Menu
I am a bit confused while trying to get Postman to work when testing the API of my application. Namely, I am using Passport authentication; however, I do not know which type it defaults to or uses in my code. How can I figure this out and which type should I choose in Postman?
Here is the relevant Passport code:
var login = require('./login');
var signup = require('./signup');
var User = require('../models/user');
module.exports = function(passport, path, nodemailer, sesTransport, EmailTemplate, templateDir, template){
// Passport needs to be able to serialize and deserialize users to support persistent login sessions
passport.serializeUser(function(user, done) {
//console.log('serializing user: ');console.log(user);
done(null, user._id);
});
passport.deserializeUser(function(id, done) {
User.findById(id, function(err, user) {
//console.log('deserializing user:',user);
done(err, user);
});
});
// Setting up Passport Strategies for Login and SignUp/Registration
login(passport);
signup(passport, path, nodemailer, sesTransport, EmailTemplate, templateDir, template);
}
Lastly, pretty much all of my API points only work when the user is logged in. How can I emulate the same behavior in Postman by saving the authorization credentials?
Edit:
Perhaps this code is relevant as well:
module.exports = function(passport){
passport.use('login', new LocalStrategy({
passReqToCallback : true,
usernameField: 'email',
passwordField: 'password'
},
function(req, username, password, done) {
// check in mongo if a user with username exists or not
User.findOne({ 'email' : username },
function(err, user) {
// In case of any error, return using the done method
if (err)
return done(err);
// Username does not exist, log the error and redirect back
if (!user){
console.log('User Not Found with username '+username);
return done(null, false, req.flash('message', 'User Not found.'));
}
// User exists but wrong password, log the error
if (!isValidPassword(user, password)){
console.log('Invalid Password');
return done(null, false, req.flash('message', 'Invalid Password')); // redirect back to login page
}
// User and password both match, return user from done method
// which will be treated like success
return done(null, user);
}
);
})
);
var isValidPassword = function(user, password){
return bCrypt.compareSync(password, user.password);
}
}
623
With a request open in Postman, use the Authorization tab to select an auth type, then complete the relevant details for your selected type. The correct data values will be determined by your API at the server side. If you're using a third party API, refer to the provider's documentation for any required auth details.
To set up your test, go to the request in Postman that you need to authenticate and click on the Authorization tab. On that tab there is a Type dropdown where you can select the type of authorization your API uses. Select Basic Auth from there. This header is how your username and password are given to the server.
I don't have a code that runs local auth strategy but I think the following postman setup should work for you.
To request for an access token; assuming your endpoint is auth/local.
See token request screenshot below:
The response will come back with an access_token.
To use the access_token simply create a HTTP request and in the HEADER tab, add the key Authorization followed by a value of "Bearer
See use token request screenshot:
78
I use this and it works fine in postman. After getting response of access token under the Authorization tab. select "Bearer Token" from "Type" drop-down. and Token with field will appear on right. enter the access token.
This works fine with Laravel REST APIs.
Check Screen Shot Postman Auth Token passing
36
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
