diff --git a/Makefile b/Makefile
index 4d92090..a92128b 100644
--- a/Makefile
+++ b/Makefile
@@ -51,6 +51,7 @@ help:
 	@echo "  make dev          - Start core infrastructure (PostgreSQL, Redis)"
 	@echo "  make dev-full     - Start core infrastructure + observability"
 	@echo "  make dev-auth     - Start core infrastructure + Zitadel auth"
+	@echo "  make dev-full-auth     - Start core infrastructure + observability + Zitadel auth"
 	@echo "  make dev-gateway  - Start core infrastructure + gateway ingress (NGINX + gateway service)"
 	@echo "  make stop         - Stop all containers"
 	@echo "  make clean        - Stop containers and remove volumes"
@@ -118,6 +119,13 @@ dev-auth: dev
 	@echo "Zitadel ready at http://localhost:$(ZITADEL_PORT)"
 	@echo "Admin credentials: $(ZITADEL_ADMIN_USERNAME) / $(ZITADEL_ADMIN_PASSWORD)"
 
+dev-full-auth: dev-full 
+	@echo "Starting authentication stack..."
+	@$(COMPOSE_CMD) --profile auth up -d
+	@echo ""
+	@echo "Zitadel ready at http://localhost:$(ZITADEL_PORT)"
+	@echo "Admin credentials: $(ZITADEL_ADMIN_USERNAME) / $(ZITADEL_ADMIN_PASSWORD)"
+
 dev-gateway: dev
 	@echo "Starting gateway ingress stack..."
 	@$(COMPOSE_CMD) --profile gateway up -d gateway-service nginx
diff --git a/backend/services/game-session-service/internal/application/session/service_test.go b/backend/services/game-session-service/internal/application/session/service_test.go
index 7bc5f36..ee27823 100644
--- a/backend/services/game-session-service/internal/application/session/service_test.go
+++ b/backend/services/game-session-service/internal/application/session/service_test.go
@@ -230,7 +230,8 @@ func (s *fakeStateStore) ReleaseLock(ctx context.Context, sessionID string) {
 	delete(s.locks, sessionID)
 }
 
-// TestStartSessionCreatesActiveSessionAndFirstQuestion ensures start session creates active session and first question behavior is handled correctly.
+// TestStartSessionCreatesActiveSessionAndFirstQuestion ensures start session creates
+// active session and first question behavior is handled correctly.
 func TestStartSessionCreatesActiveSessionAndFirstQuestion(t *testing.T) {
 	svc := NewService(
 		newFakeRepo(),
@@ -370,7 +371,8 @@ func TestSubmitAnswerTimeoutTransition(t *testing.T) {
 	}
 }
 
-// TestSubmitAnswerAdvancesAfterMaxAttempts ensures submit answer advances after max attempts behavior is handled correctly.
+// TestSubmitAnswerAdvancesAfterMaxAttempts ensures submit answer advances after max
+// attempts behavior is handled correctly.
 func TestSubmitAnswerAdvancesAfterMaxAttempts(t *testing.T) {
 	svc := NewService(
 		newFakeRepo(),
diff --git a/backend/services/gateway-service/internal/interfaces/http/middleware/middleware_test.go b/backend/services/gateway-service/internal/interfaces/http/middleware/middleware_test.go
index f150a35..d7b460f 100644
--- a/backend/services/gateway-service/internal/interfaces/http/middleware/middleware_test.go
+++ b/backend/services/gateway-service/internal/interfaces/http/middleware/middleware_test.go
@@ -143,7 +143,8 @@ func TestSecurityHeadersNoHSTSOnHTTP(t *testing.T) {
 	}
 }
 
-// TestRequestContextMiddlewareAndRequestID ensures request context middleware and request id behavior is handled correctly.
+// TestRequestContextMiddlewareAndRequestID ensures request context middleware and
+// request id behavior is handled correctly.
 func TestRequestContextMiddlewareAndRequestID(t *testing.T) {
 	app := fiber.New()
 	app.Use(RequestContext(nil))
@@ -179,7 +180,8 @@ func TestRequestContextMiddlewareAndRequestID(t *testing.T) {
 	}
 }
 
