Error

{"info":{"_postman_id":"9ead7780-0252-41c8-b10a-eec7b161e53f","name":"OWASP Sec Bank","description":"

This is a database-driven web application developed as a research artefact for my B.Sc. Computer Science dissertation.\nThe project addresses the gap between theoretical security guidelines and practical implementations. It utilizes an **A/B testing methodology**, where two parallel versions of the same banking application will be built to facilitate a direct comparison of vulnerability behavior and mitigation effectiveness.\n\n

\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"33365941","collectionId":"9ead7780-0252-41c8-b10a-eec7b161e53f","publishedId":"2sBXVZpuxT","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2025-12-26T18:18:46.000Z"},"item":[{"name":"Insecure","item":[{"name":"Auth","item":[{"name":"Register","id":"3cdd3714-90b4-4214-ac66-526b3c88268f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/register","urlObject":{"path":["api","auth","register"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"1ef7c56d-0307-4371-b71a-f30dd7a44336","name":"Too much information in response","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\"\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:1234/api/auth/register"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"334"},{"key":"ETag","value":"W/\"14e-t/n+IJZ6Eo17Q1tibzFaEwd+OOo\""},{"key":"Date","value":"Fri, 26 Dec 2025 22:25:19 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"duplicate key value violates unique constraint \\\"users_username_key\\\"\",\n \"detail\": {\n \"length\": 205,\n \"name\": \"error\",\n \"severity\": \"ERROR\",\n \"code\": \"23505\",\n \"detail\": \"Key (username)=(Zubs) already exists.\",\n \"schema\": \"public\",\n \"table\": \"users\",\n \"constraint\": \"users_username_key\",\n \"file\": \"nbtinsert.c\",\n \"line\": \"666\",\n \"routine\": \"_bt_check_unique\"\n }\n}"},{"id":"3857a651-2112-4c95-afa3-13229b044466","name":"Register","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\"\n}","options":{"raw":{"language":"json"}}},"url":"http://localhost:1234/api/auth/register"},"status":"Created","code":201,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"560"},{"key":"ETag","value":"W/\"230-GoiPBeBP/FpQKbau5G0juUbs8Ns\""},{"key":"Date","value":"Fri, 26 Dec 2025 22:26:33 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"User registered\",\n \"user\": {\n \"user_id\": 4,\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"user\",\n \"created_at\": \"2025-12-26T22:26:33.654Z\"\n },\n \"token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjQsInJvbGUiOiJ1c2VyIiwiaWF0IjoxNzY2Nzg3OTkzLCJleHAiOjE3NjkzNzk5OTN9.EKNznRE-ht_WX7h2QZ0gtWVmFVr971dfhlgi-fZxKdw\",\n \"account\": {\n \"account_id\": 2,\n \"user_id\": 4,\n \"account_number\": \"72425286\",\n \"sort_code\": \"12-34-56\",\n \"account_type\": \"Current\",\n \"balance\": \"100.00\",\n \"created_at\": \"2025-12-26T22:26:33.662Z\"\n }\n}"}],"_postman_id":"3cdd3714-90b4-4214-ac66-526b3c88268f"},{"name":"Login","event":[{"listen":"test","script":{"id":"f3b49607-2801-44df-b687-dd513054056f","exec":["// Parse the JSON response","const jsonData = pm.response.json();","","// Extract token - check common field names","const token = jsonData.token;","","// Save token to environment variable if found","if (token) {"," pm.collectionVariables.set(\"token\", token); // Alternative for collection variables"," console.log(\"Token saved to environment variable 'token'\");","} else {"," console.warn(\"No token found in response. Check the response structure.\");","}","","// Test to verify token exists in response","pm.test(\"Response contains a token\", function () {"," pm.expect(token).to.not.be.undefined;"," pm.expect(token).to.not.be.null;"," pm.expect(token).to.be.a('string').and.not.empty;","});"],"type":"text/javascript","packages":{},"requests":{}}},{"listen":"prerequest","script":{"packages":{},"type":"text/javascript"}}],"id":"70328ee7-5ad6-4e03-a85b-c39ab58bd434","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/login","urlObject":{"path":["api","auth","login"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"cfccc245-1964-4225-8774-8af0e854c295","name":"Login","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/login"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Set-Cookie","value":"profile_pref=eyJ0aGVtZSI6ImxpZ2h0IiwibGFuZ3VhZ2UiOiJlbiIsIm5vdGlmaWNhdGlvbnMiOnRydWV9; Max-Age=900; Path=/; Expires=Sun, 11 Jan 2026 14:35:41 GMT"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"390"},{"key":"ETag","value":"W/\"186-Q4U8aakgr9miG6b1NStg3cD8rKk\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:20:41 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Login successful\",\n \"user\": {\n \"user_id\": 4,\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\",\n \"created_at\": \"2025-12-26T22:26:33.654Z\"\n },\n \"token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjQsInJvbGUiOiJhZG1pbiIsImlhdCI6MTc2ODE0MTI0MSwiZXhwIjoxNzcwNzMzMjQxfQ.4bbYuDc8a-z3MVOECG9gHKzhEb6N56crlzhMGsEongY\"\n}"}],"_postman_id":"70328ee7-5ad6-4e03-a85b-c39ab58bd434"},{"name":"Logout","id":"a0043117-fa42-4d56-87f6-89b48adf664a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/auth/logout","urlObject":{"path":["api","auth","logout"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"7693e807-fdff-4085-aa40-68036ad6cefc","name":"Logout","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEsInJvbGUiOiJ1c2VyIiwiaWF0IjoxNzY2NzczNzEwLCJleHAiOjE3NjkzNjU3MTB9.W87CR1L9ufCW4OiC80OsSQnSflCBsUIOgUfEIHjNu_Q","type":"text"}],"url":"http://localhost:1234/api/auth/logout"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-vYmtThEV0qgPmOaoi5WLoJuDA80\""},{"key":"Date","value":"Fri, 26 Dec 2025 18:29:45 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Logout successful\"\n}"}],"_postman_id":"a0043117-fa42-4d56-87f6-89b48adf664a"}],"id":"98d29b81-c4fd-4bd6-9bcd-99aa4d588870","_postman_id":"98d29b81-c4fd-4bd6-9bcd-99aa4d588870","description":""},{"name":"Accounts","item":[{"name":"Get User Account","id":"ef82a0df-3c23-41a6-8ead-c5317e347d16","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/account/user/4","description":"

Gets a user account for them

\n","urlObject":{"path":["api","account","user","4"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"0b21297b-9507-4c6b-9040-410690c8b7c0","name":"Unauthenticated","originalRequest":{"method":"GET","header":[],"url":"/api/account/user/4"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:26:57 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"1dcc94c3-dc6a-4e06-8a5a-a36ee415bfaa","name":"Get User Account","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/account/user/4"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"174"},{"key":"ETag","value":"W/\"ae-1b04az/jvW0DYlNjUJdFqTA/MfM\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:27:30 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"account\": {\n \"account_id\": 2,\n \"user_id\": 4,\n \"account_number\": \"72425286\",\n \"sort_code\": \"12-34-56\",\n \"account_type\": \"Current\",\n \"balance\": \"80.00\",\n \"created_at\": \"2025-12-26T22:26:33.662Z\"\n }\n}"}],"_postman_id":"ef82a0df-3c23-41a6-8ead-c5317e347d16"},{"name":"Lookup (Get Recipient Account)","id":"503f6888-dd81-4128-a56f-f4be2f21c63a","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"account_number\": \"72425286\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/account/lookup","urlObject":{"path":["api","account","lookup"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"82349039-4a4d-47b0-ac04-edb9255152e3","name":"Unauthenticated","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"account_number\": \"72425286\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/account/lookup"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:27:47 