added comments to testloginapi.sh

src/testloginapi.sh

@@ -1,11 +1,13 @@
 
-# change this as per instruction to avoid conflicts.
+# change this number as per instruction to avoid conflicts.
 PORT=10000
 
 # to test against a working implementation (and see the intended responses)
-# change this URL=http://theta.cs.vt.edu:3000/
+# change this variable, e.g.
+# use URL=http://theta.cs.vt.edu:3000/
 URL=http://localhost:${PORT}
 
+# the file in which curl stores cookies across runs
 COOKIEJAR=cookies.txt
 
 
@@ -13,23 +15,26 @@ COOKIEJAR=cookies.txt
 /bin/rm ${COOKIEJAR}
 
 # test authentication
+# this should result in a cookie being issued that embeds the JWT token
 curl -v -H "Content-Type: application/json" \
      -c ${COOKIEJAR} \
      -X POST \
      -d '{"username":"user0","password":"thepassword"}' \
     ${URL}/api/login
 
-# this should succeed if the password is correct
+# this should succeed if the password was correct
+# curl presents the cookie from the previous request
 curl -v \
     -b ${COOKIEJAR} \
     ${URL}/api/login
 
-# create a 'private' folder first.
-# this should fail since credentials were not presented
+# create a 'private' folder first for your server, and
+# put a file `secret.txt` in it.
+# this should fail since credentials were not presented in the request
 curl -v \
     ${URL}/private/secret.txt
 
-# this should succeed since credentials were presented
+# this should succeed since credentials are included
 curl -v \
     -b ${COOKIEJAR} \
     ${URL}/private/secret.txt