Avoiding Login Rate Limits

Reduce redundant logins and prevent authentication rate limits.

Overview

Frequent login attempts during automated testing can trigger rate limits, resulting in test failures and potential account lockouts. DoesQA solves this by letting you authenticate once and share the login session across multiple tests.


1. Create a Parent Test for Authentication

Start by building a dedicated flow that handles the login process. This test will act as your single point of authentication.

Steps:

  • Use DoesQA nodes to navigate to your application's login page

  • Enter valid credentials using form input steps

  • Submit the form to complete the login

This flow should mimic a real user login as closely as possible.

2. Store Authentication Tokens

After a successful login, capture the authentication tokens so they can be reused in other tests.

Steps:

  1. Determine where your application stores authentication data (e.g. cookies, localStorage or sessionStorage)

  2. Use an appropriate DoesQA node to store the token:

    • Store Cookie – Save named cookies like auth_token

    • Store LocalStorage– Save keys from localStorage

    • Store SessionStorage – Save keys from sessionStorage

3. Create the Child Test and Connect It

Before adding the DoesQA Run node to the parent test, make sure the child test(s) already exist. These tests will receive the session values and use them to start in a logged-in state, skipping the login step entirely.

Once the child test is created:

In the parent test:

  • Add an Express → DoesQA Run node

  • Select the child test(s)

  • Pass in the stored values (e.g. auth_token, user_id) as inputs

In the child test(s):

  • Use Set Cookie, Set LocalStorage, or Set SessionStorage nodes

  • Use $ syntax to reference the values passed from the parent (e.g. $auth_token)

  • Begin your test from a logged-in state

  • Run tests assuming an already-authenticated session.


Best Practices

  • Conditional Fallback: Add logic to each child test to conditionally perform a full login if an authentication token isn't passed in.

  • Token Expiry: Make sure tokens are valid for the duration of your test pack.

  • Security: Don’t log sensitive tokens in test outputs.


By centralising login in one parent test and sharing the resulting tokens across test packs, you’ll dramatically reduce redundant login attempts and prevent rate-limit issues in DoesQA.

Last updated