I get a 403 while using Cypress custom commands to login into a webpage I’m testing.
If I log in manually, it doesn’t returns any kind of error, but with Cypress I always get the same state:
“403 Forbiden
Login Failed: Unable to find a valid CSRF token. Please try again.
Request ID: f88dd507-22e4-4776-9113-d2e5fbc3f8ec”
Gladly, there’s a “Login” button at the page that allows me to continue:
So, I think I must create a test with any cookies used at the moment of the login to bypass this issue?
Here’s the test I’m doing:
Cypress.Commands.add('login', (email, password) => {
cy.session([email, password], () => {
cy.visit('baseURL')
cy.get('[data-test="email"]').type(email);
cy.get('.has-right-element').type(password)
cy.get('button[type="submit"]').click()
cy.get(':nth-child(2) > form > .button').click() // The "Login" button at the 403 error
})
})
Nothing out of the ordinary.
I’ve also used another one to capture the cookies that are being used at the moment of the login:
Cypress.Commands.add('loginAndSaveCookies', (email, password) => {
cy.visit('baseURL')
cy.get('[data-test="email"]').type(email)
cy.get('.has-right-element').type(password)
cy.get('button[type="submit"]').click()
cy.get(':nth-child(2) > form > .button').click()
cy.getCookies().then((cookies) => {
cy.writeFile('cypress/fixtures/cookies.json', cookies)
})
})
Here are the cookies that are being sent:
[
{
"name": "_oauth2_proxy_csrf",
"value": "sxvnE7akcD26gzrK2N8w3q0EENUsPIxBTPNbbI6QxvLBSSJ6ufkmSeOwST3vEkBqOt9R_O1-XGcSX7w0GynDLLoW6x4e5JEo6noGBBUEiUPNotwrRb5b9PE=|1710311225|AjqwRehQxbfOul4wQTmj2_F9C2NSdtgJZ3K5prAxEso=",
"path": "/",
"secure": true,
"hostOnly": true,
"httpOnly": true,
"expiry": 1710312125,
"domain": "webpage being tested",
"sameSite": "lax"
},
{
"name": "_oauth2_proxy",
"value": "8uThtxIW4Mkrw2KtjHvPXAMUKtqUeYeK4SHWm8CBuvFSg50UDx84-Iec26tJhlO0W40hbGV-nCLLL2ZyZb14YTce8XvV7-9CrzLriMeGFCcFve3ytzhYS5CpmjsSKcrMqq_35YvL8iHkU5YrhCj132e2EGt-X_HQY4y0Z46f9ch1Y1U6DZ7q_lefEhBoGCBqQiwGM0-EWJ0oVaCMpTVxObSZhAlegZWfYpWzrNJqgm0zlChADbobsnyLBn72Gi4_kO0gUa5eEdhCyhFysxC9yDH8XS3bUtmch7bRJ9vVU8ZjbshwWdISfyf1hyf02M2Sir53a0GJmFua_N9r9m6tzBJvSCza7YddBeBZ9sckd0iL9Ij51E_QIRl8MeFDUTWkw_uH2yrBWeWpa-OK54jlpkrTOAA0Apt1FZD_PljVAOc2ikzyXhaxD35VvRI6pORkhvErJ3pGqS25ufbWFrHG5TaQPnNmY9IyQZRR658mD4sLJ4OqQVWbAUX8tFhf-Td73RMFi5aMm8thjMj1bz8QAKcao2HbAvwV_KMNacVn487joQ6Q9ZnT-tQkqVOn95ED5nx08497qPtJ8Q9LacOyel1hVudFpTxUssJDEpgRUEWRJo4s_G2utiURi0zbQ56UT1aJrWZgwawMyBLcmACj7UU06MOaKW6HfQvHsmXilHdFIWIyiNe2aaPJ-Z9hngTXkDPdmXFSB2UMrNBuF0IoW9jgyooucHWRVB4bVtBmT0RCXrLtyLKMyplAuwNFUjUllDsM8D19eeAvQA-7QlwpD4EucLsy8Mfp6naYXT1aUSOFw7rlS_-nV_3o2p_Ph7CZ0Mf-yHz7oG3cbb0r7IqlnPIKP9_1hn_3ZpsM0zvhzeaUBj6M5FUZMeJIDd8kCL5s-ZXsuZFzPYcgFqK6q3T0OiJalYwEawesP_MJ-f0MNhPXWgIJJ3PV7NJp09NszVX6iZrdhVTBbdgaOVXKtWF_amwPD5oM0BfhzXPAjdRIDMSy-ohOi-0Y7c_xWdPE-kPWbdyF5Z88kTLA_BuDCLgA_k5NHfdi1Hq6io9Gtgu8UKHSMxpuORDGvCu2L38OQnIk_EPYEJ8BaaFDyMDjqdY-LwCuhRjf1p_d7p4Cx6sM9odq6PEtCXuj-d82PsNo9V_LSIOdW-0ZgEFdjaVr5W_qbqkyFJ3KK0e3jugwF9PS75rL2ms-h5gD3AGGHISZeh9h2yD61QKqyK2fnpPCZvif5RDLOfAupCIou-HEPhxc8uHCulpgtayx8_ybOW0IDwpc34yarJXsb3EXnu-5gdHpgyUH6OdknWgyTydYqxslRm0zRMn3naFiIBEV-szxYoUB-kiQd0Fl8LATwrdxK4XV6qPEnCGGO0Vq4jrpfk5CU9C2Ixx9N2KTtwfqnV0nT-h3qL_G3q83WwwbB8x501p6d8L-kmnQPPWHotqeiOnA3KNTbB3iLJS-UloK9K5dmtE2ko__KdbsFlmHvLTGOjS8BLbJLfE6HwPO7s2B_VlwhpHtpj1PFRTOn32S8kdJCkyW2Ti9O2kTcmtS-kG-_xCZE6WahCJYzJcNg-gok1XjZLuTffjq8O1d1J-isEkUMjlwGMbC5689g-200UJb0CXiXaHOkkh0CryBxR_Kgpw_OfCWja8eysdjDbdIULai821Hgg3W_6abibQNscpmzFwyVrpBvl1gpJZNbKBloNEabBu1gqWaTccTCv7nPk2sCkTIbqAwx3B_LP2Q71-R0yZJoGlQftptUnE15OzEVXLOKl-YlTn9zhtfpdtgO_JF0f-EUpty2cQ2cNJ5qbIliIJUOkTyQqP6_D6N2FIAgnaHkDX0kR9fZK6tgrQDIlUly_noM2s0-rvy7Dar6Fhn2AzbF9c5GzzSkGOPoK2dM6N0zZenIw7fXV2R-FSNv5_nz3KPiN3Rowm2_AWPCmo9xtQVjqQku0Yo29ic5q5sqkjGPdV04cq4eFen6olpxB6M1Sw1PIvMgZXOOUtEQOB3GB_x_VIe9LyAvHKYnVVPc5WQbaK_posY-Nr9nN8vT4mFqajdD4gVRLRD5dqt-I0DUOLHgco3sBONPQRvk-ansl1NGhOfm7AvU8jQ0PDWKtqpR1TXGy2yjfhmN0vkaHDb3LzjwJ2YLbfhMBjW3gfVao-7XQqmJzVWU1MHWynG1MFKYm8kLVeXHL6BbQxym8MuB67sXuUyGGigbnGI9W-jflvs6Zu7DWzqYbhtgp6Y71CUIRfKVrPfvaLn02GrAOZgqp_61MTeQ2D7DDlMrM9G9ctZy7jHzPiYkYc-T0py6-eEGBOdO3bCGmSBbPLWB3biz43CxRngB0byusBISQyMQSli87mo|1710311226|tzcI0q_ZL29dYQfhGq8eotRiaxyNO9qedY5wWbracdY=",
"path": "/",
"secure": true,
"hostOnly": true,
"httpOnly": true,
"expiry": 1710916026,
"domain": "webpage being tested",
"sameSite": "lax"
}
]