From 8584da6a7f8cc3c50984a3396f05d29f801fefc3 Mon Sep 17 00:00:00 2001
From: Godmar Back <gback@cs.vt.edu>
Date: Tue, 16 Nov 2021 10:58:21 -0500
Subject: [PATCH] added comments to testloginapi.sh

---
 src/testloginapi.sh | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/src/testloginapi.sh b/src/testloginapi.sh
index 49c90ea..bee1770 100644
--- a/src/testloginapi.sh
+++ b/src/testloginapi.sh
@@ -1,11 +1,13 @@
 
-# change this as per instruction to avoid conflicts.
+# change this number as per instruction to avoid conflicts.
 PORT=10000
 
 # to test against a working implementation (and see the intended responses)
-# change this URL=http://theta.cs.vt.edu:3000/
+# change this variable, e.g.
+# use URL=http://theta.cs.vt.edu:3000/
 URL=http://localhost:${PORT}
 
+# the file in which curl stores cookies across runs
 COOKIEJAR=cookies.txt
 
 
@@ -13,23 +15,26 @@ COOKIEJAR=cookies.txt
 /bin/rm ${COOKIEJAR}
 
 # test authentication
+# this should result in a cookie being issued that embeds the JWT token
 curl -v -H "Content-Type: application/json" \
      -c ${COOKIEJAR} \
      -X POST \
      -d '{"username":"user0","password":"thepassword"}' \
     ${URL}/api/login
 
-# this should succeed if the password is correct
+# this should succeed if the password was correct
+# curl presents the cookie from the previous request
 curl -v \
     -b ${COOKIEJAR} \
     ${URL}/api/login
 
-# create a 'private' folder first.
-# this should fail since credentials were not presented
+# create a 'private' folder first for your server, and
+# put a file `secret.txt` in it.
+# this should fail since credentials were not presented in the request
 curl -v \
     ${URL}/private/secret.txt
 
-# this should succeed since credentials were presented
+# this should succeed since credentials are included
 curl -v \
     -b ${COOKIEJAR} \
     ${URL}/private/secret.txt