Custom confirmation message"
+  });
+});
+
+test("resolveRegisterCompletionState falls back to default confirmation message", () => {
+  const result = resolveRegisterCompletionState({
+    ok: true,
+    requiresEmailConfirmation: true
+  });
+
+  assert.deepEqual(result, {
+    shouldCompleteLogin: false,
+    message: "Check your email to confirm the account before logging in."
+  });
+});
+
+test("resolveRegisterCompletionState completes login when confirmation is not required", () => {
+  const result = resolveRegisterCompletionState({
+    ok: true,
+    requiresEmailConfirmation: false
+  });
+
+  assert.deepEqual(result, {
+    shouldCompleteLogin: true,
+    message: ""
+  });
+});