Send Network Requests with Authorization Headers in an Intercepted Request with Cypress

Filip Hric
InstructorFilip Hric
Share this video with your friends

Social Share Links

Send Tweet
Published 2 years ago
Updated 2 years ago

Server may respond differently when providing a response to a logged in user. Usually, a user is identified when an authorization header is sent with the request. With .intercept(), we can dynamically add a header to a request and skip the login process. Server will provide the same response as it would when a user would go through login process.

Instructor: [0:00] In my application, I have an option to log in, so let me do that. When I log in, I can still see the same boards that I have seen before. In addition to that, I can create my own private board.

[0:19] This one will only be visible to me. As soon as I log out, the private board disappears. The server distinguishes between logged-in and logged-out user using an authorization header.

[0:34] When I look into the detail, I can see that the GET API request that I have done earlier, has a request header of authorization. Then, there is this JWT bearer token. This, essentially, identifies me against my server, and then the server responds with all of the boards, including my private board.

[0:58] With .intercept(), what I can do is to add this authorization header into my API board's request. I'll type a function, and then I'll assign request headers authorization, which will equal to this whole long string.

[1:17] Let me copy that and paste it inside my code. I'll close the console and save my test. I can see my private board appearing. Even though I am logged out, this API board's request was sent out with the proper authorization. My server has responded with a list of my boards, including the private board.

egghead
egghead
~ just now

Member comments are a way for members to communicate, interact, and ask questions about a lesson.

The instructor or someone from the community might respond to your question Here are a few basic guidelines to commenting on egghead.io

Be on-Topic

Comments are for discussing a lesson. If you're having a general issue with the website functionality, please contact us at support@egghead.io.

Avoid meta-discussion

  • This was great!
  • This was horrible!
  • I didn't like this because it didn't match my skill level.
  • +1 It will likely be deleted as spam.

Code Problems?

Should be accompanied by code! Codesandbox or Stackblitz provide a way to share code and discuss it in context

Details and Context

Vague question? Vague answer. Any details and context you can provide will lure more interesting answers!

Markdown supported.
Become a member to join the discussionEnroll Today