← Back to library
Playwrightauthadvancedv1.20+
Read and assert a cookie
Retrieve cookies from the browser context after login and assert their security flags.
1test('auth cookie is set with correct security flags', async ({ page, context }) => {
2 await page.goto('/login');
3 await page.getByLabel('Email').fill('user@test.com');
4 await page.getByLabel('Password').fill('secret');
5 await page.getByRole('button', { name: 'Sign in' }).click();
6 await page.waitForURL('/dashboard');
7
8 // context.cookies() returns every cookie for the current browser context
9 const cookies = await context.cookies();
10 const auth = cookies.find((c) => c.name === 'auth_token');
11
12 expect(auth).toBeDefined();
13 expect(auth!.httpOnly).toBe(true); // JS must not be able to read it
14 expect(auth!.secure).toBe(true); // must only transmit over HTTPS
15});#cookie#cookies#httpOnly#secure#assert