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"f5965bbb-ec53-48d5-bf58-4aee6337a8e0","name":"Lookup (Get Recipient Account)","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"account_number\": \"72425286\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/account/lookup"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"140"},{"key":"ETag","value":"W/\"8c-yNogVz8Z02aCNgQJeQ0uWZ6/LlI\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:28:16 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Account found\",\n \"recipient\": {\n \"full_name\": \"Zubair Idris Aweda\",\n \"account_number\": \"72425286\",\n \"sort_code\": \"12-34-56\",\n \"account_id\": 2\n }\n}"},{"id":"4c9f409e-247f-4427-9808-0a9da1a4fa54","name":"Account Not Found","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"account_number\": \"5\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/account/lookup"},"status":"Not Found","code":404,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-JkY0DvpxbEny7Houx5m94RC0biQ\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:28:40 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Account not found\"\n}"}],"_postman_id":"503f6888-dd81-4128-a56f-f4be2f21c63a"}],"id":"ae0fbe40-1ac6-4493-8521-1bf1616c96a0","_postman_id":"ae0fbe40-1ac6-4493-8521-1bf1616c96a0","description":""},{"name":"Transactions","item":[{"name":"Transfer","id":"9d076062-f62b-47d9-afc1-23871f2a1735","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"2\",\n \"to_account_id\": \"3\",\n \"amount\": 10.00,\n \"description\": \"Goodies\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer","urlObject":{"path":["api","transactions","transfer"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"309da589-2824-4c7a-b1f9-6a5ec964ac9c","name":"Unauthenticated","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"2\",\n \"to_account_id\": \"3\",\n \"amount\": 10.00,\n \"description\": \"Goodies\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:29:19 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"83c6297c-dac3-4b01-ad46-e8a4a1d7f00e","name":"Transfer","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"2\",\n \"to_account_id\": \"3\",\n \"amount\": 10.00,\n \"description\": \"Goodies\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"207"},{"key":"ETag","value":"W/\"cf-CB1MW6swnvgWQn1JxrsD1qz7uTM\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:29:48 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Transfer successful\",\n \"transaction\": {\n \"transaction_id\": 5,\n \"from_account_id\": 2,\n \"to_account_id\": 3,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-01-08T14:49:44.305Z\"\n }\n}"},{"id":"356a6333-cb7b-4fd6-9764-bbb13c5416bc","name":"Detailed Error Message","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Security-Policy","value":"default-src 'none'"},{"key":"X-Content-Type-Options","value":"nosniff"},{"key":"Content-Type","value":"text/html; charset=utf-8"},{"key":"Content-Length","value":"1539"},{"key":"Date","value":"Sun, 11 Jan 2026 13:30:17 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"\n\n \n \n Error\n \n \n

TypeError: Cannot destructure property 'from_account_id' of 'req.body' as it is undefined.\n            
    at exports.transferFunds (/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/controllers/transactionController.js:5:9)\n            
    at Layer.handleRequest (/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/node_modules/router/lib/layer.js:152:17)\n            
    at next (/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/node_modules/router/lib/route.js:157:13)\n            
    at /Users/idrisawedazubair/owasp-sec-bank/insecure/backend/middlewares/authMiddleware.js:21:9\n            
    at /Users/idrisawedazubair/owasp-sec-bank/insecure/backend/node_modules/jsonwebtoken/verify.js:261:12\n            
    at getSecret (/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/node_modules/jsonwebtoken/verify.js:97:14)\n            
    at Object.module.exports [as verify] (/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/node_modules/jsonwebtoken/verify.js:101:10)\n            
    at module.exports (/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/middlewares/authMiddleware.js:15:9)\n            
    at Layer.handleRequest (/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/node_modules/router/lib/layer.js:152:17)\n            
    at next (/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/node_modules/router/lib/route.js:157:13)\n

\n \n"},{"id":"68193016-a3e9-4f3c-a8f9-53a7e7b467be","name":"Source account not found","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"8888888888\",\n \"to_account_id\": \"3\",\n \"amount\": 10.00,\n \"description\": \"Goodies\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"Not Found","code":404,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"38"},{"key":"ETag","value":"W/\"26-NIRoUImVFxGrmFW9yvtOS4dRG/w\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:30:51 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Source account not found\"\n}"},{"id":"e5d38442-304e-4dc5-8110-853c706e923d","name":"Detailed Error Message 2","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"2\",\n \"to_account_id\": \"366666666666\",\n \"amount\": 10.00,\n \"description\": \"Goodies\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"155"},{"key":"ETag","value":"W/\"9b-coqP9PNqqUPOA2vohyxrSZzQKDk\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:31:34 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"integer out of range\",\n \"sql_error\": {\n \"length\": 69,\n \"name\": \"error\",\n \"severity\": \"ERROR\",\n \"code\": \"22003\",\n \"file\": \"int8.c\",\n \"line\": \"1254\",\n \"routine\": \"int84\"\n }\n}"},{"id":"0dd0a5b7-0693-4d4c-ae9b-407147ef46d5","name":"Detailed Error Message 3","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"2\",\n \"to_account_id\": \"120\",\n \"amount\": 10.00,\n \"description\": \"Goodies\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"429"},{"key":"ETag","value":"W/\"1ad-bFtOcFyUOOkhHw+e3N3v8SmZ3Qs\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:31:58 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"insert or update on table \\\"transactions\\\" violates foreign key constraint \\\"transactions_to_account_id_fkey\\\"\",\n \"sql_error\": {\n \"length\": 293,\n \"name\": \"error\",\n \"severity\": \"ERROR\",\n \"code\": \"23503\",\n \"detail\": \"Key (to_account_id)=(120) is not present in table \\\"accounts\\\".