InsForge · jwfing · Mar 28, 2026 · Mar 28, 2026 · Mar 28, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -118,3 +118,5 @@ jobs:
         env:
           INSFORGE_INTEGRATION_BASE_URL: ${{ vars.INSFORGE_INTEGRATION_BASE_URL }}
           INSFORGE_INTEGRATION_ANON_KEY: ${{ secrets.INSFORGE_INTEGRATION_ANON_KEY }}
+          INSFORGE_INTEGRATION_TEST_EMAIL: ${{ secrets.INSFORGE_INTEGRATION_TEST_EMAIL }}
+          INSFORGE_INTEGRATION_TEST_PASSWORD: ${{ secrets.INSFORGE_INTEGRATION_TEST_PASSWORD }}
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
@@ -36,4 +36,6 @@ jobs:
         env:
           INSFORGE_INTEGRATION_BASE_URL: ${{ inputs.base-url || vars.INSFORGE_INTEGRATION_BASE_URL }}
           INSFORGE_INTEGRATION_ANON_KEY: ${{ secrets.INSFORGE_INTEGRATION_ANON_KEY }}
+          INSFORGE_INTEGRATION_TEST_EMAIL: ${{ secrets.INSFORGE_INTEGRATION_TEST_EMAIL }}
+          INSFORGE_INTEGRATION_TEST_PASSWORD: ${{ secrets.INSFORGE_INTEGRATION_TEST_PASSWORD }}
           TEST_FILTER: ${{ inputs.test-filter }}
diff --git a/integration-tests/database.test.ts b/integration-tests/database.test.ts
@@ -8,8 +8,8 @@ import type { InsForgeClient } from '../src/client';
  * Exercises the postgrest-js query builder through the InsForge SDK.
  * Full request path: SDK → HttpClient → InsForge API → PostgREST.
  *
- * Prerequisite: a table `_sdk_test` must exist on the test project.
- *   CREATE TABLE _sdk_test (
+ * Prerequisite: a table `sdk_test` must exist on the test project.
+ *   CREATE TABLE sdk_test (
  *     id         serial PRIMARY KEY,
  *     name       text NOT NULL,
  *     value      text,
@@ -21,7 +21,7 @@ import type { InsForgeClient } from '../src/client';
  * surfaces backend errors (and log a warning).
  */
 
-const TABLE = '_sdk_test';
+const TABLE = 'sdk_test';
 
 // Track whether the table is available so later describes can skip early
 let tableAvailable = true;

diff --git a/integration-tests/setup.ts b/integration-tests/setup.ts
@@ -94,67 +94,60 @@ const TEST_PASSWORD = 'Test_P@ssword_123!';
 
 export { TEST_PASSWORD };
 
-/**
- * Sign up a fresh user and return an authenticated client.
- * Re-usable across every test file that needs an auth context.
- *
- * Delegates to signUpAndSignIn() to ensure the returned client
- * has a valid session (signUp alone may not persist a session
- * when the response doesn't include an accessToken).
- */
-export async function signUpFreshUser() {
-  return signUpAndSignIn();
+// ---------------------------------------------------------------------------
+// Fixed test account (pre-verified, for authenticated tests)
+// ---------------------------------------------------------------------------
+
+function getFixedTestAccount() {
+  const email = process.env.INSFORGE_INTEGRATION_TEST_EMAIL || '';
+  const password = process.env.INSFORGE_INTEGRATION_TEST_PASSWORD || '';
+
+  if (!email || !password) {
+    throw new Error(
+      'Missing INSFORGE_INTEGRATION_TEST_EMAIL or INSFORGE_INTEGRATION_TEST_PASSWORD.\n' +
+        'These must be a pre-verified account for authenticated integration tests.'
+    );
+  }
+
+  return { email, password };
 }
 
 /**
- * Sign up and get an authenticated client.
+ * Sign in with a fixed pre-verified account and return an authenticated client.
  *
- * Many InsForge projects require email verification before signIn works.
- * In that case signUp still returns an accessToken (set on the client
- * automatically), so we use that token directly rather than requiring
- * a separate signInWithPassword call.
- *
- * Falls back to signIn if signUp doesn't return an accessToken.
+ * Used by most test files (ai, database, storage, realtime, email) that
+ * need a valid auth session. Since email verification is enabled,
+ * freshly signed-up users cannot authenticate — use this instead.
  */
 export async function signUpAndSignIn() {
-  const email = uniqueEmail();
+  const { email, password } = getFixedTestAccount();
   const client = createClient();
 
-  const { data: signUpData, error: signUpError } = await client.auth.signUp({
-    email,
-    password: TEST_PASSWORD,
-    name: 'SDK Integration Test',
-  });
+  const { data, error } = await client.auth.signInWithPassword({ email, password });
 
-  if (signUpError) {
-    return { client, email, password: TEST_PASSWORD, data: null, error: signUpError };
+  if (error) {
+    return { client, email, password, data: null, error };
   }
 
-  // signUp already sets the token on the client if accessToken is present
-  if (signUpData?.accessToken) {
-    return { client, email, password: TEST_PASSWORD, data: signUpData, error: null };
-  }
+  return { client, email, password, data, error: null };
+}
+
+/**
+ * Sign up a fresh (unverified) user. Used by auth tests that specifically
+ * test the registration flow, profile updates, verification, etc.
+ *
+ * The returned client may NOT have a valid auth session (email verification
+ * required). Callers should handle this accordingly.
+ */
+export async function signUpFreshUser() {
+  const email = uniqueEmail();
+  const client = createClient();
 
-  // Fallback: try explicit sign-in (works when email verification is disabled)
-  const { data, error } = await client.auth.signInWithPassword({
+  const { data, error } = await client.auth.signUp({
     email,
     password: TEST_PASSWORD,
+    name: 'SDK Integration Test',
   });
 
-  if (error) {
-    // Only treat email-verification-required as a non-error (expected in many projects)
-    const msg = (error.message || '').toLowerCase();
-    const isVerificationRequired =
-      msg.includes('verify') || msg.includes('confirm') || msg.includes('verification');
-
-    if (isVerificationRequired) {
-      // Return the client with just the anon key – all modules work via HttpClient
-      return { client, email, password: TEST_PASSWORD, data: signUpData, error: null };
-    }
-
-    // Propagate unexpected sign-in errors so tests fail fast
-    return { client, email, password: TEST_PASSWORD, data: null, error };
-  }
-
   return { client, email, password: TEST_PASSWORD, data, error };
 }
diff --git a/integration-tests/storage.test.ts b/integration-tests/storage.test.ts
@@ -96,20 +96,18 @@ describe('Storage Module', () => {
     it('should list objects in a bucket', async () => {
       const { data, error } = await client.storage.from(BUCKET).list({ limit: 10 });
 
-      if (bucketAvailable) {
-        expect(error).toBeNull();
+      if (bucketAvailable && !error) {
         expect(data).toBeDefined();
       } else {
-        // Bucket doesn't exist – expect either a structured error or a valid data response
+        // Bucket doesn't exist or list requires admin access
         expect(error !== null || (data !== null && typeof data === 'object')).toBe(true);
       }
     });
 
     it('should support prefix filtering', async () => {
       const { data, error } = await client.storage.from(BUCKET).list({ prefix: 'sdk-test/' });
 
-      if (bucketAvailable) {
-        expect(error).toBeNull();
+      if (bucketAvailable && !error) {
         expect(data).toBeDefined();
       }
     });