diff --git a/tests/__init__.py b/tests/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/tests/test_django_project.py b/tests/test_django_project.py
new file mode 100644
index 0000000..98f7c66
--- /dev/null
+++ b/tests/test_django_project.py
@@ -0,0 +1,145 @@
+import for_runners
+from axes.models import AccessLog
+from bx_py_utils.test_utils.html_assertion import HtmlAssertionMixin
+from django.conf import settings
+from django.contrib.auth.models import User
+from django.test import override_settings
+from django.test.testcases import TestCase
+from django.urls import NoReverseMatch
+from django.urls.base import reverse
+from django_ynh.test_utils import generate_basic_auth
+from django_ynh.views import request_media_debug_view
+
+
+@override_settings(DEBUG=False)
+class DjangoYnhTestCase(HtmlAssertionMixin, TestCase):
+    def setUp(self):
+        super().setUp()
+
+        # Always start a fresh session:
+        self.client = self.client_class()
+
+    def test_settings(self):
+        assert settings.PATH_URL == 'app_path'
+
+        assert str(settings.FINAL_HOME_PATH).endswith('/local_test/opt_yunohost')
+        assert str(settings.FINAL_WWW_PATH).endswith('/local_test/var_www')
+        assert str(settings.LOG_FILE).endswith('/local_test/var_log_django-for-runners_ynh.log')
+
+        assert settings.ROOT_URLCONF == 'urls'
+
+    def test_urls(self):
+        assert reverse('admin:index') == '/app_path/'
+
+        # The django_ynh debug view should not be avaiable:
+        with self.assertRaises(NoReverseMatch):
+            reverse(request_media_debug_view)
+
+        # TODO: https://github.com/jedie/django-for-runners/issues/25
+        # Serve user uploads via django_tools.serve_media_app:
+        # assert settings.MEDIA_URL == '/app_path/media/'
+        # assert reverse('serve_media_app:serve-media', kwargs={'user_token': 'token', 'path': 'foo/bar/'}) == (
+        #     '/app_path/media/token/foo/bar/'
+        # )
+
+    def test_auth(self):
+        response = self.client.get('/app_path/')
+        self.assertRedirects(response, expected_url='/app_path/login/?next=/app_path/')
+
+    def test_create_unknown_user(self):
+        assert User.objects.count() == 0
+
+        self.client.cookies['SSOwAuthUser'] = 'test'
+
+        response = self.client.get(
+            path='/app_path/',
+            HTTP_REMOTE_USER='test',
+            HTTP_AUTH_USER='test',
+            HTTP_AUTHORIZATION='basic dGVzdDp0ZXN0MTIz',
+        )
+
+        assert User.objects.count() == 1
+        user = User.objects.first()
+        assert user.username == 'test'
+        assert user.is_active is True
+        assert user.is_staff is True  # Set by: conf.django_ynh_demo_urls.setup_user_handler
+        assert user.is_superuser is False
+
+        self.assert_html_parts(
+            response,
+            parts=(
+                f'<title>Site administration | Django-ForRunners v{for_runners.__version__}</title>',
+                '<strong>test</strong>',
+            ),
+        )
+
+    def test_wrong_auth_user(self):
+        assert User.objects.count() == 0
+        assert AccessLog.objects.count() == 0
+
+        self.client.cookies['SSOwAuthUser'] = 'test'
+
+        response = self.client.get(
+            path='/app_path/',
+            HTTP_REMOTE_USER='test',
+            HTTP_AUTH_USER='foobar',  # <<< wrong user name
+            HTTP_AUTHORIZATION='basic dGVzdDp0ZXN0MTIz',
+        )
+
+        assert User.objects.count() == 1
+        user = User.objects.first()
+        assert user.username == 'test'
+        assert user.is_active is True
+        assert user.is_staff is True  # Set by: conf.django_ynh_demo_urls.setup_user_handler
+        assert user.is_superuser is False
+
+        assert AccessLog.objects.count() == 1
+
+        assert response.status_code == 403  # Forbidden
+
