DotNet-201-ElevenNote
  • Introduction
  • ElevenNote (Parts 1-11)
    • Part 1: Setup
      • 0.0: Intro
      • 1.0: ElevenNote.WebMVC
      • 1.1: ElevenNote.Data
      • 1.2: ElevenNote.Models
      • 1.3: ElevenNote.Contracts
      • 1.4: ElevenNote.Services
      • 1.5: ElevenNote.Tests
    • Part 2: Identity Model
      • 2.0: Identity Model
      • 2.1: Entity Framework, References, Using Statements
      • 2.2: Identity Models Setup
    • Part 3: Database Setup
      • 3.1: Data
      • 3.2: Annotations
      • 3.3: Database and Connection String
      • 3.4: Guid Info
      • 3.5: Migrations
      • 3.6: Types
      • 3.7: Password Information
    • Part 4: NoteListItem
      • 4.0: MVC Intro
      • 4.1: Note Controller
      • 4.2: NoteListItem Model
      • 4.3: Index View
    • Part 5: NoteCreate
      • 5.0: NoteCreate
      • 5.1: NoteCreate Model
      • 5.2: Create View
      • 5.3: Change NoteCreate Model
      • 5.4: Create [Post] Method
      • 5.5: Navbar Addition
    • Part 6: NoteService
      • 6.0: NoteService
      • 6.1: NoteController Changes
      • 6.2: QuickWatch & Data
    • Part 7: Create Refactor
      • 7.0: CreateRefactor
      • 7.1: Validation Messages
    • Part 8: NoteDetail
      • 8.0: NoteDetail Model
      • 8.1: Detail View
      • 8.2: URL and Routes Discussion
    • Part 9: NoteEdit
      • 9.0: NoteEdit Model
      • 9.1: NoteEdit View
    • Part 10: NoteDelete
      • 10.0: NoteDelete
    • Part 11: DateFormat
      • 11.0: DateFormat
  • Star! (Part 12)
    • Part 12: Add Star Option
      • 12.0: Add Star Option
      • 12.1: Star Setup
      • 12.2: Star API
  • Notes and Tips
    • 0.0: Notes about Files, Saving, and Git
    • 0.1: Tips
    • 0.2: Resources
  • ElevenNote API (Parts 13-19)
    • Part 13: API Intro
      • 13.0: API Intro
      • 13.1: Test Login
      • 13.2: SSL
    • Part 14: WebAPI
      • 14.0: WebAPI Setup
      • 14.1: Testing with Postman
    • Part 15: API Controller
      • 15.0: API Controller
      • 15.1: Test Getting Notes in Postman
    • Part 16: Http Methods
      • 16.0: Http Methods
    • Part 17: Testing Endpoints
      • 17.0: API Documentation
      • 17.1: Test GetById
      • 17.2: Test Post
      • 17.3: Test Update
      • 17.4: Test Delete
    • Part 18: Swagger
      • 18.0: Swagger Setup
        • 18.0a: Swagger Config
      • 18.1: Test with Swagger
    • Part 19: PostMan Tips
      • 19.0: PostMan Tips
Powered by GitBook
On this page
  • Test the URL
  • Test the Login URL
  • Test the [ValidateAntiForgeryToken]
  1. ElevenNote API (Parts 13-19)
  2. Part 13: API Intro

13.1: Test Login

Previous13.0: API IntroNext13.2: SSL

Last updated 6 years ago

In this section, we begin Postman testing with the login page.

Test the URL

You may want to work on another branch

  1. Make sure ElevenNote.Web is still the startup project

  2. Run the app and log off if you're logged in

  3. Copy the URL localhost:XXXXX

    • XXXXX stands for whatever number your port is in the address bar

  4. Open Postman

  5. Close the window that comes up

  6. Paste the URL, set the request to POST and press Send

Test the Login URL

  1. Login in to your ElevenNote app

  2. Back in Postman, add /Account/Login to the URL and make sure the request is set to POST

  3. Click on the Body tab, select x-www-form-urlencoded, and add the three key/value pairs as shown below:

  4. You should get a 500 Internal Server error. Error codes are explained in section 19.

  5. Looking at the response, it seems we need a token to log in.

  6. Stop the app

Test the [ValidateAntiForgeryToken]

  1. Open ElevenNote.Web -> Controllers -> AccountController

  2. Comment out [ValidateAntiForgeryToken] above the login method

  3. This is temporary, we'll change it back

     [HttpPost]
 [AllowAnonymous]
 //[ValidateAntiForgeryToken]
 public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
 {
     if (!ModelState.IsValid)
 }

  4. Run the app and login

  5. Go to Postman and hit Send again with the same request

  6. You should get 200 OK

  7. DO THIS IMMEDIATELY: Stop the app

  8. Un-comment [ValidateAntiForgeryToken], restart the app, and login.

  9. Retest in Postman, you should get the 500 error again.

  10. Stop the app

Next, we'll add SSL for release builds.

500
OK Postman
Postman
Postman Login