This Postman collection includes some available API endpoints with extensive test scripts for validation, error handling, and data integrity checks.
- Collection structure
- Test coverage
- Authentication & Authorization
- Advanced usage
- Expected response times
The collection is organized into logical test folders:
- Health Check - System status verification
- Admin Login Smoke Test - Authentication validation
- Blog API Smoke Test - Core functionality check
- Valid Admin Login - JWT token generation
- Invalid Email Login - Error handling
- SQL Injection Protection - Security testing
- Get Profile - Token-based access
- Profile Access Control - Authorization testing
- Update Profile - User data modification
- Change Password - Secure password updates
- Extend Session - Session management
- Get All Posts (Public) - Public blog listing
- Create Blog Post - Admin content creation
- Unauthorized Post Creation - Security validation
- Invalid Data Handling - Input validation
- Update Blog Post - Content modification
- Like Post - Anonymous interactions
- Delete Blog Post - Content removal
- Security Dashboard - Metrics and monitoring
- Dashboard Access Control - Admin protection
- Security Metrics - Performance data
- Threat Analysis - Security reporting
- Security Events - Event logging
- Trigger Security Check - Manual validation
- Get Blocked IPs - IP management
- Unauthorized Access Control - Admin security
- Block IP Address - Threat mitigation
- Invalid IP Format - Input validation
- Check IP Status - Status verification
- Blocking Statistics - Reporting
- Unblock IP Address - Management
- Create Backup - Database backup
- Unauthorized Backup Access - Security
- List Backups - Inventory management
- Delete Backup - Cleanup operations
- Get All Users - User administration
- Unauthorized User Access - Security
- Get User by ID - Individual user data
- Get CV Data - Public profile data
- Get Footer Data - Footer content
- Get Translations - Multi-language support
- Get/Save CV Data - CV management
- Get/Save About Data - About page
- Get/Save Footer Data - Footer management
- Unauthorized Content Access - Security
- Get/Update Page - Page management
- Upload Image - File handling
- Unauthorized Upload - Security
- Large Pagination Test - Performance
- Excessive Limit Test - Boundary testing
- Special Characters Test - Encoding
- Unicode Test - International support
- Success scenarios (200, 201)
- Error scenarios (400, 401, 403, 404, 500)
- Specific status code expectations per endpoint
- Required fields presence
- Data type validation
- Array/object structure checks
- Nested property validation
- Auto-population of test variables
- Cross-request data consistency
- Relationship validation
- Response time validation
- Global performance thresholds
- Endpoint-specific timing checks
- Token validation
- Permission level checks
- Session management verification
- Blog post lifecycle validation
- User management workflows
- Security event tracking
- Content management validation
-
Login: POST
/api/auth/login- Provides JWT token and user data
- Auto-saves tokens to environment variables
-
Protected Endpoints:
- Include
Authorization: Bearer {{authToken}}header - Admin endpoints require admin role
- Include
-
Token Management:
- Session extension available
- Automatic token validation
- Public: No authentication required
- Authenticated: Valid JWT token required
- Admin: JWT token + admin role required
- Select Collection: Choose "Regina Website API"
- Choose Environment: Development or Production
- Configure Options:
- Iterations: 1 (or more for stress testing)
- Delay: 0ms (or add delays between requests)
- Data File: Optional CSV/JSON for data-driven tests
# Install Newman
npm install -g newman
# Run collection
newman run Regina_Website_API.postman_collection.json \
-e Development.postman_environment.json \
--reporters cli,html \
--reporter-html-export results.html- Health Check: < 100ms
- Authentication: < 500ms
- Blog Operations: < 1000ms
- Content Management: < 800ms
- Security Operations: < 1500ms
- Admin Operations: < 2000ms