Send Network Requests with Authorization Headers in an Intercepted Request with Cypress
Server may respond differently when providing a response to a logged in user. Usually, a user is identified when an authorization header is sent with the request. With .intercept(), we can dynamically add a header to a request and skip the login process. Server will provide the same response as it would when a user would go through login process.
Instructor: [0:00] In my application, I have an option to log in, so let me do that. When I log in, I can still see the same boards that I have seen before. In addition to that, I can create my own private board.
[0:19] This one will only be visible to me. As soon as I log out, the private board disappears. The server distinguishes between logged-in and logged-out user using an authorization header.
[0:34] When I look into the detail, I can see that the GET API request that I have done earlier, has a request header of authorization. Then, there is this JWT bearer token. This, essentially, identifies me against my server, and then the server responds with all of the boards, including my private board.
[0:58] With .intercept(), what I can do is to add this authorization header into my API board's request. I'll type a function, and then I'll assign request headers authorization, which will equal to this whole long string.
[1:17] Let me copy that and paste it inside my code. I'll close the console and save my test. I can see my private board appearing. Even though I am logged out, this API board's request was sent out with the proper authorization. My server has responded with a list of my boards, including the private board.