Create an API login mechanism for end-to-end tests to save time
Today all graphical user interface (GUI) automated tests that rely on a user being logged in need to perform the login process through the GUI, which is time-consuming.
It would be good if we could have an endpoint only used for test automation purpose, where we could hit such an endpoint passing a user and a password as query strings (that could be stored as secret environment variables), and this would allow us performing a log in without wasting time doing it through the GUI every time this is needed.
Note: we still would have end-to-end test scenarios for logging in through the GUI, but for all other test scenarios that require the user being logged in this could happen through this faster approach.
Another good reason for doing so is that let's say we have a bug in the login form, where for example, the login button is disabled, but the login logic in the back-end still works, we would have only the login end-to-end scenarios failing, instead of the majority of the tests, which would give us a better sense of what is working, and what isn't.
I have already experimented such an approach in different projects, and in the last one that I have used it, a logging process that would take between 2 and 3 seconds to perform the login through the GUI, would take only around 500ms to do it through an HTTP request call.
Note 2: the same could apply for the creation of other application states if such functionalities are already covered by end-to-end tests, but other test cases rely on them for simply creation of states.
We do not need to login via the browser for every test, we also do not need to login via the UI in the API tests.
Plan
Let's work with the development ~"group::access" to have an API for authentication and use this new login method in ~80% of all the tests in the test suite.
- We will test the login UI screen for tests that only need to test login.
- Use the new API login for all API tests.
- Use the new API login for all tests outside of devopsmanage ~"group::access"