**`test_auth_flows.py`** (4 tests):

1. Auto-redirect when authenticated (visit `/auth/login` with valid cookie → `/app/`)

2. Return-to URL preservation across OAuth redirect chain

3. Login with handle (tests error handling for unresolvable mock handles)

4. Unauthenticated access redirects to login with `return_to`

**`test_wiki_lifecycle.py`** (8 tests):

1. Wiki creation form (slug/name → submit → redirect → MCP token visible)

2. Wiki settings update (change display_name → flash → persists on reload)

3. Wiki deletion with confirmation (expand danger zone → confirm slug → delete)

4. MCP token regeneration (click regen → JS confirm → new token in flash)

5. Dashboard redirects to existing wiki

6. Wiki deletion wrong slug rejected (confirm mismatch → flash error → wiki survives)

7. Wiki creation duplicate slug rejected

8. Wiki creation invalid slug rejected (bypasses browser validation, tests server-side)

9. Wiki settings steady state (no token flash, regenerate button present)

**`test_account.py`** (6 tests):

1. Account page renders (displays DID, handle)

2. Account deletion wrong confirmation (wrong handle → error flash)

3. MCP consent page renders (client info, wiki name, approve/deny buttons)

4. Account deletion (correct handle → cookie cleared → redirected)

5. MCP consent deny redirects with error

6. Wiki settings steady state page elements

- `tests/e2e/mock_pds.py` — In-process mock ATProto PDS with PKCE verification, thread-safe state

- `tests/e2e/conftest.py` — Fixtures for single platform server, authenticated pages, wiki creation

- **`platform_server`** (session): Starts consolidated Flask app in daemon thread on a free port

- **`authenticated_page`** (function): Fresh browser context with valid `platform_token` cookie via direct JWT minting

- **`wiki_fixture`** (function): Creates wiki directly in DB + filesystem, cleans up after test

- **`destructive_page`** (function): Separate browser context for tests that destroy state

- **`pds`** (session): Mock PDS in daemon thread

- **`test_account`** (session): Test account on mock PDS

Gated by `ALLOW_HTTP_PDS=true` + `FLASK_ENV=testing` (RuntimeError at import if either is wrong):

- `app/auth/atproto_security.py` — `_ALLOW_HTTP_PDS` flag, loopback SSRF relaxation

- `app/auth/atproto_identity.py` — `PLC_DIRECTORY_URL` read at request time, skip bidirectional handle verification

- `app/auth/atproto_oauth.py` — Relax HTTPS/port assertions on auth server metadata

- `app/platform_server.py` — `_SCHEME` variable, conditional `SESSION_COOKIE_SECURE`, conditional cookie `secure` flag, rate limiter disabled in test mode, limiter GC strong-reference fix

- `app/db.py` — `check_same_thread=False` scoped to `FLASK_ENV=testing`

- `resolve_did()` SSRF: Upgraded from plain `requests.get` to `hardened_http` (pre-existing vulnerability, elevated by injectable `PLC_DIRECTORY_URL`)

- Flask-Limiter GC: `Limiter` object garbage collected after `create_app()` returned due to weak references. Fixed with strong ref in `app.config["_LIMITER"]`

- Account creation/session management

- OAuth AS metadata, protected resource metadata

- PAR, authorize (HTML form), token exchange with PKCE S256 verification

- DID document serving (acts as PLC directory)

- Thread-safe global state with `threading.Lock`

The `TenantResolver` is the only thing preventing cross-tenant access. No E2E test hits a wiki subdomain. The `is_bearer_token` bypass, `_apply_wiki_access_restrictions`, and the internal API key path are untested end-to-end. Requires routing to a second Host in the test environment (Playwright supports `set_extra_http_headers`).

Single test account means ownership isolation is untested. Add `test_account_b` (mock PDS already supports multiple accounts). Test: user B cannot access user A's wiki settings, user B gets appropriate access level on user A's wiki content.

Current `ci.yml` doesn't install Playwright browsers. Needs: `playwright install chromium`, separate unit/E2E jobs, browser caching (`~/.cache/ms-playwright`), `--screenshot=only-on-failure` artifacts, `--timeout=60`.

- Port allocation race: bind-then-close gap before `make_server`. Pass bound socket directly.

- Silent teardown: `wiki_fixture` swallows cleanup exceptions. Log them.

- Session-scoped `page` fixture leaks state between tests.

The MCP server (`otterwiki-mcp/` repo, separate from `mcp_entry.py` sidecar) has 12 real tools wrapping the REST API. E2E testing the full flow — consent → token → tool invocation — is feasible now. The consent HMAC signing is security-critical.

One test: 6 rapid writes, assert 6th returns 429. Catches wiring bugs where the limiter is instantiated but never called.

Full path: login → create wiki → visit subdomain → see content. Requires otterwiki installed in CI and subprocess management. Defer until CI infrastructure is more mature.