diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
new file mode 100644
index 0000000..5b20293
--- /dev/null
+++ b/.github/workflows/test.yml
@@ -0,0 +1,71 @@
+name: Test
+
+on:
+  push:
+  pull_request:
+    branches: [main]
+  workflow_dispatch:
+
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        python-version: ["3.12"]
+        poetry-version: [latest]
+        os: [ubuntu-latest]
+    
+    runs-on: ${{ matrix.os }}
+
+    services:
+      postgres:
+        image: postgres:latest
+        env:
+          POSTGRES_DB: test_db
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+    
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-python@v5
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install and configure Poetry
+        uses: snok/install-poetry@v1
+
+      - name: Install project
+        run: poetry install
+
+      - name: Set env variables for pytest
+        run: |
+          echo "DB_USER=postgres" >> $GITHUB_ENV
+          echo "DB_PASSWORD=postgres" >> $GITHUB_ENV
+          echo "DB_HOST=127.0.0.1" >> $GITHUB_ENV
+          echo "DB_PORT=5432" >> $GITHUB_ENV
+          echo "DB_NAME=test_db" >> $GITHUB_ENV
+          echo "SECRET_KEY=$(openssl rand -base64 32)" >> $GITHUB_ENV
+        
+      - name: Verify environment variables
+        run: |
+          echo "Checking if required environment variables are set..."
+          [ -n "$DB_USER" ] && \
+          [ -n "$DB_PASSWORD" ] && \
+          [ -n "$DB_HOST" ] && \
+          [ -n "$DB_PORT" ] && \
+          [ -n "$DB_NAME" ] && \
+          [ -n "$SECRET_KEY" ]
+
+      - name: Run type checking with mypy
+        run: poetry run mypy .
+
+      - name: Run tests with pytest
+        run: poetry run pytest -s tests/
diff --git a/main.py b/main.py
index 374d6d0..676808e 100644
--- a/main.py
+++ b/main.py
@@ -1,5 +1,3 @@
-# ToDo: Add CSRF protection to all POST, download, and sensitive data routes
-
 import logging
 from typing import Optional
 from contextlib import asynccontextmanager
@@ -201,7 +199,7 @@ async def read_terms_of_service(params: dict = Depends(common_unauthenticated_pa
     return templates.TemplateResponse(params["request"], "terms_of_service.html", params)
 
 
-@app.get("/reset_password")
+@app.get("/auth/reset_password")
 async def read_reset_password(
     email: str,
     token: str,