\",\n \"schema\": \"public\",\n \"table\": \"transactions\",\n \"constraint\": \"transactions_to_account_id_fkey\",\n \"file\": \"ri_triggers.c\",\n \"line\": \"2599\",\n \"routine\": \"ri_ReportViolation\"\n }\n}"},{"id":"c2eff3f5-d3c8-4483-bc05-d907f79a346c","name":"Transfer With Negative Amount","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"2\",\n \"to_account_id\": \"3\",\n \"amount\": -4000.00,\n \"description\": \"Goodies\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"210"},{"key":"ETag","value":"W/\"d2-MWt1y2Sax9Esbva9/GD6QXfrPrk\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:50:31 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Transfer successful\",\n \"transaction\": {\n \"transaction_id\": 8,\n \"from_account_id\": 2,\n \"to_account_id\": 3,\n \"amount\": \"-4000.00\",\n \"description\": \"Goodies\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-01-08T15:10:27.083Z\"\n }\n}"}],"_postman_id":"9d076062-f62b-47d9-afc1-23871f2a1735"},{"name":"Transaction History","id":"b76f28a6-19d9-4dc8-a3c5-f31d41c779df","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/transactions/history/2","urlObject":{"path":["api","transactions","history","2"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"33e64482-dfba-4d69-b8e5-08d23be63db1","name":"Unauthenticated","originalRequest":{"method":"GET","header":[],"url":"/api/transactions/history/2"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:32:55 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"cb015008-5d96-47ef-adc5-cf8aab76b6a8","name":"Transaction History","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/transactions/history/2"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"818"},{"key":"ETag","value":"W/\"332-6cn1nqGm7cbZ9V2kmCHj7ZJBVSA\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:33:23 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"transactions\": [\n {\n \"transaction_id\": 7,\n \"from_account_id\": 2,\n \"to_account_id\": 3,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-01-08T14:52:20.451Z\"\n },\n {\n \"transaction_id\": 5,\n \"from_account_id\": 2,\n \"to_account_id\": 3,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-01-08T14:49:44.305Z\"\n },\n {\n \"transaction_id\": 4,\n \"from_account_id\": 2,\n \"to_account_id\": 3,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-01-04T10:42:53.987Z\"\n },\n {\n \"transaction_id\": 3,\n \"from_account_id\": 2,\n \"to_account_id\": 2,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-01-04T10:41:15.012Z\"\n },\n {\n \"transaction_id\": 2,\n \"from_account_id\": 2,\n \"to_account_id\": 2,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-01-04T10:39:53.745Z\"\n }\n ]\n}"}],"_postman_id":"b76f28a6-19d9-4dc8-a3c5-f31d41c779df"}],"id":"a227f7eb-b38a-449b-be84-5d1e9c8cc4b7","_postman_id":"a227f7eb-b38a-449b-be84-5d1e9c8cc4b7","description":""},{"name":"Profile","item":[{"name":"Get User Profile","id":"32dbf346-e2e5-4fd2-9124-b26b7dc46a40","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/user/4","urlObject":{"path":["api","user","4"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"22aca5e6-0f72-434b-8e2e-0974e737ad43","name":"Unauthenticated","originalRequest":{"method":"GET","header":[],"url":"/api/user/4"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:34:48 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"ed9b3c3e-9641-43a9-a913-b099c2c641de","name":"Get User Profile","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/user/4"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"125"},{"key":"ETag","value":"W/\"7d-HMJmLWIhiMEPksSHScoAWmMiSSQ\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:35:11 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"user\": {\n \"user_id\": 4,\n \"username\": \"Zubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\"\n }\n}"}],"_postman_id":"32dbf346-e2e5-4fd2-9124-b26b7dc46a40"},{"name":"Update User Profile","id":"121144e4-6fdc-43ab-8732-dbdd4cc4e06c","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"PUT","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/4","urlObject":{"path":["api","user","4"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"76f0f705-91c5-4a38-bdfe-23c02b370b27","name":"Unauthenticated","originalRequest":{"method":"PUT","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/4"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:35:57 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"b768ab56-612e-497e-aaf5-c14b5acba6c2","name":"Update User Profile","originalRequest":{"method":"PUT","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/4"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"228"},{"key":"ETag","value":"W/\"e4-LQ470h6W8W/BqoMBG/OXHMTpr5I\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:36:27 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Profile updated successfully\",\n \"user\": {\n \"user_id\": 4,\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\",\n \"created_at\": \"2025-12-26T22:26:33.654Z\"\n }\n}"}],"_postman_id":"121144e4-6fdc-43ab-8732-dbdd4cc4e06c"},{"name":"Upload Avatar","id":"29e86391-0cb9-4476-96f8-c311b4de0182","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"imageUrl\": \"https://avatars.githubusercontent.com/u/53227444?v=4\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/avatar","urlObject":{"path":["api","user","avatar"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"fa7dad0a-cd2b-42b1-afbc-adeb5eacb0e0","name":"Unauthenticated","originalRequest":{"method":"POST","header":[],"url":"/api/user/avatar"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:34:43 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"9773e3bd-35e5-4d01-bd11-28016c4859a4","name":"Invalid URL","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"imageUrl\": \"test\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/avatar"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"57"},{"key":"ETag","value":"W/\"39-cDTm+IGlDDRP4uooZN3kVzfZbZg\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:36:20 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"Failed to fetch image\",\n \"details\": \"Invalid URL\"\n}"},{"id":"4b5cbe9c-7662-44c4-b42d-3ff6920209ee","name":"Upload Avatar","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"imageUrl\": \"https://avatars.githubusercontent.com/u/53227444?v=4\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/avatar"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"64"},{"key":"ETag","value":"W/\"40-w0Z0WiXctBwXhGQqi8d59dUMt+Q\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:38:12 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Avatar updated successfully\",\n \"url\": \"/uploads/4.png\"\n}"}],"_postman_id":"29e86391-0cb9-4476-96f8-c311b4de0182"},{"name":"View User Avatar","id":"6e15c231-4efd-45bd-8a52-242823c22b68","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"/uploads/4.png","urlObject":{"path":["uploads","4.png"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"6e15c231-4efd-45bd-8a52-242823c22b68"}],"id":"e2929689-31ae-45f3-bf97-7d4aaa27b280","_postman_id":"e2929689-31ae-45f3-bf97-7d4aaa27b280","description":""},{"name":"Admin","item":[{"name":"Get All Users","id":"64f76a83-7608-4474-abaf-881c4139ee18","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/users","urlObject":{"path":["api","admin","users"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"2c10536f-2628-4734-b367-62699c3cad1a","name":"Unauthenticated","originalRequest":{"method":"GET","header":[],"url":"/api/admin/users"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:43:20 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"205c9025-50b5-4a5f-8406-069893f3b2df","name":"Get All Users","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/users"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"370"},{"key":"ETag","value":"W/\"172-y56ihARG1oVRLH6zZmpC032ruEU\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:43:43 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"users\": [\n {\n \"user_id\": 4,\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\",\n \"created_at\": \"2025-12-26T22:26:33.654Z\"\n },\n {\n \"user_id\": 5,\n \"username\": \"Zubair\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@yahoo.com\",\n \"role\": \"user\",\n \"created_at\": \"2026-01-04T10:42:35.583Z\"\n }\n ]\n}"}],"_postman_id":"64f76a83-7608-4474-abaf-881c4139ee18"},{"name":"Get All