Best way to seed users in test database and bypass login

We’re trying to write E2E tests with Cypress, however the Cypress has issues with authorizing with auth0 because the domain changes.

We’re trying to find a way to bypass our custom oauth service (which authenticates with auth0) if the magic credentials are included in a request in the test environment. Ideally the ‘magic’ happens on the server, and does not happen in production.

Does anyone have a simple way to do this? Some searching came up with intercepting the outgoing oauth requests, however we only want to allow two or three users (seeded into the db) the ability to login an establish a session.

Can’t comment on anything related to your custom OAuth service, but as for seeding users in your test database, there certainly is a way.

If you’re running your application in “full application” test mode as described here…

…then you can check Meteor.isAppTest to see if you’re running in full application test mode. If so, you can do some setup specifically for your E2E test fixtures, such as creating users with fixed login credentials.

You could also put that setup code somewhere eagerly loaded in a file with a name matching the pattern *.app-test[s].*, which will only be included in the build if the app is running in test mode.

Not sure if that’s exactly what you’re asking for, but hopefully it’s helpful!

Thanks for the reply @menewman, we’ve have some test fixtures setup.

Do you know how to setup a fixed login if we are only using oauth to get to the login state? Were using the redirect, and then there are some functions setup that get a token (which we could override).

Sorry, it’s hard to really say anything useful since I don’t have a real understanding of your application! In our application, we primarily use password login for acceptance tests, so circumventing OAuth isn’t a requirement for that.

That said, perhaps if you want to log in users from the server side and you’re able to override the code that ordinarily gets an auth token, you could create a login token on the server:

const stampedLoginToken = Accounts._generateStampedLoginToken();
Accounts._insertLoginToken(userId, stampedLoginToken);

…and then send that to the client so that they can use Meteor.loginWithToken to log in without needing to go through OAuth or a password or anything else? (This is all assuming you’re using Meteor accounts, of course.)