Test points of login function

Test points of login function , It's more comprehensive , What can't be considered , You can make it up .

Functional use cases ：

1.   Enter the registered user name and correct password , Verify successful login

2.   Enter registered user name and incorrect password , Verification of success failed , And the prompt information is correct

3.   Enter an unregistered user name and any password , Failed to verify login , And the prompt information is correct

4.   Log in with an inactive account , Failed to verify login

5.   Log in with a disabled user , Failed to verify login

6.   Both username and password are empty , Failed to verify login , And the prompt information is correct

7.   One of the user name and password is empty , Failed to verify login , And the message is correct

8.   If the login function enables the verification code function , If the user name and password are correct , Enter the correct captcha , Verify successful login

9.   If the login function enables the verification code function , If the user name and password are correct , Enter the wrong verification code , Failed to verify login , And the prompt information is correct

10. Whether the user name and password are case sensitive

11. Is the password box on the page encrypted 、 Or whether it is necessary to have a code switching button

12. When the user created by the background system successfully logs in for the first time , Do you want to prompt for password change

13. Whether the function of forgetting user name and password is available

14. Whether the front page limits the length of user name and password according to the design requirements

15. If the login function requires a captcha , Click the verification code picture or click change to see if the verification code can be changed , Whether the replacement verification code is available

16. Whether refreshing the page will refresh the verification code

17. If the verification code has timeliness , It is necessary to verify the validity of the code within and outside the timeliness respectively

18. After the user logs in successfully but the session times out , Whether to continue will be redirected to the user login interface

19. Different levels of users , Such as administrators and ordinary users , Whether the authority is correct after logging in the system

20. Whether the default focus of the page is positioned in the user input box

21. Shortcut key Tab and Enter etc. , Whether it can be used normally

22. Check whether the null string is consistent with the input space string

23. Whether the length of characters passed into the back end by using Chinese keyboard and English keyboard is consistent

24. After successful login session Time effective settings for

25. Whether the quick delete button is set in the input field

26. Whether the user name and password support special characters and Chinese

27. The browser's forward and backward buttons , Whether it works

28. After successfully logging out , Click the browser Back button , Can I continue with the operating system

29. Is there a login time limit in the requirement , If so, verify that the time limit is valid

30. Verify the correctness of different login methods ： Sweep code 、 Account and password 、 The third party ……

31. If mobile phone number is supported + Verification code login , Whether the verification code has time limit , Whether the mobile device can directly obtain the verification code

32. Whether the operation error prompt information is simple and clear

Compatibility test case design points ：

1.   Different browsers , Verify the display and function correctness of the login page

2.   Verify the display and functional correctness of the login page under different versions of the same browser

3.   Under different browsers of different mobile devices , Verify the correctness of login page display and function

4.   Different resolutions of the interface , Verify the display and function correctness of the login page

Page test cases ：

1、 Whether the login page displays normally ？ Whether the text and pictures are displayed normally , Whether the corresponding prompt information is correct , Whether the setting and arrangement of buttons are normal , Whether the page is concise and beautiful .

2、 Whether the default focus of the page is located in the user name input box

3、 Whether the corresponding input box is empty when logging in for the first time ？ Or if there is a default copy , Whether the default copy disappears when you click the input box ？

4、 Corresponding buttons such as login 、 Reset, etc , Is it available ; Page forward 、 back off 、 Whether the refresh button is available ？

5、 Shortcut key Tab,Esc,Enter etc. , Whether it can be used

6、 Compatibility test ： Different browsers , Different operating systems , Whether the interface is normal under different resolutions

Security test cases ：

1.   Is the user password stored in the background encrypted

2.   Is the user password encrypted during network transmission

3.   Whether the password has a valid period , After the password has expired , Do you need to change the password

4.   Without logging in , In the browser directly after the entry of URL Address , Verify that it will be redirected to the user login interface

5.   Whether the password input box does not support copy and paste

6.   Whether the password entered in the password input box can be viewed in the page source mode

7.   The user name and password input boxes respectively enter the typical “SQL Injection attack ” character string , Verify the return page of the system

8.   The user name and password input boxes respectively enter the typical “XSS Cross-site scripting attacks ” character string , Verify that the system behavior has been tampered with

9.   In case of multiple login failures in succession , Whether the system will prevent subsequent attempts to deal with brute force cracking

10. The same user logs in on multiple browsers of the same terminal , Verify that the login functionality is mutually exclusive as designed

11. The same user successively logs in on the browsers of multiple terminals , Verify that the login is mutually exclusive

12. Can I remember the password , Remember whether the password is encrypted or not , Remember whether the password is valid , Whether to clear the password after the expiration date

13. Is third party login supported

14. The strength of passwords , Complexity check

15. Remote login verification 、 Replace the device login verification 、 If the login information is abnormal, whether to consider account freezing and deactivation 、 Whether to allow third-party platforms to store passwords

16. Whether you can use the login api Send a login request , And bypass the verification code

17. Whether you can log in directly with the request packet caught by the packet capture tool

18. Intercepted token Etc , Whether it can be used directly on other terminals , Bypass login ,token Expiration time verification

19. Whether there is a security risk after login error

Performance stress test ：

1.   Whether the response time of single user login meets 258 principle

2.   When a single user logs in , Whether there are too many background requests

3.   Whether the response time of user login in high concurrency scenario meets 258 principle

4.   Whether the monitoring indicators of the server in the high concurrency scenario meet the expectations

5.   In the high set point concurrent scenario , Whether there are resource deadlock and unreasonable resource waiting

6.   A large number of users log in and log out continuously for a long time , Whether the server has memory leakage

7. Check whether the anti shake function is added to the input content

8. Add weak network test to the performance test , For example, check under the weak network , Whether the page can be loaded normally , Whether there will be timeout prompt on the page , Is there a reconnection mechanism after network recovery

9. Click the login button several times , Whether it will cause login exceptions ;2、 Operate login when there is no network , Whether the prompt information is correct ;3、 Whether the account and password input boxes support keyboard shortcuts ？（ If revoked 、 Copy 、 Paste and so on ）;4、 When shrinking the browser , Whether the interface display will be misaligned