# 10 - Postman Prevalence and Examining Endpoints ## Welcome to Postman Postman is a desktop application designed to send and store HTTP requests. It is EXTREMELY useful for API development as it comes with every HTTP option (verb) available. Normally, a browser will only perform `GET` requests unless we send a form, which will then send a `POST` request. However, we don't have anything to click to send these requests. That's why we need postman ## Installing Postman * Head over to and click the big orange download button * Then, run the installer when it finishes downloading and walk through the installation wizard * If postman does not start afterwards, use your operating system's search feature to launch Postman ## Testing Endpoints To test an endpoint we need to run our app. Make sure your environment variables are setup (using the steps in `02 - Chief Configuration`) and your virtual environment is activated. Then run the following command from your projects root directory ``` python run.py ``` If everything goes smoothly you should see the following snippet ![The output of run.py](https://2289778881-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LbPPMDdogM4POiHwAId%2F-LbPPg9qhO4XswC1MXCg%2F-LbPPgl8Q3-U-1k7GS5e%2Fworking_app_terminal_text.png?generation=1554147630560020\&alt=media) ## Sending User Requests Let's send a request to postman to get oriented. Open up postman and you should see the following layout ![](https://2289778881-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LbPPMDdogM4POiHwAId%2F-LbPPg9qhO4XswC1MXCg%2F-LbPPglAhl2TirvzUIn9%2Fpostman_guide.png?generation=1554147630684335\&alt=media) **1** - This is the request type\ **2** - This is the url to the request The `params | authorization | headers | body` tabs are used to choose where in the request data will go in the form of a key-value pair ## Create User This request is pretty simple, Change the request type to `POST` (section 1 in image above), Then add the following url to the url box ``` http://localhost:5000/api/v1/users/ ``` This is the endpoint for our user create function. All `POST` requests will be routed to that function because of the way we decorated it with `user_view.route()`. Now we need to define the `body` of the request. Remember that the User contains email, password, and name attributes. We should probably give this information with the registration. This is how we fake a form, by sending it in the form of HTTP with Postman. To add a body, click they `body` tab, then click the `raw` radio button, then click the `text` drop down menu, and click `JSON(application/JSON)` Then add the following text into the text field underneath ```javascript { "email": "test@test.com", "password": "password", "name": "testuser" } ``` When you hit the **SEND** button you should receive a token as a response from the API ```javascript { "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NTM2OTUzNTEsImlhdCI6MTU1MzYwODk1MSwic3ViIjoyfQ.KZnSLs1wRtcGBCLiskr0YoQH7Ar2w5dQx_O5SoUnrb0" } ``` ## Login Now that we've created a user, we are going to try and *login* to the API. In other words we're going to use our other method of receiving a token, if we already have created a user The Request Method will still be `POST`, but the URL will change to ``` http://localhost:5000/api/v1/users/login/ ``` Change the body of the request to contain just the email and password of the previously created user ```javascript { "email": "test@test.com", "password": "password" } ``` When you hit **SEND,** you should receive another token ```javascript { "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NTM2OTU2NjUsImlhdCI6MTU1MzYwOTI2NSwic3ViIjoyfQ.EOMp7EjNtQKXqh2riiTUaJf25Ta4Id6A7Nf2FLnft00" } ``` ## Get Me The **Get Me** endpoint will return the users profile. We know which users profile to return because we pass the web token that contains the users account validation. Change the request to `GET`, and copy the token without the quotes. Go into the `Header` tab and fill the following spaces ![Paste the copied token into the value field for api-token](https://2289778881-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LbPPMDdogM4POiHwAId%2F-LbPPg9qhO4XswC1MXCg%2F-LbPPglDgJXUHwWcg7O2%2Fpostman_headers.png?generation=1554147630843371\&alt=media) Hit **SEND** and we should see the following response ```javascript { "blogposts": [], "created_at": "2019-03-26T14:02:31.425562+00:00", "email": "test@test.com", "id": 2, "modified_at": "2019-03-26T14:02:31.425569+00:00", "name": "testuser", "password": "$2b$10$nuBH6BHCMaXQLU.8DeXiAugMwVSPVw7fH4EnnxtjpjrBjznoShB4y" } ``` ### Update Me Change the request method to `PUT`, we are still using the same URL and token, and add the following in the `body` field ```javascript { "name": "test update" } ``` We only need to specify the field we want to update Hit **SEND** and you should see the following response ```javascript { "blogposts": [], "created_at": "2019-03-26T14:02:31.425562+00:00", "email": "test@test.com", "id": 2, "modified_at": "2019-03-27T14:00:04.370685+00:00", "name": "test update", // <- This has changed "password": "$2b$10$nuBH6BHCMaXQLU.8DeXiAugMwVSPVw7fH4EnnxtjpjrBjznoShB4y" } ``` ### Get All Users Change the request method back to `GET` and change the URL to `http://localhost/api/v1/users/` Hit **SEND** and you should see an array of users. In our case we only have one, but it will still be in a list format ```javascript [ { "blogposts": [], "created_at": "2019-03-26T14:02:31.425562+00:00", "email": "test@test.com", "id": 2, "modified_at": "2019-03-27T14:00:04.370685+00:00", "name": "test update", "password": "$2b$10$nuBH6BHCMaXQLU.8DeXiAugMwVSPVw7fH4EnnxtjpjrBjznoShB4y" } ] ``` ### Delete User Now we need to test the user DELETE endpoint. Change the request to `DELETE`, and change the URL to `http://localhost:5000/api/v1/users/me`. We don't need a body for this request so just hit **SEND.** We should see a `204 No Content` status code just above and to the right of the response field