artillery
artillery copied to clipboard
artilleryio
Preserve cookies from `before` into the sceario
Version info: 2.0.0-14
I expect, using before, e.g. to login, the received cookies to be preserved into the scenario.
Instead, the cookies are not present in the scenario.
Usecase: Login once, receive a token (in cookie) and then test the refresh token endpoint.
hi @MickL 👋
Cookies (and any other VU-specific data) aren't propagated from a before section into VU scenarios. Only variables created with capture will be available to VUs. This is by design.
Thanks for the quick response! How may I do a login before a scenario so i can test my refresh token endpoint? I want to test the token refresh without the login.
My idea is to do something like that, what do you think?
const isFirstRequest = true;
export const beforeRefreshTokenHandler: AsyncRequestInterceptor = async (
request: ArtilleryRequest,
context: ScenarioContext,
ee: events.EventEmitter,
next: Next
) => {
if (!isFirstRequest) {
return;
}
// Login
// Set cookie
return next();
}
I have run into a similar problem. In v1.6 I was using a before section to log my VUs into the service I'm testing. I have a tokens object defined in my processor.js file and after each VU logged in the authtoken was stored there with the username as the key e.g.
var token = { "user1": "someAuthTokenHere", "user2": "anotherAuthTokenHere" }
Then I could make the token available like this in my processor file: context.vars["authToken"] = tokens[context.vars['username']];
and reference it in the yml file
headers: Authorization: "Token {{authToken}}"
In version 2 that doesn't work. If I log the token object during the before loop I can see each authToken is assigned to its user, but when I log the token object in the scenarios section, the tokens have disappeared.
Using the before section to setup your users seems like a necessary use case. Otherwise you must login each user every time, and that's not ideal, since load testing your authentication service is not necessarily the goal. I suppose the other option would be to provide an auth token in the csv file, but auth tokens expire, and it's also a security concern.
