--
-- Table structure for table `user`
--
CREATE TABLE `user` (
`id` int(11) NOT NULL,
`username` varchar(45) COLLATE utf8mb4_unicode_ci DEFAULT NULL,
`password` varchar(255) COLLATE utf8mb4_unicode_ci DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
--
-- Dumping data for table `user`
--
INSERT INTO `user` (`id`, `username`, `password`) VALUES
(1, 'tutorial101', 'pbkdf2:sha256:150000$KxxiGerN$4c37a656baa0034035a6be2cd698b5da8b036ae63eef3ab0b08b9c18b9765648');
--
-- Indexes for dumped tables
--
--
-- Indexes for table `user`
--
ALTER TABLE `user`
ADD PRIMARY KEY (`id`);
--
-- AUTO_INCREMENT for dumped tables
--
--
-- AUTO_INCREMENT for table `user`
--
ALTER TABLE `user`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=2;
Username : tutorial101
password : cairocoders
Testing Rest API
REST API Testing is open-source web automation testing technique that is used for testing RESTful APIs for web applications. The purpose of rest api testing is to record the response of rest api by sending various HTTP/S requests to check if rest api is working fine or not. Rest api testing is done by GET, POST, PUT and DELETE methods.
Rest stands for Representational State Transfer. It is an architectural style and an approach for communication used in the development of Web Services. REST has become a logical choice for building APIs. It enables users to connect and interact with cloud services efficiently.
An API or Application Programming Interface is a set of programming instructions for accessing a web-based software application.
API is a set of commands used by an individual program to communicate with one another directly and use each other's functions to get information.
Install the Advanced Rest Client
1. Go to Google Chrome's Web Store
2. Search for "Advanced Rest Client" https://chrome.google.com/webstore/detail/advanced-rest-client/hgmloofddffdnphfgcellkdfbfbjeloo and Install the extension
#app.py
from flask import Flask, jsonify, request, session
from flask_mysqldb import MySQL,MySQLdb #pip install flask-mysqldb https://github.com/alexferl/flask-mysqldb
from werkzeug.security import generate_password_hash, check_password_hash
from flask_cors import CORS #pip install -U flask-cors
from datetime import timedelta
app = Flask(__name__)
app.config['SECRET_KEY'] = 'cairocoders-ednalan'
app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(minutes=10)
CORS(app)
app.config['MYSQL_HOST'] = 'localhost'
app.config['MYSQL_USER'] = 'root'
app.config['MYSQL_PASSWORD'] = ''
app.config['MYSQL_DB'] = 'testingdb'
app.config['MYSQL_CURSORCLASS'] = 'DictCursor'
mysql = MySQL(app)
@app.route('/')
def home():
passhash = generate_password_hash('cairocoders')
print(passhash)
if 'username' in session:
username = session['username']
return jsonify({'message' : 'You are already logged in', 'username' : username})
else:
resp = jsonify({'message' : 'Unauthorized'})
resp.status_code = 401
return resp
@app.route('/login', methods=['POST'])
def login():
_json = request.json
_username = _json['username']
_password = _json['password']
print(_password)
# validate the received values
if _username and _password:
#check user exists
cursor = mysql.connection.cursor(MySQLdb.cursors.DictCursor)
sql = "SELECT * FROM user WHERE username=%s"
sql_where = (_username,)
cursor.execute(sql, sql_where)
row = cursor.fetchone()
username = row['username']
password = row['password']
if row:
if check_password_hash(password, _password):
session['username'] = username
cursor.close()
return jsonify({'message' : 'You are logged in successfully'})
else:
resp = jsonify({'message' : 'Bad Request - invalid password'})
resp.status_code = 400
return resp
else:
resp = jsonify({'message' : 'Bad Request - invalid credendtials'})
resp.status_code = 400
return resp
@app.route('/logout')
def logout():
if 'username' in session:
session.pop('username', None)
return jsonify({'message' : 'You successfully logged out'})
if __name__ == "__main__":
app.run()
