Contents: Guide
I. Introduction
The testing industry is getting more and more complicated now. If you don’t know how to do interface testing, it seems that you can’t get your resume, but many friends will have a headache: how to get started with interface testing? Which one should learn from so many interface testing tools?
In fact, interface testing tools are like chopsticks for eating. Whether it is wooden chopsticks, bamboo chopsticks or metal chopsticks, as long as you know how to hold chopsticks, changing a pair of chopsticks is just a matter of spending some time getting familiar with the feel of the chopsticks.
So any interface testing tool can be used by analogy and use other tools to complete interface testing
When doing interface testing, when some interfaces request data from the background, it is necessary for the user to log in before the data can be returned.
Taking the e-commerce platform as an example, the user's personal center, user's order list, user's payment information, etc., all data in the user dimension need to be logged in.
It is mainly to explore the situation where login authentication is required during interface testing
2. Interface test
For example, there is now an interface to obtain the order list, and the user needs to log in to obtain the data.
The test steps for this interface can basically be divided into:
Packet capture -> postman construction request -> complete test
Three, grab bag
Use any packet capture tool, or simply open the browser F12 directly to open the debugging tool to capture packets
Example 1: Use Charles to capture packets
Find the Headers under Contents, you can see the format of the request (GET), the domain name and path of the interface, request parameters, etc., as well as the cookie information we need to use. These are the Headers information of the HTTPS request.
Switch to the cookie, and you can see that there are many keys and key-corresponding contents in the cookie. If you are interested, you can study
Example 2: Use browser F12 to capture packets
The method is similar, but also check the headers information of the request and find the cookie
Four, postman construction request
open postman
Create a new GET request and enter the request URL
Construct the headers of the request, just copy them according to the headers of the packet capture
Add cookies, copy and paste a large section of packet capture cookies
All is ready except for the opportunity. Click send to
see that the HTTP request status code is 200, and the return value of the background interface is successful, indicating OK
5. Other login authentication methods
Of course, in addition to the above method of constructing request headers, postman also provides other login authentication methods
Look at the list below:
When postman constructs a request, there is also an Authorization module that can be selected. You can see that there are 12 authentication methods to choose from in the type.
Check out the official document: https://learning.postman.com/docs /sending-requests/authorization/
Let's take the most commonly used example:
Basic auth: basic authentication
Basic authentication involves sending an authenticated username and password with the request. In the Request Authorization tab, select Basic Authentication from the Type dropdown
Enter your API login details in the Username and Password fields - for extra security you can store them in variables
In the request headers you will see that the Authorization header will pass to the API a Base64 encoded string representing your username and password values appended to the text "Basic"
As shown below:
For other login authentication methods, you can go to the official documentation of postman, so I won’t repeat them here
6. Summary
Each request
post, get, put, delete is often these four request methods
200, 201 created successfully
302 returns 302, which means that the server needs to redirect to another address
It's like returning 302 when the login is successful and then jumping to the home page
400 The server cannot understand the client, 401 requires the user's ID and password, 403 The server rejects the entire request of the client, 500 The internal request of the server is wrong