Tips & tricks for development process

Backend

manual API-Tests

For manual API tests that need more functionality than swagger offeres (e.g. using unallowed methods or omitting required fields), httpie is a nice tool.

To get the CSRF-Tokens right, you have to adjust the arguments:

First call any valid endpoint that does not need CSRF validation (e.g. any other than POST or the login POST):

http --json --session /tmp/sess.tmp GET localhost:8000/api/auth/status/


In the response, you will receive the csrftoken as cookie. Append this to all following requests, it is valid for all following requests.

http --json --session /tmp/sess.tmp POST localhost:8000/api/auth/logout/ X-CSRFToken:pL02uEoGGysnujLCThOtMcjnrj8WHeLO






To the extent possible under law, the yunity wiki contributors have waived all copyright and related or neighboring rights to the content of the yunity wiki. More information...


You have an account but can't edit or create pages? Write us in the open chatroom or in our yunity Slack!