The StudentAPI is designed for teaching API testing in a university course. It serves as a deliberately vulnerable API, intended for educational purposes, with a focus on addressing mass assignment vulnerabilities.
The StudentAPI offers various endpoints for registering, updating, deleting, and retrieving student information. It is intentionally kept straightforward, as it is created and implemented for educational and testing purposes. The API provides the following endpoints:
- Save one student
- Update one student
- Display all students
- Delete one student
- Display one student
To configure the StudentAPI, you need to edit the application.properties file and provide your URL, username, and password. Additionally, ensure that you have MySQL Workbench installed on your system, and create a database named "student." Afterward, you can run the API using Eclipse or your preferred Integrated Development Environment (IDE).
Begin by running the API in an IDE like Eclipse. Then, you can send your requests using tools such as Postman.