Skip to content

README.md

Latest commit

 

History

History
138 lines (97 loc) · 2.68 KB

README.md

File metadata and controls

138 lines (97 loc) · 2.68 KB

Build Status

Vulnerable

Assuming you have rbenv or rvm already installed.

  1. Install postgresql (use homebrew)
brew install postgresql
initdb /usr/local/var/postgres
pg_ctl -D /usr/local/var/postgres -l /usr/local/var/postgres/server.log start
which psql
  1. git clone git@github.com:PinkBuffalo/vulnerable-app.git
  2. Setup your db and start the db server. 3.1 copy config/database.yml.example to config/database.yml 3.2 Adjust config/database.yml with your settings.
  3. bundle install
  4. bundle exec rake db:setup
  5. bundle exec rake db:migrate
  6. bundle exec rake db:seed # To create some stories
  7. bundle exec rails s

Endpoints

api/v1/users

Create a new user

api/v1/users

Verb: POST

Params:

Everything wrapped inside a user object.

  • email: String: Necessary
  • name: String: Optional

Example:

curl  -v -H "Accept: application/json" \
      -H "Content-type: application/json" \
      -X POST \
      -d '{"user":{"name":"Test user","email":"test@email.com"}}' \
      http://localhost:3000/api/v1/users

Retrieve user's information

api/v1/users/{:id}

Verb: GET

Params:

  • id: integer: Necessary

Example:

curl -v -H "Accept: application/json" http://localhost:3000/api/v1/users/1

api/v1/users/{:id}/stories

List user's stories

api/v1/users/{:id}/stories

Verb: GET

Params:

  • Id: integer: Id of the user

Example:

curl -v -H "Accept: application/json" \
     http://localhost:3000/api/v1/users/1/stories

api/v1/users/{:user_id}/favorite_stories

List user's favorite stories

api/v1/users/{:user_id}/favorite_stories

Verb: GET

Example:

curl -v -H "Accept: application/json" \
     http://localhost:3000/api/v1/users/1/favorite_stories

Favorite a story for a user

api/v1/users/{:user_id}/favorite_stories

Verb: POST

Example:

curl -v -H "Accept: application/json" \
      -H "Content-type: application/json" \
      -X POST \
      -d '{"id":"23"}' \
     http://localhost:3000/api/v1/users/1/favorite_stories

Unfavorite a story for a user

api/v1/users/{:user_id}/favorite_stories

Verb: DELETE

Params:

  • Id: integer: Id of the story

Example:

curl -v -H "Accept: application/json" \
      -H "Content-type: application/json" \
      -X DELETE \
      -d '{"id":"23"}' \
     http://localhost:3000/api/v1/users/1/favorite_stories

api/v1/timeline

List recent stories

api/v1/timeline

Verb: GET

Example:

curl -v -H "Accept: application/json" http://localhost:3000/api/v1/timeline