Test Auth Protection
This section explains how to verify that your authentication checks are configured correctly.
Tests not working?Need help? Contact our team, and we will work with you directly to resolve the issue.
The previous steps added authentication checks to protect specific frontend routes, components, and backend endpoints. Run the following tests to verify that these protections work as expected.
Test 1: Verify Frontend Blocks Unauthenticated Access
Protected frontend routes and components should prevent unauthenticated users from accessing restricted content. To verify this behavior, complete the following steps:
- Start the logout flow by entering the URL of your Logout Endpoint, such as (
http://localhost:3001/auth/logout) in your browser's address bar, then press Enter. - After the user is logged out, enter the URL of one of your application's protected routes in the browser's address bar, then press Enter.
- Verify that you are redirected to your application's login page.
Test 2: Verify Backend Blocks Unauthenticated Access
Protected backend endpoints should return a 401 Unauthorized response when a request does not contain a valid session cookie.
To test this behavior:
- Use a tool such as cURL or Postman to send a request to a protected backend endpoint without including a valid session cookie.
- Verify that the endpoint returns a
401 Unauthorizedresponse.
Test 3: Verify Authenticated Users Can Access Protected Pages
Next, test accessing a protected page as an authenticated user. In this scenario, the authentication check should pass, and the user should be able to access the page.
To test this behavior:
- Start the login flow by entering the URL of your Login Endpoint, such as h
http://localhost:3001/auth/login, in your browser's address bar, then press Enter. - Complete the login flow by entering your credentials when prompted.
- After authentication is complete, confirm that you are redirected back to your application.
- Access your application's protected pages.
If the tests above succeed, your authentication checks are working correctly.
Updated 11 days ago
What’s Next
Congratulations! Your application now properly enforces user authentication. But there’s still plenty more you can do with our platform - let’s explore!