-// TestRequestContextWithLoggerAndInvalidRequestIDLocal ensures request context with logger and invalid request id local behavior is handled correctly.
+// TestRequestContextWithLoggerAndInvalidRequestIDLocal ensures request context with
+// logger and invalid request id local behavior is handled correctly.
 func TestRequestContextWithLoggerAndInvalidRequestIDLocal(t *testing.T) {
 	logger := logging.NewLogger(logging.DefaultConfig())
 	app := fiber.New()
@@ -203,7 +205,8 @@ func TestRequestContextWithLoggerAndInvalidRequestIDLocal(t *testing.T) {
 	}
 }
 
-// TestRateLimitMiddlewareDegradedModeAndHelpers ensures rate limit middleware degraded mode and helpers behavior is handled correctly.
+// TestRateLimitMiddlewareDegradedModeAndHelpers ensures rate limit middleware degraded
+// mode and helpers behavior is handled correctly.
 func TestRateLimitMiddlewareDegradedModeAndHelpers(t *testing.T) {
 	app := fiber.New()
 	mw := RateLimitMiddleware(nil, gconfig.RateLimitConfig{
@@ -305,7 +308,8 @@ func TestRateLimitMiddlewareDegradedModeAndHelpers(t *testing.T) {
 	}
 }
 
-// TestRateLimitMiddlewareRedisAllowedAndBlocked ensures rate limit middleware redis allowed and blocked behavior is handled correctly.
+// TestRateLimitMiddlewareRedisAllowedAndBlocked ensures rate limit middleware redis
+// allowed and blocked behavior is handled correctly.
 func TestRateLimitMiddlewareRedisAllowedAndBlocked(t *testing.T) {
 	mr, err := miniredis.Run()
 	if err != nil {
@@ -358,7 +362,8 @@ func TestRateLimitMiddlewareRedisAllowedAndBlocked(t *testing.T) {
 	}
 }
 
-// TestRateLimitMiddlewareRedisErrorDegrades ensures rate limit middleware redis error degrades behavior is handled correctly.
+// TestRateLimitMiddlewareRedisErrorDegrades ensures rate limit middleware redis error
+// degrades behavior is handled correctly.
 func TestRateLimitMiddlewareRedisErrorDegrades(t *testing.T) {
 	// Use a client pointing to an unreachable endpoint to force script.Run error.
 	client := redisv9.NewClient(&redisv9.Options{Addr: "127.0.0.1:1"})
diff --git a/backend/services/gateway-service/tests/integration_http_test.go b/backend/services/gateway-service/tests/integration_http_test.go
index 2a65223..05500fe 100644
--- a/backend/services/gateway-service/tests/integration_http_test.go
+++ b/backend/services/gateway-service/tests/integration_http_test.go
@@ -21,7 +21,8 @@ import (
 	"knowfoolery/backend/shared/infra/auth/zitadel"
 )
 
-// TestGateway_PublicRoute_ProxiesAndRewritesPath ensures gateway public route proxies and rewrites path behavior is handled correctly.
+// TestGateway_PublicRoute_ProxiesAndRewritesPath ensures gateway public route proxies
+// and rewrites path behavior is handled correctly.
 func TestGateway_PublicRoute_ProxiesAndRewritesPath(t *testing.T) {
 	t.Parallel()
 
@@ -67,7 +68,8 @@ func TestGateway_ProtectedRoute_RequiresAuth(t *testing.T) {
 	require.Equal(t, http.StatusUnauthorized, res.StatusCode)
 }
 