Transactions","id":"b2a7c134-0eb1-45b0-be5f-4f5d49dd6e79","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/transactions","urlObject":{"path":["api","admin","transactions"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"4d467698-e22f-472c-bab6-8a34e7ccc6da","name":"Unauthenticated","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text","disabled":true}],"url":"/api/admin/transactions"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:42:41 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"f01e741b-d02b-40f8-a891-a9581b01117d","name":"Get All Transactions","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/transactions"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"845"},{"key":"ETag","value":"W/\"34d-jwkLj8TSSXzTtF0muehHEFrYzlY\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:42:55 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"transactions\": [\n {\n \"transaction_id\": 8,\n \"amount\": \"-4000.00\",\n \"description\": \"Goodies\",\n \"timestamp\": \"2026-01-08T15:10:27.083Z\",\n \"sender\": \"Zubs\",\n \"recipient\": \"Zubair\"\n },\n {\n \"transaction_id\": 7,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"timestamp\": \"2026-01-08T14:52:20.451Z\",\n \"sender\": \"Zubs\",\n \"recipient\": \"Zubair\"\n },\n {\n \"transaction_id\": 5,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"timestamp\": \"2026-01-08T14:49:44.305Z\",\n \"sender\": \"Zubs\",\n \"recipient\": \"Zubair\"\n },\n {\n \"transaction_id\": 4,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"timestamp\": \"2026-01-04T10:42:53.987Z\",\n \"sender\": \"Zubs\",\n \"recipient\": \"Zubair\"\n },\n {\n \"transaction_id\": 3,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"timestamp\": \"2026-01-04T10:41:15.012Z\",\n \"sender\": \"Zubs\",\n \"recipient\": \"Zubs\"\n },\n {\n \"transaction_id\": 2,\n \"amount\": \"10.00\",\n \"description\": \"Goodies\",\n \"timestamp\": \"2026-01-04T10:39:53.745Z\",\n \"sender\": \"Zubs\",\n \"recipient\": \"Zubs\"\n }\n ]\n}"}],"_postman_id":"b2a7c134-0eb1-45b0-be5f-4f5d49dd6e79"},{"name":"Get System Logs","id":"79213361-0f7c-4be3-bf84-505d37784f2f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/system-logs","urlObject":{"path":["api","admin","system-logs"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"3b5d8d25-b6df-4ce9-99db-b470a13b6f5e","name":"Unauthenticated","originalRequest":{"method":"GET","header":[],"url":"/api/admin/system-logs"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:43:58 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"d38e7520-6068-4453-afae-1d12a21fcc92","name":"Get System Logs","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/system-logs"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"11"},{"key":"ETag","value":"W/\"b-Xl5NzjZiALSGGFdStDAuywxwZXE\""},{"key":"Date","value":"Sun, 11 Jan 2026 14:44:18 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"logs\": []\n}"}],"_postman_id":"79213361-0f7c-4be3-bf84-505d37784f2f"}],"id":"8f78bf8b-43f4-4af9-a9cb-c5160272a6c5","_postman_id":"8f78bf8b-43f4-4af9-a9cb-c5160272a6c5","description":""},{"name":"Hello World!","id":"e29175eb-d9c3-43f4-b6aa-7777e7614fe6","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"/api","description":"

Get API status by pinging the server, that goes on to ping the DB too.

\n","urlObject":{"path":["api"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"bc416cec-a544-4d10-a517-1d286fad8324","name":"Hello World","originalRequest":{"method":"GET","header":[],"url":"http://localhost:1234/api"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"101"},{"key":"ETag","value":"W/\"65-H5AIfwjkog0yOQSBo4OXIqMv01c\""},{"key":"Date","value":"Fri, 26 Dec 2025 18:15:08 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Hello World, everything is operational\",\n \"db\": \"ok\",\n \"timestamp\": \"2025-12-26T18:15:08.891Z\"\n}"},{"id":"e0101bbb-4807-401e-ae41-4366ba65700c","name":"System Malfunction","originalRequest":{"method":"GET","header":[],"url":"http://localhost:1234/api"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"62"},{"key":"ETag","value":"W/\"3e-4JzLapbTtqyxFV+wc/Vp3ZaHhBQ\""},{"key":"Date","value":"Fri, 26 Dec 2025 18:15:46 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"System malfunction\",\n \"db\": \"unreachable\",\n \"error\": \"\"\n}"},{"id":"e124e77d-cb44-4f05-a020-c76f39be5fb5","name":"Overly Informative Response","originalRequest":{"method":"GET","header":[],"url":"/api"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"4843"},{"key":"ETag","value":"W/\"12eb-Rh6vAF3B1N2NQf2k6XXN7MpXggE\""},{"key":"Date","value":"Sun, 11 Jan 2026 13:47:34 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Hello World, everything is operational\",\n \"db\": \"ok\",\n \"env\": {\n \"NVM_INC\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/include/node\",\n \"TERM_PROGRAM\": \"iTerm.app\",\n \"NODE\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/bin/node\",\n \"INIT_CWD\": \"/Users/idrisawedazubair/owasp-sec-bank/insecure/backend\",\n \"NVM_CD_FLAGS\": \"-q\",\n \"TERM\": \"xterm-256color\",\n \"SHELL\": \"/bin/zsh\",\n \"npm_config_metrics_registry\": \"https://registry.npmjs.org/\",\n \"HOMEBREW_REPOSITORY\": \"/opt/homebrew\",\n \"TMPDIR\": \"/var/folders/lb/f8bq6_yd0m76x8ppscnqfkrc0000gn/T/\",\n \"npm_config_global_prefix\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1\",\n \"TERM_PROGRAM_VERSION\": \"3.6.6\",\n \"COLOR\": \"1\",\n \"TERM_SESSION_ID\": \"w0t0p0:EDC64748-26C1-4145-B4EF-BDECE0C67AFC\",\n \"npm_config_noproxy\": \"\",\n \"npm_config_local_prefix\": \"/Users/idrisawedazubair/owasp-sec-bank/insecure/backend\",\n \"HERD_PHP_83_INI_SCAN_DIR\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/php/83/\",\n \"NVM_DIR\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm\",\n \"USER\": \"idrisawedazubair\",\n \"COMMAND_MODE\": \"unix2003\",\n \"npm_config_globalconfig\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/etc/npmrc\",\n \"SSH_AUTH_SOCK\": \"/private/tmp/com.apple.launchd.ufpGxZfuNN/Listeners\",\n \"__CF_USER_TEXT_ENCODING\": \"0x1F5:0:2\",\n \"npm_execpath\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/lib/node_modules/npm/bin/npm-cli.js\",\n \"HERD_PHP_82_INI_SCAN_DIR\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/php/82/\",\n \"TERM_FEATURES\": \"T3LrMSc7UUw9Ts3BFGsSyHNoSxF\",\n \"TERMINFO_DIRS\": \"/Users/idrisawedazubair/Applications/iTerm.app/Contents/Resources/terminfo:/usr/share/terminfo\",\n \"PATH\": \"/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/node_modules/.bin:/Users/idrisawedazubair/owasp-sec-bank/insecure/node_modules/.bin:/Users/idrisawedazubair/owasp-sec-bank/node_modules/.bin:/Users/idrisawedazubair/node_modules/.bin:/Users/node_modules/.bin:/node_modules/.bin:/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/Users/idrisawedazubair/Library/Application Support/Herd/bin/:/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/X11/bin:/usr/local/share/dotnet:~/.dotnet/tools:/Users/idrisawedazubair/Applications/iTerm.app/Contents/Resources/utilities:/Users/idrisawedazubair/Library/Application Support/JetBrains/Toolbox/scripts\",\n \"npm_package_json\": \"/Users/idrisawedazubair/owasp-sec-bank/insecure/backend/package.json\",\n \"npm_config_userconfig\": \"/Users/idrisawedazubair/.npmrc\",\n \"npm_config_init_module\": \"/Users/idrisawedazubair/.npm-init.js\",\n \"__CFBundleIdentifier\": \"com.googlecode.iterm2\",\n \"npm_command\": \"run-script\",\n \"PWD\": \"/Users/idrisawedazubair/owasp-sec-bank/insecure/backend\",\n \"npm_lifecycle_event\": \"start\",\n \"EDITOR\": \"vi\",\n \"npm_package_name\": \"backend\",\n \"LANG\": \"en_GB.UTF-8\",\n \"ITERM_PROFILE\": \"Default\",\n \"npm_config_npm_version\": \"9.9.4\",\n \"XPC_FLAGS\": \"0x0\",\n \"npm_config_node_gyp\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js\",\n \"npm_package_version\": \"1.0.0\",\n \"XPC_SERVICE_NAME\": \"0\",\n \"SHLVL\": \"2\",\n \"HOME\": \"/Users/idrisawedazubair\",\n \"COLORFGBG\": \"15;0\",\n \"LC_TERMINAL_VERSION\": \"3.6.6\",\n \"HOMEBREW_PREFIX\": \"/opt/homebrew\",\n \"ITERM_SESSION_ID\": \"w0t0p0:EDC64748-26C1-4145-B4EF-BDECE0C67AFC\",\n \"npm_config_cache\": \"/Users/idrisawedazubair/.npm\",\n \"LOGNAME\": \"idrisawedazubair\",\n \"npm_lifecycle_script\": \"npm run swagger && node index.js\",\n \"NVM_BIN\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/bin\",\n \"npm_config_user_agent\": \"npm/9.9.4 node/v16.17.1 darwin arm64 workspaces/false\",\n \"INFOPATH\": \"/opt/homebrew/share/info:\",\n \"HOMEBREW_CELLAR\": \"/opt/homebrew/Cellar\",\n \"LC_TERMINAL\": \"iTerm2\",\n \"OSLogRateLimit\": \"64\",\n \"npm_node_execpath\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/bin/node\",\n \"npm_config_prefix\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1\",\n \"COLORTERM\": \"truecolor\",\n \"_\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v16.17.1/bin/node\",\n \"DATABASE_URL\": \"postgres://postgres:password@localhost:5432/insecure_bank\"\n },\n \"timestamp\": \"2026-01-11T13:47:34.901Z\"\n}"}],"_postman_id":"e29175eb-d9c3-43f4-b6aa-7777e7614fe6"},{"name":"Get API Docs","id":"b4bc9b78-712d-45d1-8590-227e7ff7ef64","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"/api-docs.json","urlObject":{"path":["api-docs.json"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"c1684a1e-8e41-4a68-bb35-e135f3bef5dd","name":"Get API Docs","originalRequest":{"method":"GET","header":[],"url":"http://localhost:1234/api-docs.json"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"1471"},{"key":"ETag","value":"W/\"5bf-jhmgKDf6Y4qaTa1WtnQvbPa+AwY\""},{"key":"Date","value":"Fri, 26 Dec 2025 18:21:22 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"swagger\": \"2.0\",\n \"info\": {\n \"title\": \"Sec-Bank Vulnerable API\",\n \"description\": \"Automatically generated documentation\",\n \"version\": \"1.0.0\"\n },\n \"host\": \"localhost:1234\",\n \"basePath\": \"/\",\n \"schemes\": [\n \"http\"\n ],\n \"securityDefinitions\": {\n \"bearerAuth\": {\n \"type\": \"apiKey\",\n \"name\": \"Authorization\",\n \"in\": \"header\",\n \"description\": \"Enter your bearer token in the format **Bearer <token>**\"\n }\n },\n \"paths\": {\n \"/api-docs.json\": {\n \"get\": {\n \"description\": \"\",\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n }\n }\n }\n },\n \"/api/auth/register\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"body\",\n \"in\": \"body\",\n \"schema\": {\n \"type\": \"object\",\n \"properties\": {\n \"username\": {\n \"example\": \"any\"\n },\n \"password\": {\n \"example\": \"any\"\n },\n \"full_name\": {\n \"example\": \"any\"\n },\n \"email\": {\n \"example\": \"any\"\n }\n }\n }\n }\n ],\n \"responses\": {\n \"201\": {\n \"description\": \"Created\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/auth/login\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"body\",\n \"in\": \"body\",\n \"schema\": {\n \"type\": \"object\",\n \"properties\": {\n \"username\": {\n \"example\": \"any\"\n },\n \"password\": {\n \"example\": \"any\"\n }\n }\n }\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/auth/logout\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"400\": {\n \"description\": \"Bad Request\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/\": {\n \"get\": {\n \"description\": \"\",\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n }\n }\n}"}],"_postman_id":"b4bc9b78-712d-45d1-8590-227e7ff7ef64"}],"id":"682e7e4c-dfbb-4891-bf1b-6be7d5e8aeb4","_postman_id":"682e7e4c-dfbb-4891-bf1b-6be7d5e8aeb4","description":""},{"name":"Secure","item":[{"name":"Auth","item":[{"name":"Register","id":"53346ef2-b352-4c4a-b255-9e8aad01b09b","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/register","urlObject":{"path":["api","auth","register"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"3c62c7ef-744f-4e5c-9b46-93651d0d2632","name":"Registration Failure","originalRequest":{"method":"POST","header":[],"url":"/api/auth/register"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"76"},{"key":"ETag","value":"W/\"4c-z9THwT3p18n+DUpQM3ib/6s/3Xo\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:42:05 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"An internal server error occurred. The incident has been logged.\"\n}"},{"id":"78c695a7-31e0-406e-be38-37c6bee5fef3","name":"Duplicate Username or Email","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/register"},"status":"Bad Request","code":400,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"44"},{"key":"ETag","value":"W/\"2c-ZX5vZJNbErS4ailpipvSPC5t5Z4\""},{"key":"Date","value":"Thu, 12 Mar 2026 17:19:09 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"Username or email already exists\"\n}"},{"id":"703c9cbb-c30b-4bb9-b861-39fca9ffc8bf","name":"Register","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/register"},"status":"Created","code":201,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Set-Cookie","value":"profile_pref=eyJ0aGVtZSI6ImxpZ2h0IiwibGFuZ3VhZ2UiOiJlbiIsIm5vdGlmaWNhdGlvbnMiOnRydWV9; Max-Age=900; Path=/; Expires=Thu, 12 Mar 2026 17:35:28 GMT"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"659"},{"key":"ETag","value":"W/\"293-eVejSId0j0GZqhVMOi1dImZoJGk\""},{"key":"Date","value":"Thu, 12 Mar 2026 17:20:28 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"User registered\",\n \"user\": {\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"username\": \"Zubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"user\"\n },\n \"token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIyMDUwN2UyNy0yYzViLTQ0ZDAtODM4My03ZWE4ODIxYmM4YjYiLCJyb2xlIjoidXNlciIsImlhdCI6MTc3MzMzNjAyOCwiZXhwIjoxNzc1OTI4MDI4fQ.Y6I9q4wPNDdfora8B1gqup5va6VEH-19nUPDTZpeHrE\",\n \"account\": {\n \"account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"account_number\": \"10895423\",\n \"sort_code\": \"12-34-56\",\n \"account_type\": \"Current\",\n \"balance\": \"100.00\",\n \"created_at\": \"2026-03-12T17:20:28.274Z\"\n }\n}"}],"_postman_id":"53346ef2-b352-4c4a-b255-9e8aad01b09b"},{"name":"Login","event":[{"listen":"test","script":{"id":"256b4a75-f2c7-4673-a798-d27e521219d3","exec":["// Parse the JSON response","const jsonData = pm.response.json();","","// Extract token - check common field names","const token = jsonData.token;","","// Save token to environment variable if found","if (token) {"," pm.collectionVariables.set(\"token\", token); // Alternative for collection variables"," console.log(\"Token saved to environment variable 'token'\");","} else {"," console.warn(\"No token found in response. Check the response structure.\");","}","","// Test to verify token exists in response","pm.test(\"Response contains a token\", function () {"," pm.expect(token).to.not.be.undefined;"," pm.expect(token).to.not.be.null;"," pm.expect(token).to.be.a('string').and.not.empty;","});"],"type":"text/javascript","packages":{},"requests":{}}}],"id":"3881f65c-e277-42c0-8db8-e44e39cff15d","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/login","urlObject":{"path":["api","auth","login"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"54d57d2f-e25b-4b10-b2bf-e30dd42774b4","name":"Login Failure","originalRequest":{"method":"POST","header":[],"url":"/api/auth/login"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"76"},{"key":"ETag","value":"W/\"4c-z9THwT3p18n+DUpQM3ib/6s/3Xo\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:51:52 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"An internal server error occurred. The incident has been logged.