In this post we are going to discuss the test cases for logout functionality. Every webapp has user account feature that allows sign in and sign out option. When you click on the sign out link cookies gets deleted and session is cleared. This way you get to the public pages and secure private pages remain restricted. This is pretty much is the work of the logout link. It redirects you from the private user only area to the public. Behind the scenes many small changes happen while you log out.
We are going to take a look at those small changes along with the test scenarios. Few things to consider while testing logout feature are – security, accessibility and HTTPS support. Thesse are the things that most of the modern webapps require for safe and accessible usage.
- Is the logout link or button easy to use?
- Does the link or button recognizable?
- Is the link or button easy to find?
- Is the link or button for logout accessible for all users?
- Check the logs for the login and logout session.
- Check if the logs contain multiple IPs for single ID at the same time.
- Check if the logs contain denial of service attack for the login or logout.
- Check if the unauthorized IP makes request for the logout.
- Check if the log has the suspicious activity.
HTTPS Logout Page
Most of the member areas are secured with HTTPS. However we have to test the code in both production and on the release server. So we have to check whether the https remains on both sign in and sign out page. Like sign in page it has to be encrypted as well. The HTTPS certificate has to be genuine and should be easy to verify. It should not be expired while using the the sign in or sign out. Make sure the security service provider for the HTTPS certification is genuine and supports 128 bit SSL connection.
Here are some of the test cases and scenarios for the logout functionality.
- Make sure app allows single sign off from all the devices.
- Make sure app let’s you sign off for multiple accounts.
- Does the app clears cookies after sign off?
- Does the app clears the session for the user after sign off?
- Does the app remembers the username after signoff?
- Does the app takes more time for signoff at different connection speeds?
- Is the sign off link easy to find?
- Is the sign off link or button easy to click?
- Is the sign off link or button positioned as per specification?
- Is the sign off button or link readable?
- Does the power outage retains the session if not signed off?
- Does the sign off functionality requires face recognition or finger print (in case of desktop app)?
- Does the sign off page redirects to the page where it allows login?
- Does the sign off page allows redirection to the home page?
- Is sign off page going to remove the window or tab automatically? (If it’s bank account sign off link)
- Does the sign off button or link works on all devices?
- Is sign off button or link broken after clicked?
These are some of the test cases you can use for testing the sign-off or the logout functionality of the web-app. If it’s desktop app then the working would be slightly different and the test cases will be different too. Hope this post helps you answer some of the questions related to manual testing interview. Do let me know if you can think of additional test cases. I’d appreciate if you share the post on social media. 🙂