Auth Login Test

[00:00:00]
>> Speaker 1: Let's see, how about we test for a lock-in scenario So let's go back to our off test We'll make a new describe here And we'll say let's do a POST to /APIs/login

[00:00:00]
Let's test it should log in with valid credentials And you'll want to get rid of that "it" on line 34 Nice, good catch So it should log in with valid credentials

[00:00:00]
Now we want to create that test user We'll say testUser equals a way to create that test user I'll just use whatever it gets back here and then credentials will be testUser.email and testUser.rawPassword

[00:00:00]
Let's make the request Response equals await request.post('/api/off/login'), and then we'll send up these credentials I expect a 201 (technically it should be a 201, so I'll put that)

[00:00:00]
Then some more assertions: we can expect the response body to have a property message - though I won't check against specific strings We'll also expect the body to have a property 'user', and definitely a 'token' - otherwise I'm not really signed in, am I

[00:00:00]
And we'll ensure it doesn't have a password Cool, that one passed Interestingly, the default response is 200 if you don't specify otherwise

[00:00:00]
That's why when I used JSON, it defaulted to 200 This is why you test things For every route you test, it's pretty straightforward: what route are you testing

[00:00:00]
What do you need to send What do you expect to get back from the response object That's really it This won't cover side effects, because side effects are things you're not waiting for a result from

[00:00:00]
You're just testing that the side effect got called For routes that need authorization, you just pass the token in the header, just like we do in Postman

[00:00:00]
Everything else remains the same I'm satisfied with showing this amount of testing Everything else is mostly just the same and repetitive, so let's move on to deployment.