\"\n}"},{"id":"c65c30e1-b049-47e3-8cfd-5bf0c2b30778","name":"Login","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubs\",\n \"password\": \"password\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/login"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Set-Cookie","value":"profile_pref=eyJ0aGVtZSI6ImxpZ2h0IiwibGFuZ3VhZ2UiOiJlbiIsIm5vdGlmaWNhdGlvbnMiOnRydWV9; Max-Age=900; Path=/; Expires=Thu, 12 Mar 2026 17:36:03 GMT"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"412"},{"key":"ETag","value":"W/\"19c-tIuKVn5NTWEMC606fj3gZt9u1+0\""},{"key":"Date","value":"Thu, 12 Mar 2026 17:21:03 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Login successful\",\n \"user\": {\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"username\": \"Zubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"user\"\n },\n \"token\": \"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiIyMDUwN2UyNy0yYzViLTQ0ZDAtODM4My03ZWE4ODIxYmM4YjYiLCJyb2xlIjoidXNlciIsImlhdCI6MTc3MzMzNjA2MywiZXhwIjoxNzc1OTI4MDYzfQ._sD9OrDY9TC2yTMZmzNkVCZ0QO6E14tnC1AR_qSwWlw\"\n}"},{"id":"b5792f92-296b-41cb-86c5-c207ec232c77","name":"Invalid credentials","originalRequest":{"method":"POST","header":[],"body":{"mode":"raw","raw":"{\n \"username\": \"Zubsxy\",\n \"password\": \"password\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/auth/login"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"33"},{"key":"ETag","value":"W/\"21-dBEoW0UmTF+EGUMaprEp9/8zNNA\""},{"key":"Date","value":"Thu, 12 Mar 2026 17:24:11 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Invalid credentials\"\n}"}],"_postman_id":"3881f65c-e277-42c0-8db8-e44e39cff15d"},{"name":"Logout","id":"dbf81beb-2298-4ffc-9f18-d6da2b41a211","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/auth/logout","urlObject":{"path":["api","auth","logout"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"9db75e58-6556-486a-b3cc-8b2c9e78bd77","name":"No Token Provided","originalRequest":{"method":"POST","header":[],"url":"/api/auth/logout"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:54:34 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"081e9267-af1c-4e47-b529-c5a551839d76","name":"Logout","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/auth/logout"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-vYmtThEV0qgPmOaoi5WLoJuDA80\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:55:27 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Logout successful\"\n}"}],"_postman_id":"dbf81beb-2298-4ffc-9f18-d6da2b41a211"}],"id":"8a22f256-32fe-416b-8357-8bdf4ceb389e","_postman_id":"8a22f256-32fe-416b-8357-8bdf4ceb389e","description":""},{"name":"Transactions","item":[{"name":"Transfer","id":"e9775430-9582-422a-bfca-5bb66d6a6d3e","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"to_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"amount\": -50,\n \"description\": \"Sample\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer","urlObject":{"path":["api","transactions","transfer"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"38ec2863-7570-4013-baeb-b321cf37c3a9","name":"No Token Provided","originalRequest":{"method":"POST","header":[],"url":"/api/transactions/transfer"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:57:15 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"b32dd8ce-c90b-4831-bdf6-0a6dc55b30af","name":"Expired Token","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/transactions/transfer"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"43"},{"key":"ETag","value":"W/\"2b-oZfSH9xWVDmMlchlkeLxl5gwjuE\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:58:01 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Session expired or logged out\"\n}"},{"id":"17639423-f591-4d22-8460-20cc2e889c55","name":"Transfer Failure","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/transactions/transfer"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"76"},{"key":"ETag","value":"W/\"4c-z9THwT3p18n+DUpQM3ib/6s/3Xo\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:58:49 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"An internal server error occurred. The incident has been logged.\"\n}"},{"id":"6def03b9-391e-488b-9b11-1eb838de0cf0","name":"Insufficient Funds","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"to_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"amount\": 1200,\n \"description\": \"Sample\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"Bad Request","code":400,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"32"},{"key":"ETag","value":"W/\"20-gszukOUwM7qBWVjvz4Jk+Na2P+c\""},{"key":"Date","value":"Tue, 10 Mar 2026 05:01:07 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Insufficient funds\"\n}"},{"id":"f9e55274-11f8-4200-bee1-2f091c288126","name":"Source account not found","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": 123,\n \"to_account_id\": 1,\n \"amount\": 50,\n \"description\": \"Sample\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"Not Found","code":404,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"38"},{"key":"ETag","value":"W/\"26-NIRoUImVFxGrmFW9yvtOS4dRG/w\""},{"key":"Date","value":"Tue, 10 Mar 2026 05:01:50 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Source account not found\"\n}"},{"id":"d15cc55d-26af-4b10-9e4e-47717d8cee41","name":"Detailed Error Message","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"to_account_id\": 123,\n \"amount\": 50,\n \"description\": \"Sample\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"429"},{"key":"ETag","value":"W/\"1ad-mN+m1kZAcfk5kdIYjZQbxZY6SlY\""},{"key":"Date","value":"Tue, 10 Mar 2026 05:02:17 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"insert or update on table \\\"transactions\\\" violates foreign key constraint \\\"transactions_to_account_id_fkey\\\"\",\n \"sql_error\": {\n \"length\": 293,\n \"name\": \"error\",\n \"severity\": \"ERROR\",\n \"code\": \"23503\",\n \"detail\": \"Key (to_account_id)=(123) is not present in table \\\"accounts\\\".\",\n \"schema\": \"public\",\n \"table\": \"transactions\",\n \"constraint\": \"transactions_to_account_id_fkey\",\n \"file\": \"ri_triggers.c\",\n \"line\": \"2599\",\n \"routine\": \"ri_ReportViolation\"\n }\n}"},{"id":"ff3c444e-9032-48ea-8355-765d5d1b3f35","name":"Transfer","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"to_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"amount\": 50,\n \"description\": \"Sample\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"206"},{"key":"ETag","value":"W/\"ce-z3ZT+SM5Mn9RMCT9Ajt4SW0t3ns\""},{"key":"Date","value":"Tue, 10 Mar 2026 05:02:56 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Transfer successful\",\n \"transaction\": {\n \"transaction_id\": 2,\n \"from_account_id\": 1,\n \"to_account_id\": 1,\n \"amount\": \"50.00\",\n \"description\": \"Sample\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-03-10T05:02:56.109Z\"\n }\n}"},{"id":"6f3928bb-045f-46e8-91a9-c0bf6fa777d5","name":"Transfer With Negative Amount","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"from_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"to_account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"amount\": -50,\n \"description\": \"Sample\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/transactions/transfer"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"207"},{"key":"ETag","value":"W/\"cf-cyfd64iizCVpjedg2UeX+QWzcfQ\""},{"key":"Date","value":"Tue, 10 Mar 2026 05:03:17 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Transfer successful\",\n \"transaction\": {\n \"transaction_id\": 3,\n \"from_account_id\": 1,\n \"to_account_id\": 1,\n \"amount\": \"-50.00\",\n \"description\": \"Sample\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-03-10T05:03:17.917Z\"\n }\n}"}],"_postman_id":"e9775430-9582-422a-bfca-5bb66d6a6d3e"},{"name":"Get Transaction History","id":"a3f5c7d1-63de-410b-aec7-87611465ac0f","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/transactions/history/5ee1241c-4b11-4155-a138-8990fdd1861f","urlObject":{"path":["api","transactions","history","5ee1241c-4b11-4155-a138-8990fdd1861f"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"a0f0821f-f370-42be-a266-d38349c79241","name":"No Token Provided","originalRequest":{"method":"GET","header":[],"url":"/api/transactions/history/5ee1241c-4b11-4155-a138-8990fdd1861f"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Tue, 10 Mar 2026 05:04:14 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"8aba171d-0e07-45b7-81e2-52548c008e57","name":"Get Transaction History","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/transactions/history/5ee1241c-4b11-4155-a138-8990fdd1861f"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"337"},{"key":"ETag","value":"W/\"151-KR9B2TPitW0kOrlHfuUvl3Ix8u0\""},{"key":"Date","value":"Tue, 10 Mar 2026 05:04:44 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"transactions\": [\n {\n \"transaction_id\": 3,\n \"from_account_id\": 1,\n \"to_account_id\": 1,\n \"amount\": \"-50.00\",\n \"description\": \"Sample\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-03-10T05:03:17.917Z\"\n },\n {\n \"transaction_id\": 2,\n \"from_account_id\": 1,\n \"to_account_id\": 1,\n \"amount\": \"50.00\",\n \"description\": \"Sample\",\n \"status\": \"completed\",\n \"timestamp\": \"2026-03-10T05:02:56.109Z\"\n }\n ]\n}"},{"id":"1a847e74-8da2-410f-9b09-6a422fea750b","name":"Invalid ID type","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/transactions/history/1"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"76"},{"key":"ETag","value":"W/\"4c-z9THwT3p18n+DUpQM3ib/6s/3Xo\""},{"key":"Date","value":"Mon, 16 Mar 2026 16:57:36 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"An internal server error occurred. The incident has been logged.\"\n}"}],"_postman_id":"a3f5c7d1-63de-410b-aec7-87611465ac0f"}],"id":"dcdc2027-0706-4371-8a09-25c38cf198d7","_postman_id":"dcdc2027-0706-4371-8a09-25c38cf198d7","description":""},{"name":"Accounts","item":[{"name":"Get User Account","id":"79545ab6-feea-4db5-b016-b1d4a584bf4d","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/account/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6","urlObject":{"path":["api","account","user","20507e27-2c5b-44d0-8383-7ea8821bc8b6"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"1b4a10e2-3e8d-4ca2-accb-ebf25ad69cff","name":"No token provided","originalRequest":{"method":"GET","header":[],"url":"/api/account/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:05:10 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"2477d472-599e-47f1-a769-f0ef8539442f","name":"Get User Account","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/account/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"249"},{"key":"ETag","value":"W/\"f9-CuFdG7biJrBMWCDkP1/zkf13C3k\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:05:43 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"account\": {\n \"account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"account_number\": \"10895423\",\n \"sort_code\": \"12-34-56\",\n \"account_type\": \"Current\",\n \"balance\": \"100.00\",\n \"created_at\": \"2026-03-12T17:20:28.274Z\"\n }\n}"}],"_postman_id":"79545ab6-feea-4db5-b016-b1d4a584bf4d"},{"name":"Lookup (Get Recipient Account)","id":"a479e271-e364-4840-84bd-4759a92d3ff3","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"account_number\": \"10895423\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/account/lookup","urlObject":{"path":["api","account","lookup"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"11ba11c1-bfa2-446b-8be0-c5ddfc694b81","name":"No token provided","originalRequest":{"method":"POST","header":[],"url":"/api/account/lookup"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:07:03 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"62789915-6657-4dbf-b870-efa3062dd642","name":"Error","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/account/lookup"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"76"},{"key":"ETag","value":"W/\"4c-z9THwT3p18n+DUpQM3ib/6s/3Xo\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:07:49 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"An internal server error occurred. The incident has been logged.\"\n}"},{"id":"f3331702-1acd-4781-8ef3-735e6960a1d4","name":"Account Not Found","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"account_number\": \"123456\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/account/lookup"},"status":"Not Found","code":404,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-JkY0DvpxbEny7Houx5m94RC0biQ\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:09:29 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Account not found\"\n}"},{"id":"b0a7dde6-ddf6-4f85-8f20-bfb5541e4ed9","name":"Lookup (Get Recipient Account)","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"account_number\": \"10895423\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/account/lookup"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"177"},{"key":"ETag","value":"W/\"b1-5SJ+g8gOIy3GgDTrHZqS1ZnWsRQ\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:10:49 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Account found\",\n \"recipient\": {\n \"full_name\": \"Zubair Idris Aweda\",\n \"account_number\": \"10895423\",\n \"sort_code\": \"12-34-56\",\n \"account_id\": \"5ee1241c-4b11-4155-a138-8990fdd1861f\"\n }\n}"}],"_postman_id":"a479e271-e364-4840-84bd-4759a92d3ff3"}],"id":"8a6fca49-ad74-41ba-858c-1057a63f18b7","_postman_id":"8a6fca49-ad74-41ba-858c-1057a63f18b7","description":""},{"name":"Profile","item":[{"name":"Get User Profile","id":"c9d5d879-cdcf-4c1e-977c-abfb911c65e8","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6","urlObject":{"path":["api","user","20507e27-2c5b-44d0-8383-7ea8821bc8b6"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"01947dce-42b8-433c-ae17-55b09f296205","name":"No token provided","originalRequest":{"method":"GET","header":[],"url":"/api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:15:24 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"22d27534-d20c-49ea-8fe6-03948a5f3898","name":"Get User Profile","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"161"},{"key":"ETag","value":"W/\"a1-fX3Mxdj8Rwx097vQn7AANPY4DI4\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:16:42 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"user\": {\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"username\": \"Zubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"user\"\n }\n}"}],"_postman_id":"c9d5d879-cdcf-4c1e-977c-abfb911c65e8"},{"name":"Update User Profile","id":"46948e06-fad8-472f-9c7e-c38890bebb44","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"PUT","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"username\": \"greatzubs\",\n \"role\": \"admin\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6","urlObject":{"path":["api","user","20507e27-2c5b-44d0-8383-7ea8821bc8b6"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"27643fab-28f1-453a-a7ec-c9a3e5b89949","name":"No token provided","originalRequest":{"method":"PUT","header":[],"url":"/api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:23:43 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"dbc87a28-bb33-4482-9599-fc9015a8436a","name":"Error","originalRequest":{"method":"PUT","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"76"},{"key":"ETag","value":"W/\"4c-z9THwT3p18n+DUpQM3ib/6s/3Xo\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:24:33 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"An internal server error occurred. The incident has been logged.