# Resilience Tests

### NFT-RES-01: Database Connection Loss Recovery

**Summary**: API returns appropriate errors when database is unavailable, and recovers when it comes back.
**Traces to**: AC-1, AC-9

**Preconditions**:
- System running normally with database connected

**Fault injection**:
- Stop the PostgreSQL container

**Steps**:

| Step | Action | Expected Behavior |
|------|--------|------------------|
| 1 | Stop test-db container | Database unavailable |
| 2 | Send POST /login request | HTTP 500 (database error, not crash) |
| 3 | Verify API process is still running | Process alive, accepting connections |
| 4 | Restart test-db container | Database available |
| 5 | Wait 5 seconds for connection recovery | — |
| 6 | Send POST /login request | HTTP 200 or HTTP 409 (normal behavior) |

**Pass criteria**: API does not crash on DB loss; recovers within 10s of DB restoration

---

### NFT-RES-02: Invalid JWT Token Handling

**Summary**: API rejects malformed JWT tokens gracefully without crashing.
**Traces to**: AC-18

**Preconditions**:
- System running normally

**Fault injection**:
- Send requests with malformed Authorization headers

**Steps**:

| Step | Action | Expected Behavior |
|------|--------|------------------|
| 1 | Send GET /users with `Authorization: Bearer invalid-token` | HTTP 401 |
| 2 | Send GET /users with `Authorization: Bearer ` (empty) | HTTP 401 |
| 3 | Send GET /users with `Authorization: NotBearer token` | HTTP 401 |
| 4 | Send normal login request | HTTP 200 (system unaffected) |

**Pass criteria**: All malformed tokens return HTTP 401; system remains operational

---

### NFT-RES-03: Concurrent Hardware Binding Attempt

**Summary**: Two simultaneous hardware check requests for the same user do not corrupt data.
**Traces to**: AC-10, AC-11

**Preconditions**:
- User with no hardware bound

**Fault injection**:
- Race condition: two concurrent POST /resources/check with same hardware

**Steps**:

| Step | Action | Expected Behavior |
|------|--------|------------------|
| 1 | Send two POST /resources/check simultaneously with same hardware | Both return HTTP 200 or one returns 200 and other returns 409 |
| 2 | Send a third POST /resources/check with same hardware | HTTP 200 (consistent state) |

**Pass criteria**: No database corruption; subsequent requests behave consistently