WEBVTT 1 00:00:01.579 --> 00:00:07.020 So, in order to test it, I can run npm run dev here, running that dev script I set up 2 00:00:07.020 --> 00:00:15.620 before, which will start that server, and we can start sending requests to that server, 3 00:00:16.020 --> 00:00:23.360 specifically to slash users, and then there to slash signup, with some user data attached 4 00:00:23.360 --> 00:00:24.840 to signup a user. 5 00:00:26.520 --> 00:00:31.740 Now when it comes to testing REST APIs, there are different ways of doing that, different 6 00:00:31.740 --> 00:00:32.640 tools you can use. 7 00:00:33.140 --> 00:00:40.040 One fairly popular, easy-to-use tool is Postman, which you can use for free. 8 00:00:40.260 --> 00:00:44.700 You can also pay for stuff there, but you can download it for free and use it for free 9 00:00:44.700 --> 00:00:47.160 regarding what we're planning to do here. 10 00:00:47.540 --> 00:00:52.680 So you can download Postman from their site, you don't need to pay anything for it. 11 00:00:54.080 --> 00:00:58.500 And once you did that, you can start this Postman tool, you might need to click through 12 00:00:58.500 --> 00:01:04.019 a couple of windows, but ultimately you should be able to get to this API testing part without 13 00:01:04.019 --> 00:01:07.520 paying anything and actually also without creating an account. 14 00:01:09.060 --> 00:01:15.980 And here you can then send a new request, a POST request, for example, because that's 15 00:01:15.980 --> 00:01:17.260 what I'm expecting here. 16 00:01:18.640 --> 00:01:26.780 A POST request to slash users slash signup, so to localhost 3000, that's where the app 17 00:01:26.780 --> 00:01:35.000 is being hosted right now during development, slash users slash signup, and then add a body 18 00:01:35.000 --> 00:01:46.980 by clicking on body here, choose raw, and then JSON, because our API here is expecting 19 00:01:47.160 --> 00:01:48.560 to get some JSON data. 20 00:01:50.360 --> 00:01:55.600 This line here in app.js will make sure that data in the JSON format will be parsed and 21 00:01:55.600 --> 00:01:58.660 will be accessible in the different parts of this application. 22 00:02:00.680 --> 00:02:08.340 And then here for signing up, we will need to add an email and a password field to our 23 00:02:08.340 --> 00:02:11.780 request body in the JSON format. 24 00:02:12.800 --> 00:02:19.940 So here I'll add a JSON object with an email field between double quotes and then test 25 00:02:19.940 --> 00:02:25.740 at example.com, then separate it by a comma in a new line, a password field between double 26 00:02:25.740 --> 00:02:29.500 quotes, and then test123abc, something like this. 27 00:02:31.580 --> 00:02:39.440 If I now click send here, I'm getting back a success response, user created successfully, 28 00:02:39.620 --> 00:02:40.480 that's looking good. 29 00:02:41.880 --> 00:02:46.360 I get back some user details like the ID that was assigned to it automatically. 30 00:02:47.420 --> 00:02:53.440 And if you go back to the project, we should find a database.sqlite file in there which 31 00:02:53.440 --> 00:02:54.460 will store that data. 32 00:02:55.960 --> 00:03:05.540 Now you can't view that data like this here, it's pretty cryptic as you can tell, but it 33 00:03:05.480 --> 00:03:06.640 seems to work. 34 00:03:07.740 --> 00:03:16.500 And you can install extra extensions like the SQLite viewer extension to actually view 35 00:03:16.500 --> 00:03:17.540 your database data. 36 00:03:18.700 --> 00:03:22.040 This extension doesn't allow you to change it, but you can view it at least. 37 00:03:22.600 --> 00:03:30.820 So with installing that, now I can browse that database and I see, yes, this data was 38 00:03:30.760 --> 00:03:31.140 stored. 39 00:03:32.280 --> 00:03:37.520 Though, I'll also highlight right away that the password was stored in plain text, which 40 00:03:37.520 --> 00:03:43.340 is not a good idea, because if that database would ever get compromised, hackers would 41 00:03:43.340 --> 00:03:47.920 have full access to the unencrypted password of your user. 42 00:03:49.040 --> 00:03:54.320 And that would allow them to access the user data in your application, and since users 43 00:03:54.320 --> 00:04:00.540 tend to reuse passwords across multiple apps, they could also try to get access to different 44 00:04:00.660 --> 00:04:01.180 applications. 45 00:04:01.640 --> 00:04:03.920 So you'd never want to store data like this. 46 00:04:05.340 --> 00:04:07.480 And that's therefore something I'll have to fix here. 47 00:04:08.540 --> 00:04:14.100 Now maybe, if you followed along on your own, for you, Cursor suggested a different code 48 00:04:14.100 --> 00:04:19.320 which does encrypt the data, which does hash the password, but for me here, it didn't 49 00:04:19.320 --> 00:04:23.000 do that, so that's something I'll now tell Cursor to do.