-// TestGateway_ProtectedRoute_ForwardsUserHeaders ensures gateway protected route forwards user headers behavior is handled correctly.
+// TestGateway_ProtectedRoute_ForwardsUserHeaders ensures gateway protected route
+// forwards user headers behavior is handled correctly.
 func TestGateway_ProtectedRoute_ForwardsUserHeaders(t *testing.T) {
 	t.Parallel()
 
diff --git a/backend/services/question-bank-service/internal/application/question/service_test.go b/backend/services/question-bank-service/internal/application/question/service_test.go
index 2c4d40b..22295d1 100644
--- a/backend/services/question-bank-service/internal/application/question/service_test.go
+++ b/backend/services/question-bank-service/internal/application/question/service_test.go
@@ -201,7 +201,8 @@ func TestValidateAnswerByQuestionID(t *testing.T) {
 	}
 }
 
-// TestValidateAnswerByQuestionID_ValidationError ensures validate answer by question id validation error behavior is handled correctly.
+// TestValidateAnswerByQuestionID_ValidationError ensures validate answer by question id
+// validation error behavior is handled correctly.
 func TestValidateAnswerByQuestionID_ValidationError(t *testing.T) {
 	repo := &fakeRepo{items: []*domain.Question{
 		{
diff --git a/backend/shared/infra/observability/tracing/tracer_test.go b/backend/shared/infra/observability/tracing/tracer_test.go
index c37df68..81df630 100644
--- a/backend/shared/infra/observability/tracing/tracer_test.go
+++ b/backend/shared/infra/observability/tracing/tracer_test.go
@@ -119,7 +119,8 @@ func TestConfigFromEnvInvalidSampleRate(t *testing.T) {
 	require.Equal(t, DefaultConfig().SampleRate, cfg.SampleRate)
 }
 
-// TestConfigFromEnvLegacyEndpointFallback ensures config from env legacy endpoint fallback behavior is handled correctly.
+// TestConfigFromEnvLegacyEndpointFallback ensures config from env legacy endpoint
+// fallback behavior is handled correctly.
 func TestConfigFromEnvLegacyEndpointFallback(t *testing.T) {
 	t.Setenv("TRACING_OTLP_ENDPOINT", "")
 	t.Setenv("TRACING_JAEGER_ENDPOINT", "http://legacy:14268/api/traces")
diff --git a/backend/shared/infra/utils/validation/validator_test.go b/backend/shared/infra/utils/validation/validator_test.go
index 7f875cb..387d48b 100644
--- a/backend/shared/infra/utils/validation/validator_test.go
+++ b/backend/shared/infra/utils/validation/validator_test.go
@@ -29,7 +29,8 @@ func TestValidator_CustomTags(t *testing.T) {
 	require.Error(t, v.ValidateVar("A", "player_name"))
 }
 
-// TestValidator_ValidateReturnsDomainError ensures validator validate returns domain error behavior is handled correctly.
+// TestValidator_ValidateReturnsDomainError ensures validator validate returns domain
+// error behavior is handled correctly.
 func TestValidator_ValidateReturnsDomainError(t *testing.T) {
 	v := NewValidator()
 	err := v.Validate(sampleStruct{})
@@ -41,7 +42,8 @@ func TestValidator_ValidateReturnsDomainError(t *testing.T) {
 	require.True(t, strings.Contains(domainErr.Message, "name is required"))
 }
 
