My Ruby on Rails application is mostly contained behind a login page. I'd still like to be able to stress test these pages, as they have some heavy database access.
Sending the username and password into a post for my login isn't difficult, but the Authenticity Token keeps changing, which makes my tests unrepeatable.
Is there a way to solve this problem while also maintaining an accurate production-esque environment?
I'd appreciate any help. Thanks!
You can disable authenticity tokens in an environment.
This can be done via an initializer for the environment.
# Disable request forgery protection in test environment
config.action_controller.allow_forgery_protection = false
You could create a new enviroment, say stress which will be identical to your production environment, except for the above.
Otherwise you will need to modify your stress testing application to maintain a session and parse the tokens.
What stress testing software are you using?