This is a login method supported by almost all systems at present. This problem is also a problem often encountered during test interviews. There are many solutions, and various methods have their advantages and disadvantages. Let’s discuss them next.
If you want to think about this problem clearly, in fact, the key point is to first think about the process of logging in with your mobile phone number and verification code. The process is clear, and the solution is clear.
The first step: the process of logging in with the mobile phone number verification code:
- Enter your mobile phone number on the page and click to get the verification code
- The backend receives the mobile phone number, verifies the correctness of the mobile phone number format, and then calls the SMS gateway to send the verification code. The SMS gateway is only responsible for sending the SMS. The mobile phone number and SMS content to be sent are provided by our system to the SMS gateway. Therefore, our system must store the correspondence between the mobile phone number and the verification code in one place, it may be cached (redis), it may be a database, or it may be elsewhere.
- The phone receives the SMS verification code
- Enter the verification code on the page and click Submit
- The system receives the mobile phone number and verification code of the login request, and then retrieves the verification code of the corresponding mobile phone number in the place where the corresponding relationship between the mobile phone number verification code is saved, and then compares whether the two verification codes are replaced. The replacement login is successful and inappropriate If the login fails, of course the verification code must be effectively integrated
Step 2: Analyze where to solve the problem of automatic login
In fact, the fifth-step verification process is a key step to determine whether we log in successfully, so what are the solutions for the fifth step?
Solution 1: Let the back-end set a universal code, so when logging in, if it is this code, the login is successful by default, which is equivalent to a back door. At this time, you need to confirm with the back-end. Only the designated mobile phone number is the universal code. Effective, this can avoid the loss caused by accidentally sending the universal code to the online environment to the greatest extent.
Solution 2: Let the backend remove the SMS verification code login process, and directly enter the phone number to log in. This way the code changes a lot, and the risk of sending the wrong code online is very high
Solution 3: Obtain the login authentication information by yourself, such as token, and write it into the code so that you can skip the login process. The bad thing is that you have to do it manually every time you run it.
In fact, it can be seen that there are some disadvantages in Option 1, Option 2, and Option 3. It is either that development assistance is needed to modify the code logic, or it is more troublesome to make, and there is a better solution.
Optimal solution: As can be seen from step 2, the verification code of the SMS actually exists somewhere, then we can directly obtain the verification code by operating the database, operating redis, or calling the interface, and then we can enter the correct verification code Code, so there is no need to develop and modify the code, and it is not troublesome, that is, we need a little more knowledge when writing automated scripts, but the effect after running through is better than the previous scheme.
It can also be seen from the above that now automation is not just that we know selenium and appium. In fact, automation must be used well. The skills of code operation database, operation redis, and operation interface also need to be mastered and used flexibly in automation. , There will be a multiplier effect.
The above is a personal understanding. If you have any objections, you can discuss it in the group.