const { test, expect } = require('@playwright/test');

test.describe('Nexus POS — Auth Guard', () => {
  test('unauthenticated user is redirected to login', async ({ browser }) => {
    // Create incognito context without localStorage
    const context = await browser.newContext();
    const page = await context.newPage();
    await page.goto('/pos/sale');
    await expect(page).toHaveURL(/\/pos\/login/);
    await context.close();
  });

  test('login page is accessible without token', async ({ browser }) => {
    const context = await browser.newContext();
    const page = await context.newPage();
    await page.goto('/pos/login');
    await expect(page.locator('input[type="password"], #password, input[name="pin"]')).toBeVisible();
    await context.close();
  });
});