-// TestValidator_ValidateVarReturnsDomainError ensures validator validate var returns domain error behavior is handled correctly.
+// TestValidator_ValidateVarReturnsDomainError ensures validator validate var returns
+// domain error behavior is handled correctly.
 func TestValidator_ValidateVarReturnsDomainError(t *testing.T) {
 	v := NewValidator()
 	err := v.ValidateVar("bad", "email")
diff --git a/frontend/apps/web/node_modules/.vite/vitest/results.json b/frontend/apps/web/node_modules/.vite/vitest/results.json
index a90827b..65972cf 100644
--- a/frontend/apps/web/node_modules/.vite/vitest/results.json
+++ b/frontend/apps/web/node_modules/.vite/vitest/results.json
@@ -1 +1 @@
-{"version":"1.6.1","results":[[":src/hooks/useTimer.test.ts",{"duration":3,"failed":false}],[":src/services/session.test.ts",{"duration":3,"failed":false}],[":src/services/adminQuestions.test.ts",{"duration":2,"failed":false}],[":src/routes/Home.test.tsx",{"duration":97,"failed":false}],[":src/components/AppShell.test.tsx",{"duration":45,"failed":false}],[":src/routes/Profile.test.tsx",{"duration":118,"failed":false}],[":src/hooks/useAuth.test.ts",{"duration":2,"failed":false}],[":src/services/validation.test.ts",{"duration":2,"failed":false}],[":src/routes/Results.test.tsx",{"duration":31,"failed":false}],[":src/routes/Game.test.tsx",{"duration":92,"failed":false}],[":src/routes/AdminQuestions.test.tsx",{"duration":112,"failed":false}],[":src/routes/Leaderboard.test.tsx",{"duration":94,"failed":false}],[":src/services/api.test.ts",{"duration":3,"failed":false}]]}
\ No newline at end of file
+{"version":"1.6.1","results":[[":src/hooks/useAuth.test.ts",{"duration":2,"failed":false}],[":src/services/session.test.ts",{"duration":4,"failed":false}],[":src/services/adminQuestions.test.ts",{"duration":1,"failed":false}],[":src/hooks/useTimer.test.ts",{"duration":3,"failed":false}],[":src/services/validation.test.ts",{"duration":2,"failed":false}],[":src/services/api.test.ts",{"duration":2,"failed":false}],[":src/routes/Home.test.tsx",{"duration":96,"failed":false}],[":src/routes/Profile.test.tsx",{"duration":111,"failed":false}],[":src/components/AppShell.test.tsx",{"duration":42,"failed":false}],[":src/routes/AdminQuestions.test.tsx",{"duration":113,"failed":false}],[":src/routes/Leaderboard.test.tsx",{"duration":89,"failed":false}],[":src/routes/Results.test.tsx",{"duration":31,"failed":false}],[":src/routes/Game.test.tsx",{"duration":98,"failed":false}]]}
\ No newline at end of file
diff --git a/frontend/shared/ui-components/node_modules/.vite/vitest/results.json b/frontend/shared/ui-components/node_modules/.vite/vitest/results.json
index 1c264b3..9363636 100644
--- a/frontend/shared/ui-components/node_modules/.vite/vitest/results.json
+++ b/frontend/shared/ui-components/node_modules/.vite/vitest/results.json
@@ -1 +1 @@
-{"version":"1.6.1","results":[[":src/components/ResultsCard.test.tsx",{"duration":63,"failed":false}],[":src/components/LeaderboardTable.test.tsx",{"duration":28,"failed":false}],[":src/components/Timer.test.tsx",{"duration":25,"failed":false}],[":src/components/GameCard.test.tsx",{"duration":33,"failed":false}],[":src/components/HintButton.test.tsx",{"duration":83,"failed":false}],[":src/utils/timer.test.ts",{"duration":2,"failed":false}],[":src/components/AttemptIndicator.test.tsx",{"duration":21,"failed":false}],[":src/components/ThemeBadge.test.tsx",{"duration":18,"failed":false}],[":src/components/ScoreDisplay.test.tsx",{"duration":17,"failed":false}],[":src/components/AnswerInput.test.tsx",{"duration":34,"failed":false}]]}
\ No newline at end of file
+{"version":"1.6.1","results":[[":src/utils/timer.test.ts",{"duration":1,"failed":false}],[":src/components/AttemptIndicator.test.tsx",{"duration":22,"failed":false}],[":src/components/ResultsCard.test.tsx",{"duration":64,"failed":false}],[":src/components/ThemeBadge.test.tsx",{"duration":19,"failed":false}],[":src/components/ScoreDisplay.test.tsx",{"duration":19,"failed":false}],[":src/components/Timer.test.tsx",{"duration":28,"failed":false}],[":src/components/GameCard.test.tsx",{"duration":34,"failed":false}],[":src/components/LeaderboardTable.test.tsx",{"duration":30,"failed":false}],[":src/components/AnswerInput.test.tsx",{"duration":38,"failed":false}],[":src/components/HintButton.test.tsx",{"duration":74,"failed":false}]]}
\ No newline at end of file