DEV Community

Ondrej Machala
Ondrej Machala

Posted on

Your Login Script Breaks Every 2 Weeks

#playwright #testing #automation #webdev

You wrote a Playwright login script for your screenshot automation. It fills in the email, clicks the password field, types the password, clicks "Sign in."

It worked on Monday. By Wednesday the CSS class changed and the selector broke.

You fixed it. Two weeks later the login page added a CAPTCHA. Script breaks again.

Another two weeks. They added an OAuth consent screen. The login now redirects to a third-party domain. You're maintaining a 60-line login function that breaks more often than the screenshots it's trying to capture.

The alternative: just log in once

Heroshot takes a differnt approach. Instead of scripting the login, you do it yourself in a real browser:

npx heroshot config
Enter fullscreen mode Exit fullscreen mode

This opens a browser. You navigate to your app, log in however you normally would (password, Google SSO, magic link, YubiKey, whatever), and then start picking elements for screenshots.

When you're done, heroshot saves the browser session encrypted:

.heroshot/session.enc
Enter fullscreen mode Exit fullscreen mode

Next time you run npx heroshot, it restores that session. No login script. No selectors to maintain. No CAPTCHA to bypass.

It works with everything

Since you're logging in yourself in a real browser:

  • Username/password? Works.
  • Google/GitHub/Okta OAuth? Works.
  • Magic links? Works (open your email, click the link).
  • 2FA with an authenticator app? Works.
  • Hardware keys? Works.

No login script can handle all of these. You can.

For CI

Export the session key:

npx heroshot session-key
# Output: a1b2c3d4e5...
Enter fullscreen mode Exit fullscreen mode

Add it to your CI secrets:

env:
  HEROSHOT_SESSION_KEY: ${{ secrets.HEROSHOT_SESSION_KEY }}
Enter fullscreen mode Exit fullscreen mode

Now CI can decrypt the session and capture authenticated screenshots without any login flow.

When sessions expire

Sessions don't last forever. When yours expires:

npx heroshot config --reset
Enter fullscreen mode Exit fullscreen mode

Log in again. Done. Takes 30 seconds instead of debugging why your login script failed at step 3.

The real cost

It's not the initial login script. It's the maintenance. Every UI tweak to the login page, every new auth requirement, every provider update. Login scripts are the most fragile part of any automation setup.

Skip the script. Just log in.

Top comments (0)