There are many cases in which you may need your tests to act on behalf of an authenticated user. For instance, if your Web application provides special functionality for authorized users, you will need your test to authenticate.
There are two popular types of authentication in Web applications
However, the existing testing tools fail to provide full support for both authentication types.
Most testing frameworks have no dedicated handling for the form-based authentication — it is performed by a sequence of regular test actions. Provided that some frameworks share cookies between test runs while others don’t, you may need to either log in or log out in each test manually.
The recent E2E testing tools also have limited or no built-in support for HTTP Basic or NTLM authentication. For instance, Selenium can handle HTTP authentication only with the help of a third-party browser automation tool. Fortunately, things change and new solutions emerge in the E2E testing world.
We at DevExpress have made our own testing framework TestCafe, which provides extensive support for Web authentication. TestCafe supports HTTP Basic and NTLM authentication out of the box. To handle form-based authentication, TestCafe introduces a new concept — user roles. A user role represents an individual user whose account takes part in the test. A user can log in to multiple websites — all the accounts will be associated with the user role. You can change active users by switching between roles with one function call.
In this article, I’ll describe how to perform authentication in TestCafe tests. I’ll also show a real-life example of authenticating on GitHub.
Assume that you need to test an application page that displays data in a table. Regular users can view data, while administrators can also delete individual rows.
Let’s write a test that checks that:
In this test, we have to log in three times and provide the same credentials twice for a regular user.
To simplify authentication operations, TestCafe introduces user roles. A user role is initialized with test actions that log in the user.
We have created two user roles: one for a regular user account and the other one for an administrative account. Now let’s rewrite the test so that it uses roles instead of authentication actions.
We isolated authentication actions and the test now focuses on the test scenario. We also saved several lines of code by switching between roles instead of authenticating one more time.
In this example, we will write a test that logs in to GitHub and checks that the authentication was successful.
First, let’s create a page object.
The LoginPage
class describes the GitHub login page with two inputs for credentials and the Sign in
button.
After we described the login page, we can create user roles.
These user roles are initialized with test actions that enter user credentials and click the Sign In
button.
Now let’s add a page object for the GitHub home page. We will use two elements in our test: the avatar and the drop-down menu header.
Finally, we can write a test that authenticates via user roles. Then, it checks if the drop-down menu invoked by clicking the avatar displays the correct user name.
To log in to a website protected with HTTP Basic or NTLM authentication, provide your credentials to the httpAuth
method. You can specify these credentials for the entire fixture or individual tests.
NTLM authentication requires additional parameters: the domain and workstation names. You can pass them to the httpAuth
method. If you omit them, TestCafe will automatically use the current machine's domain and workstation names.
In this article, I have shown how TestCafe performs authentication to the tested webpage. TestCafe supports HTTP Basic/NTLM authentication out of the box and provides user roles to handle form-based authentication.
Refer to the TestCafe documentation to learn more about user roles and HTTP authentication. If you have questions regarding TestCafe, visit our forum. To report a bug or leave a suggestion, go to our GitHub page.
If you have already tried TestCafe authentication, please share your experience in the comments.