diff --git a/code/websites/pokedex.online/tests/unit/composables/useAuth.test.js b/code/websites/pokedex.online/tests/unit/composables/useAuth.test.js
new file mode 100644
index 0000000..1152071
--- /dev/null
+++ b/code/websites/pokedex.online/tests/unit/composables/useAuth.test.js
@@ -0,0 +1,77 @@
+import { describe, it, expect, vi, beforeEach, afterEach } from 'vitest';
+import { useAuth } from '../../../src/composables/useAuth.js';
+
+/**
+ * Tests for useAuth composable
+ * Tests authentication state management
+ */
+describe('useAuth Composable', () => {
+  beforeEach(() => {
+    // Clear localStorage
+    localStorage.clear();
+
+    // Mock apiClient
+    vi.mock('../../../src/utilities/api-client.js', () => ({
+      apiClient: {
+        post: vi.fn(),
+        get: vi.fn(),
+        setDefaultHeader: vi.fn(),
+        removeDefaultHeader: vi.fn()
+      }
+    }));
+  });
+
+  afterEach(() => {
+    localStorage.clear();
+    vi.clearAllMocks();
+  });
+
+  it('creates useAuth composable', () => {
+    const auth = useAuth();
+    expect(auth).toBeDefined();
+    expect(auth.token).toBeDefined();
+    expect(auth.user).toBeDefined();
+  });
+
+  it('has authentication state properties', () => {
+    const auth = useAuth();
+    
+    expect(auth.token.value).toBeNull();
+    expect(auth.user.value).toBeNull();
+    expect(auth.isAuthenticated.value).toBe(false);
+    expect(auth.isAdmin.value).toBe(false);
+  });
+
+  it('has authentication methods', () => {
+    const auth = useAuth();
+    
+    expect(typeof auth.login).toBe('function');
+    expect(typeof auth.logout).toBe('function');
+    expect(typeof auth.initializeAuth).toBe('function');
+    expect(typeof auth.hasPermission).toBe('function');
+  });
+
+  it('exports setupAuthInterceptor function', () => {
+    const auth = useAuth();
+    expect(typeof auth.setupAuthInterceptor).toBe('function');
+  });
+
+  it('has hasPermission method', () => {
+    const auth = useAuth();
+    
+    // Should handle missing user
+    expect(auth.hasPermission('admin')).toBe(false);
+  });
+
+  it('initializes with no token by default', () => {
+    const auth = useAuth();
+    expect(auth.token.value).toBeNull();
+    expect(auth.isAuthenticated.value).toBe(false);
+  });
+
+  it('has isLoading and error state', () => {
+    const auth = useAuth();
+    expect(auth.isLoading.value).toBe(false);
+    expect(auth.error.value).toBeNull();
+  });
+});