+    def test_wrong_cookie(self):
+        assert User.objects.count() == 0
+        assert AccessLog.objects.count() == 0
+
+        self.client.cookies['SSOwAuthUser'] = 'foobar'  # <<< wrong user name
+
+        response = self.client.get(
+            path='/app_path/',
+            HTTP_REMOTE_USER='test',
+            HTTP_AUTH_USER='test',
+            HTTP_AUTHORIZATION='basic dGVzdDp0ZXN0MTIz',
+        )
+
+        assert User.objects.count() == 1
+        user = User.objects.first()
+        assert user.username == 'test'
+        assert user.is_active is True
+        assert user.is_staff is True  # Set by: conf.django_ynh_demo_urls.setup_user_handler
+        assert user.is_superuser is False
+
+        assert AccessLog.objects.count() == 1
+
+        assert response.status_code == 403  # Forbidden
+
+    def test_wrong_authorization_user(self):
+        assert User.objects.count() == 0
+
+        self.client.cookies['SSOwAuthUser'] = 'test'
+
+        response = self.client.get(
+            path='/app_path/',
+            HTTP_REMOTE_USER='test',
+            HTTP_AUTH_USER='test',
+            HTTP_AUTHORIZATION=generate_basic_auth(username='foobar', password='test123'),  # <<< wrong user name
+        )
+
+        assert User.objects.count() == 1
+        user = User.objects.first()
+        assert user.username == 'test'
+        assert user.is_active is True
+        assert user.is_staff is True  # Set by: conf.django_ynh_demo_urls.setup_user_handler
+        assert user.is_superuser is False
+
+        assert AccessLog.objects.count() == 1
+
+        assert response.status_code == 403  # Forbidden
diff --git a/tests/test_lint.py b/tests/test_lint.py
new file mode 100644
index 0000000..003dc76
--- /dev/null
+++ b/tests/test_lint.py
@@ -0,0 +1,13 @@
+import shutil
+import subprocess
+from pathlib import Path
+
+
+BASE_PATH = Path(__file__).parent.parent
+
+
+def test_lint():
+    assert Path(BASE_PATH, 'Makefile').is_file()
+    make_bin = shutil.which('make')
+    assert make_bin is not None
+    subprocess.check_call([make_bin, 'lint'], cwd=BASE_PATH)
diff --git a/tests/test_project_setup.py b/tests/test_project_setup.py
new file mode 100644
index 0000000..3e97905
--- /dev/null
+++ b/tests/test_project_setup.py
@@ -0,0 +1,41 @@
+import os
+import shutil
+import subprocess
+from pathlib import Path
+
+import for_runners
+
+
+PACKAGE_ROOT = Path(__file__).parent.parent
+
+
+def assert_file_contains_string(file_path, string):
+    with file_path.open('r') as f:
+        for line in f:
+            if string in line:
+                return
+    raise AssertionError(f'File {file_path} does not contain {string!r} !')
+
+
+def test_version():
+    version = for_runners.__version__
+
+    assert_file_contains_string(file_path=Path(PACKAGE_ROOT, 'pyproject.toml'), string=f'version = "{version}~ynh')
+    assert_file_contains_string(
+        file_path=Path(PACKAGE_ROOT, 'pyproject.toml'), string=f'django-for-runners = "=={version}"'
+    )
+    assert_file_contains_string(file_path=Path(PACKAGE_ROOT, 'manifest.json'), string=f'"version": "{version}~ynh')
+
+
+def test_poetry_check():
+    poerty_bin = shutil.which('poetry')
+
+    output = subprocess.check_output(
+        [poerty_bin, 'check'],
+        universal_newlines=True,
+        env=os.environ,
+        stderr=subprocess.STDOUT,
+        cwd=str(PACKAGE_ROOT),
+    )
+    print(output)
+    assert output == 'All set!\n'
diff --git a/tests/test_utils.py b/tests/test_utils.py
new file mode 100644
index 0000000..a9927a7
--- /dev/null
+++ b/tests/test_utils.py
@@ -0,0 +1,8 @@
+from unittest.case import TestCase
+
+from django_ynh.test_utils import generate_basic_auth
+
+
+class TestUtilsTestCase(TestCase):
+    def test_generate_basic_auth(self):
+        assert generate_basic_auth(username='test', password='test123') == 'basic dGVzdDp0ZXN0MTIz'