Contract Fake Store: проверка unauthorized login
Ср.CheckoutAPI
Задача
Run GET /_api-sandbox/products/1 -> GET /_api-sandbox/carts/1 -> POST /_api-sandbox/auth/login and validate each step
Успех
- Use Playwright request fixture/context for every API call
- Keep traffic on /_api-sandbox only
- Run strict order: GET /_api-sandbox/products/1 -> GET /_api-sandbox/carts/1 -> POST /_api-sandbox/auth/login
Правила
- No local mocks or off-target HTTP calls
- No reordered flow steps
- No status-only assertions for login
Мутация
- Read steps remain required before login
- Unauthorized login semantics are graded strictly
Подсказка 1
• Действие: send GET /_api-sandbox/products/1 • Действие: send GET /_api-sandbox/carts/1 • Действие: send POST /_api-sandbox/auth/login
Подсказка 2
• Проверка: assert 200 (or another 2xx) response • Проверка: assert payload has numeric id • Проверка: assert payload contains id and non-empty products array
Подсказка 3
• Проверка: assert status 401 • Проверка: assert body contains "incorrect"