Load testing logged in routes in phoenix

5
votes

I'm trying to do load testing for routes that require logging in.

I was previously using https://artillery.io/docs/index.html for logged out routes which worked fine. For logged in routes, I tried calling beforeRequest with a function to set the request headers & body.

config: target: "https://www.mywebsite.com/" phases: - duration: 60 arrivalRate: 50 processor: "test.js" scenarios: - flow: - post: url: "/login" beforeRequest: "setReqBody"

and my beforeRequest looked like this:

function setReqBody(requestParams, context, ee, next) { requestParams.body = {'email': '[email protected]', 'password': 'password', '_csrf_token': window.csrfToken} return next(); }

I am getting an error that window is undefined.

I had a look around to see if there was anything else I could use for load testing phoenix, but didn't have much luck. Is there any other way I can log in & test those routes? Or other dependencies/libraries I can use in order to do this?

2
elixirphoenix-frameworkload-testing
it could be worth asking @hassy-veldstra (creator of Artillery) directly for help on this...nelsonic

2 Answers

4
votes

The issue is that window is not defined in the context that the beforeRequest function runs in (as the code is not running in a browser).

If the CSRF token is included somewhere in the DOM/HTML of the login page, you can grab it first and then include it in the POST request. For example, if the login form had a hidden input containing the CSRF token with name attribute =csrfToken:

scenarios:
  - flow:

    # Get the login page and grab the CSRF token
    - get:
        url: "/login"
        capture:
          selector: "input[name='csrf_token']"
          attr: "value"
          as: "csrfToken"

    # Useful for debugging: check that we used the right selector:
    - log: "Extracted CSRF token: {{ csrfToken }}"

    # Now send a login request:
    - post:
        url: "/login"
        form:
          email: "[email protected]"
          password: "password123"
          _csrf_token: "{{ csrfToken }}"

    # The session cookie will be remembered and reused automatically by
    # Artillery from this point onwards.
1
votes

Consider using Apache JMeter, it has:

See REST API Testing - How to Do it Right for details.