1. Pain point (*)
There are 2 forms of automated testing, interface automation and UI automation. UI automation is often blocked by login nodes, such as verification codes, graphs, sliders, etc., although there are some ways to identify graphics and position sliders, but the success rate is not high, can not be truly automated execution; However, if the automated test of the HTTP interface relies on cookies, it cannot be automatically executed.
a. How to bypass login and realize automatic execution from front-end to back-end
b. In the face of complex login verification, the cookie cannot be directly and automatically obtained, and manual operation is required to log in, and the cookie is time-effective and cannot be used for a long time
This solution will effectively solve the above problems, in the face of complex login authentication and cookie aging mode, you can change short-term cookies to long-term validity, and truly realize UI automation and interface automation relying on cookie authentication.
2. What is a cookie?
A cookie, called session tracking technology, is a small text file that the browser stores on the user's machine. Cookies are plain text and have no executable code. Store some information required by the server, and each time you request the site, a corresponding cookie will be sent, which can be used to identify the user's identity information
3. How to view the expiration time
Open your browser and go to the website where you want to view cookies.
Press F12 to open your browser's developer tools.
In the Debug Tools tab of the developer tools, click the Save button.
In the "Website data" list on the left, click "Cookies".
In the Value list on the right, look at the Expires or Max-Age field for each cookie. These fields show the expiration time of the cookie.
4. Cookie mechanism
The client sends a request to the server --》 The server sends an HttpResponse response to the client that contains the header of the Set-cookie --》 The client saves the cookie, and then when sending a request to the server, the HttpRequest request contains the header of the cookie --The server returns response data
Limitation limit: Each cookie has a time limit, the default validity period is, session level: that is, when the browser is closed, then the cookie is destroyed immediately, but we can also manually set the expiration time of the cookie when storing
5. Cookie duration unlimited extension plan (*)
5-1. Premise
a. The login node has verification mechanisms, such as SMS verification code, graphic recognition, slider and other verification;
b. cookies are time-limited, after which you need to log in again;
c. The same account will not be logged out or logged in on multiple platforms
5-2. Implementation principle
This solution provides an interface through a microservice for automation to call, return a persistent cookie by passing the account, embed this step in the automation process, replace the node that logs in and obtains the cookie, and permanently extend the validity of the cookie, and will not be time-limited, so as to ensure the normal execution of the subsequent automation process in a permanent cycle.
5-3. Core process steps
Step 1: Log in manually, obtain the cookie from the header, and save this cookie and timeliness value on the microservice platform (an account only needs to log in manually, and then there is no need to log in permanently).
Step 2: The microservice platform persistently stores this account, cookie, timeliness value, and associated business interface, and follows up the timeliness value to calculate the polling time, and triggers the polling task execution, the task will carry this cookie to call the business interface, maintain a long session, and hold the process to wait, when the polling time arrives, continue to execute the task execution, hold the process waits again, and continue to cycle to ensure that the session of the secondary cookie is permanently maintained.
Step 3: Before the automated task is executed, the microservice interface is called, a persistent cookie is obtained through the account, and the cookie is carried to perform subsequent automated tasks.
6. Landing case
At present, through the following scheme, the purpose of one-time configuration and long-term use of cookies has been achieved.
Comparison of practical effects
Previously: When UI automation and HTTP interface automation are executed, cookies often expire, and you need to manually log in again and update cookies on the automation platform, which is cumbersome and affects the success rate of automatic execution in the early morning
Now: After using the above solution, you only need to manually configure cookies once on the cookie microservice platform, and you no longer need to update cookies in the future
Article source: Liu Jingjie_JD Technology_https://zhuanlan.zhihu.com/p/617611962