So far we have written all the positive/happy path test scenarios, in this post, we'll take a look at how we can write a few negative API tests to ensure our APIs are secure and functioning as they should.
Let's take a look at some examples -
Unauthenticated Test
Create a test to ensure the user cannot hit the APIs without being properly authenticated.
it('401 Authentication Failed', async () => {
// sending request without the Authentication Token
const postRes = await request.post('posts').send(data);
expect(postRes.body.code).to.eq(401);
expect(postRes.body.data.message).to.eq('Authentication failed');
});
Validation Failed
Create a test to ensure the user should not be able to create data without passing in the required fields.
it('422 Validation Failed', async () => {
// 'body' is a required field which is not being passed with the data
const data = {
user_id: userId,
title: 'My title',
};
const postRes = await request
.post('posts')
.set('Authorization', `Bearer ${TOKEN}`)
.send(data);
expect(postRes.body.code).to.eq(422);
expect(postRes.body.data[0].field).to.eq('body');
expect(postRes.body.data[0].message).to.eq("can't be blank");
});
Check out this video to see how to implement the above test scenarios:
You can also clone the GitHub repo to access this code
To learn more about API testing, check out my free tutorial series here -
I hope this post helped you out, let me know in the comments below!
Happy testing! 😄
...
Subscribe to my YouTube channel
Support my work - https://www.buymeacoffee.com/automationbro
Follow @automationbro on Twitter
Top comments (0)