Why interface testing is necessary :
Because the work progress of different ends (front-end, back-end) is different, we need to conduct interface testing and verify data for the interfaces that came out at the beginning, as well as some interfaces that need to be called from other companies (banks, Alipay, WeChat, QQ, etc.). From a security perspective, relying solely on the front-end for restrictions cannot meet the security requirements of the system (it is too easy to bypass the front-end). The back-end needs to be also controlled. In this case, verification needs to be done at the interface level. Whether the front-end and back-end transmission, log printing and other information are encrypted and transmitted also needs to be verified, especially when it involves users' private information, such as ID cards, bank cards, etc.
Give two examples to illustrate the application of interface testing:
1. For example, if you create a user in the front part of the web and it prompts that the creation fails, you can actually throw a bug directly at this time. However, if you use the interface to create the user and find that it can be created, you can locate the bug as a front-end problem.
2. If the development progress of your company's front-end and back-end is inconsistent, you can use postman to make an interface first to test these functions.
First, let’s get to know the interface functions of postman:
①: These functions here are very simple. They are all simple English. The literal meaning can be understood without explanation. For daily testing, just use new collection directly, and then add interfaces to the collection.
②: You can create an interface directly here, but this interface does not belong to a collection, so when pressing Ctrl+s, choose which collection to save the interface to.
③: What this represents is to select the test environment. The premise is that you have set up the environment. If it is not set, it will display no environment by default. Generally, I set up the test environment here, such as putting the interface base address in the environment.
④: The fourth part is to choose the request method. I don’t decide which request method to use, but it depends on what is agreed in the interface document. Only by selecting the corresponding request method can you correctly test the interface.
⑤: The fifth part is the interface address, which can also be called a request header. The interface address can be obtained from the interface document or through packet capture.
⑥: The sixth part is the request body. There are various data types in the request body. Choose the correct request body format according to the requirements of the interface document.
⑦: The response body contains the data returned by the interface. The returned content is given by the backend. Similarly, the data in the response body also tests the correctness of the interface.
Postman configures some test environments
1. Configure environment variables, that is, the "no environment" drop-down box
Step 1: Click on the "eye" pattern and click edit
Step two:
2. Configure the token as a global variable, which is the post-processor
Step 1: Add a small piece of code to the Tests of the login interface, obtain the token in the response body and set it as a global variable (the code is for reference only, if you don’t know how, you can ask the developer). The token validity period is generally 10 minutes (you can search on Baidu Take a look at JWT to understand some mechanisms of token). After the time expires, you need to log in again.
The obtained token can be seen in the environment, in the global column:
Step 2: Edit the collection interface set so that the token is applied to the entire interface set. After completing these steps, you only need to log in to the server once and get the token. Within the specified time, all interfaces in the interface set will be It works fine.
Here is an example of an interface test case that configures all environments and executes successfully (for reference only):
①: It represents the test environment. If you do not configure it manually, No Environment will be displayed. The advantage of configuring the test environment is that if there are multiple test servers and some interface sets are common, I can not use it at this time. To modify the URLs one by one in the common interface set, you only need to switch the test environment.
②: Represents the interface address of the interface. I configured the interface base address https://172.16.99.1/api/v1 in the test environment and set the variable name to "url"
③: Represents the request method. The specific method to be used needs to be determined according to the interface document.
④: Represents the request body of the interface. The specific content of the request body needs to be determined according to the interface document.
⑤: JSON represents data format,
⑥: response represents the response content of the interface. Whether the interface is successful or not will be displayed here.
How to deal with simple error reports
This error means that there is no permission. Generally, there are two reasons for this situation. One is because the token has expired. The solution is very simple. You only need to log in again. Another reason is that you got the token, but your interface is not in the configured interface set, so you cannot use the token you obtained. The solution is just to put this interface in the interface set that has been configured with the token.
API convention:
HTTP Method Behavior Convention
GET query request, usually to obtain a single data or all data
POST create request
PUT change request
DELETE delete request
Parameter transfer
GET: URL transfer
POST: Content transfer
PUT: Content transfer
DELETE: URL transfer
HTTP Code
200: The operation is accepted and executed. The specific business status code needs to be further determined based on the return structure.
302: Resource redirection, need to access at a new address.
400: The request is invalid, the request body needs to be checked.
401: Token is invalid or expired.
403: Insufficient permissions. , the token is valid but the permission is less than
500: internal server error
Interface testing is closely related to F12 packet capture. It is recommended to use F12 packet capture in your free time to see some of the returned data, and then cooperate with postman to do interface testing, and you can find many related things.
Attached are screenshots of all the environments I used postman for interface testing:
Finally, I would like to thank everyone who reads my article carefully. Reciprocity is always necessary. Although it is not a very valuable thing, if you can use it, you can take it directly:
This information should be the most comprehensive and complete preparation warehouse for [software testing] friends. This warehouse has also accompanied tens of thousands of test engineers through the most difficult journey. I hope it can also help you!