-
Notifications
You must be signed in to change notification settings - Fork 6
Tutorial
Firstly be sure Mongodb is running on localhost:27017 for Mongodb installation refer to [https://docs.mongodb.com/manual/administration/install-community/] Then, in a new terminal window, start the MongoDB daemon to start mongodb server.
Download and install iok-express git;
git clone https://github.com/iokloud/iok-express/
cd iok-express
npm install
for running api service you can use one of these commands;
npm start
or
nodemon server.js
Test our secure REST API using Postman REST Client or Curl command. You can install Postman for Chrome extension. Now, open Postman then enters method, address (http://localhost:3000/api/signup) and body parameters for create or signup new user. After click Send button and successfully created a new user, you should see this message.
Next, we have to test if REST API for Thing resource is restricted for the authorized user only. Change method to "GET" and API endpoint to "http://localhost:3000/api/thing" then click Send button. You should see this message on the Postman result.
Unauthorized
To access the Thing resource, we have to log in using previously registered user. Change method to "POST" and endpoint to "http://localhost:3000/api/signin" then fill credentials like below screenshot.
If a login is successful, we should get a JWT token like below.
Just copy and paste the token value for use in request headers of restricted Thing resource. Now, do previous get Thing and add this header.
If you see the blank array in response, then you are authorized to use Thing resources because we have not created any thing. Now, you can do the same thing for posting new Thing.