Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
Coding and testing an authentication API [NodeJs + Cypress]
Rating: 4.3 out of 5(215 ratings)
11,167 students

Coding and testing an authentication API [NodeJs + Cypress]

Creating +Testing An Authentication API Tutorial
Last updated 9/2021
English

What you'll learn

  • How to create the API endpoints
  • How to install and use Cypress
  • How to create a Mongo database for your API
  • How to encrypt passwords
  • How to create negative and positive tests for API flows in Cypress
  • How to make the tests robust and remove code duplication

Course content

1 section20 lectures1h 56m total length
  • Introduction0:48

    Build an authentication API with Node.js that supports user registration and login via a RESTful interface. Learn to test the code with Cypress to ensure changes keep working.

  • Start a Server3:09

    Initialize the project with npm, install express and nodemon, create index.js, and set the app to listen on port 3000 to start and test the server.

  • Register endpoint4:23

    Create a first register endpoint with express router to let users sign up, wiring a post route /api/user/register and integrating routes into the index file.

  • Testing endpoint with Postman and Cypress9:03

    Discover end-to-end API testing for authentication endpoints by using postman for manual requests and Cypress for automated tests, including posting to localhost:3000/api/user/register and validating responses.

  • Updating Cypress to be robust2:47

    Update Cypress tests to ensure the register endpoint returns 200 for an authentication API, then run and inspect reports from the command line and add mongoose to package.json for testing.

  • Creating Mongo DB3:58

    Create a free MongoDB cluster, set up database access, install mongoose, and connect with mongoose.connect using the URI and database name to verify the connection.

  • Hiding username and password in env file3:13

    Install dotenv, load environment variables from a .env file, replace the database connection string with a secret named dbi_conn, reference it via process.env, and add .gitignore to keep it private.

  • Registering out first user11:16

    Create a Mongoose user model with name, email, password and date fields, export it, and implement a register endpoint that validates input, saves the user, and returns the saved record.

  • Add positive and negative test case7:31

    Write and run API tests with positive and negative cases using Cypress in Node.js, practicing unit, integration, and acceptance tests, including boundary value analysis and handling 400 and 200 responses.

  • Making a more robust test3:42

    Strengthen authentication API tests by validating status codes and full response objects (name, email, password) for create user, and discuss measuring code coverage.

  • Removing duplication4:12

    Remove duplication by wrapping tests into a user/register describe block and reusing a register helper to cleanly organize Cypress tests for the authentication API.

  • Add body validation logic8:54

    Implement body validation for user creation with a schema-based validation library, enforcing name, email, and password rules, returning 400 with error details when validation fails and verifying with postman tests.

  • Add creation validation test12:56

    Create a creation validation test for the authentication API in Node.js with Cypress, validating required fields and minimum lengths, and asserting 400 errors with precise messages while avoiding third‑party validation.

  • Extract validation6:42

    Extract validation logic into a separate data validation class to support reusable login validation, and enable Cypress automated tests to rerun on file changes for reliable feedback.

  • Logic to avoid duplicate user creation10:17

    Implement pre-checks to avoid duplicate user creation by validating email existence, return 400 'user email already registered,' and use dynamic GoED-based emails for robust tests.

  • Encrypt a password5:26

    Encrypt passwords before saving to the database, avoiding plaintext storage; implement encryption with a script and npm packages, and verify via tests that encrypted passwords are stored.

  • Add login endpoint5:45

    Build a new login endpoint as a post route, add login validation, verify email exists, compare passwords with bcrypt, and return proper errors (400 for invalid details, 401 for unauthorized).

  • Testing the login endpoint5:02

    Develops a positive test for the login endpoint of the authentication API using Cypress, posting a registered user and validating a 200 response and authentication flow, while keeping tests clean.

  • Add JWT6:33

    Learn how to add a jwt token to login, sign token with a secret, include user id, return token in response header, and set an expiration for secure authentication.

  • BONUS LECTURE!!!0:48

Requirements

  • A Windows or Mac computer
  • IntelliJ installed
  • Postman installed

Description

Have you ever wondered how a login API actually works? Have you ever wanted to learn how to test the login API?

We created this free tutorial to fill this knowledge gap.


I'll walk you through how to:

  • How to create the API endpoints

  • How to install and use Cypress

  • How to create a Mongo database for your API

  • How to encrypt passwords

  • How to create negative and positive tests for API flows in Cypress

  • How to make the tests robust and remove code duplication


This is a tutorial for test automation professionals who already have an understanding of:

  • How APIs work

  • You have basic JavaScript knowledge

  • You want to keep improving in your domain


Prerequisites for the course:

A Windows or Mac computer

IntelliJ installed

Postman installed


So what are you waiting for? Let's jump into the tutorial.


Don't just take my word for it, check out what existing students have to say about my other courses:

“The C# section is taught by someone else, which surprised me, but I think they did a great job at instructing at a beginner level. The Selenium materials are quite comprehensive and the instructor is easy to follow and understand.


“Well I can't explain in words how much am excited after completing this course. The more I was close to completion the more am getting excited. You are a great instructor Nikolay. You don't just taught Selenium but other aspects of being a beautiful coder. Now am pretty confident and can say "Yes" to my clients when they need me to automate the application. Thank you Sir for all the hard work and effort you put in the course. Surely would like to see you in another engaging course!” - Randhawa Verma


Wonderful content and things explained in a nutshell. Overwhelmed by Author's dedication to put things in such a way that any novice or manual tester can follow and understand and definitely be on-boarded as a Selenium Automation Engineer next day at work. Thanks a million times for creating these courses! One Stop for Automation." - Rupashree Geethaaviji Ananthakrishna


“I am familiar with Nikolay from a course I saw on TestAutomation and have the highest regard for him. Glad to see him on Udemy.” - Annamalai Viswanathan


“One Of the Best courses on Selenium With C#. Cheers Nikolay!!” - Saransh Vaid

Who this course is for:

  • A test automation professional who wants to deepen your knowledge with API testing
  • Understand how APIs work
  • Have basic JavaScript knowledge
  • Want to keep improving in your domain