Task 3.3 — Hasura Auth API + Postman collection

In the final task of third week of the hasura internship, we had to learn how to handle users, roles and sessions using Hasura Auth APIs, using Postman.

To begin with, lets recap the data model we came up with (diagram designed using PonyORM Online Editor) :

Task 3.1 — Data Modelling

Now here are some of the sample auth API queries made using Postman, referring from Auth documentation and users, roles and sessions (Register, Login, and Logout are POST requests where as User Info is a GET request):

• Sign Up Request :

This is a POST request made to URL endpoint : http://auth.c100.hasura.me/signup

Fig. 1 : Basic Sign Up request using postman

Notice that upon creation, the role is of “user” and we recieve the id and auth-token, which is used to login for this user. We can also pass more parameters in JSON body like email id, mobile no., etc.

Fig. 2 : Auth table upon creation of user “svashish305”

Since we didn’t provide email or mobile, those fields are blank, and by default, the role is of “user” (not admin). The user is active by default upon creation.

• Log In Request :

This is also a POST request made to the URL endpoint : http://auth.c100.hasura.me/login

Fig. 2 : Log In Request using Postman

Note that upon login (of existing user), the auth-token has changed and set as cookie but the id remains the same. Now the user is active with a fresh active session. The output in auth table is almost same except the login time and session id will be different :

Fig. 3 : Auth table upon login request for user “svashish305”

• User Info Request :

This is a GET request made to the URL endpoint : http://auth.c100.hasura.me/user/account/info

Fig. 4 : User Info Request and Response using Postman

We copied the auth-token generated upon previous login request as the value for key authorization. After hitting Send the response was captured which displays detailed user info for the user “svashish305”. Since we didn’t enter any value for email and mobile fields, the values obtained in response are “null”. But for admin user who has entered email and mobile, the admin info request will return all the corresponding fields :

Fig. 5 : User account info for admin user using Postman

• Log Out Request :

This is a POST request (but formerly was a GET request in older version of hasura local development) which is made to URL endpoint :

http://auth.c100.hasura.me/user/logout

Fig. 6 : Log Out request using Postman

Thus, by response, the user has sucessfully logged out. We can click the user in auth table to check whether after logging out there is any active session or not :

Fig. 7 : Auth table user “svashish305”

As expected, there are no active sessions for the logged out user.

So, these were some of the basic auth API queries I performed using Postman.

Here’s my postman collection for Auth API used so far, the link will be updated as per changes/additions in Auth API requests :

https://www.getpostman.com/collections/9e8cad65f0fff1f6b354

So, we’re done with week 3 of the internship. In further blog posts for week 4 we will be designing the UI and backend integration for the first screen of our web app, Expense Calculator.

Thanks to Hasura for providing the opportunity to develop our app :

Hasura | Build apps fast | Batteries included PaaS