\"\n}"},{"id":"ce9c1bc2-ffcc-4cad-99bb-00360143c18d","name":"Update User Profile","originalRequest":{"method":"PUT","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"username\": \"greatzubs\",\n \"role\": \"admin\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"208"},{"key":"ETag","value":"W/\"d0-N2OB2tlDsJMYeUux8B67hpjEEaE\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:26:59 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Profile updated successfully\",\n \"user\": {\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"username\": \"greatzubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\"\n }\n}"}],"_postman_id":"46948e06-fad8-472f-9c7e-c38890bebb44"},{"name":"Upload Avatar","id":"6585d728-4e8c-4d0b-be77-abbe3b846612","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"imageUrl\": \"https://avatars.githubusercontent.com/u/53227444?v=4\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/avatar","urlObject":{"path":["api","user","avatar"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"3553c2a9-b882-4dd8-a2bb-ecfffcd00463","name":"No token provided","originalRequest":{"method":"POST","header":[],"url":"/api/user/avatar"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:28:13 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"52f0c344-d9bd-4be3-8c1e-b53bb91c6031","name":"Error","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/user/avatar"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"76"},{"key":"ETag","value":"W/\"4c-z9THwT3p18n+DUpQM3ib/6s/3Xo\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:30:17 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"error\": \"An internal server error occurred. The incident has been logged.\"\n}"},{"id":"cc4ae278-5ae7-425b-b954-8c6369a2bc6d","name":"Upload Avatar","originalRequest":{"method":"POST","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"body":{"mode":"raw","raw":"{\n \"imageUrl\": \"https://avatars.githubusercontent.com/u/53227444?v=4\"\n}","options":{"raw":{"language":"json"}}},"url":"/api/user/avatar"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"99"},{"key":"ETag","value":"W/\"63-PG/bvlXYFSwMQoJdUDTDuNJgNDI\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:31:00 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Avatar updated successfully\",\n \"url\": \"/uploads/20507e27-2c5b-44d0-8383-7ea8821bc8b6.png\"\n}"}],"_postman_id":"6585d728-4e8c-4d0b-be77-abbe3b846612"},{"name":"View User Avatar","id":"f4e1d5b8-93a8-4ee6-b0a0-584a46ff5cea","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"/uploads/20507e27-2c5b-44d0-8383-7ea8821bc8b6.png","urlObject":{"path":["uploads","20507e27-2c5b-44d0-8383-7ea8821bc8b6.png"],"host":[""],"query":[],"variable":[]}},"response":[],"_postman_id":"f4e1d5b8-93a8-4ee6-b0a0-584a46ff5cea"}],"id":"9cd12931-589b-465a-9983-6a47160cb174","_postman_id":"9cd12931-589b-465a-9983-6a47160cb174","description":""},{"name":"Admin","item":[{"name":"Get All Users","id":"f56f6911-d77d-404f-88d1-3c3f4a7a6285","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/users","urlObject":{"path":["api","admin","users"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"92adaeb7-6233-4b95-8d4a-a344545de647","name":"No token provided","originalRequest":{"method":"GET","header":[],"url":"/api/admin/users"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:38:07 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"38eb011e-adc7-42d6-ac25-b20d43378b68","name":"Get All Users","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/users"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"210"},{"key":"ETag","value":"W/\"d2-x9PzUhrCbS3HFzh6KjVmk6oaJT0\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:39:00 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"users\": [\n {\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"username\": \"greatzubs\",\n \"full_name\": \"Zubair Idris Aweda\",\n \"email\": \"zubairidrisaweda@gmail.com\",\n \"role\": \"admin\",\n \"created_at\": \"2026-03-12T17:20:28.269Z\"\n }\n ]\n}"}],"_postman_id":"f56f6911-d77d-404f-88d1-3c3f4a7a6285"},{"name":"Get All Transactions","id":"d2ea5eba-ea3a-47b3-8ad4-668e62e38046","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/transactions","urlObject":{"path":["api","admin","transactions"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"864a4579-c7fb-41af-8290-c47584105493","name":"No token provided","originalRequest":{"method":"GET","header":[],"url":"/api/admin/transactions"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:39:51 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"4170296a-2cfd-4f58-b094-8b613a0a6e89","name":"Get All Transactions","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/transactions"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"201"},{"key":"ETag","value":"W/\"c9-tmu0y7lSDlfYo3gpQDowuj6vKmk\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:40:34 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"transactions\": [\n {\n \"transaction_id\": \"48f09666-eb89-4fb4-a38a-d323d6e2e129\",\n \"amount\": \"-50.00\",\n \"description\": \"Sample\",\n \"timestamp\": \"2026-03-16T16:58:56.671Z\",\n \"sender\": \"greatzubs\",\n \"recipient\": \"greatzubs\"\n }\n ]\n}"}],"_postman_id":"d2ea5eba-ea3a-47b3-8ad4-668e62e38046"},{"name":"Get System Logs","id":"27e2df9b-1027-400b-8d14-85ba6af7d2e1","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/system-logs","urlObject":{"path":["api","admin","system-logs"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"b947e2cc-df04-4d43-956c-51dce7c65200","name":"No token provided","originalRequest":{"method":"GET","header":[],"url":"/api/admin/system-logs"},"status":"Unauthorized","code":401,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"31"},{"key":"ETag","value":"W/\"1f-pZK48A3ZbwxVl8UtZcC9y8sBFbw\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:41:17 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"No token provided\"\n}"},{"id":"08b0244c-f849-4c1f-9c4a-0a4bd500d05d","name":"Get System Logs","originalRequest":{"method":"GET","header":[{"key":"Authorization","value":"Bearer ","type":"text"}],"url":"/api/admin/system-logs"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"19437"},{"key":"ETag","value":"W/\"4bed-BtURrmwcio8SloAgZEH/PUyfM40\""},{"key":"Date","value":"Mon, 16 Mar 2026 17:42:49 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"logs\": [\n {\n \"log_id\": \"d6ff20f9-eabb-45bb-acec-9e085e2c43a8\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:41:17 +0000] \\\"GET /api/admin/system-logs HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:41:17.794Z\"\n },\n {\n \"log_id\": \"acb56a32-cd51-48a5-a470-e1df70810428\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:40:34 +0000] \\\"GET /api/admin/transactions HTTP/1.1\\\" 200 201 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:40:34.996Z\"\n },\n {\n \"log_id\": \"63b07e78-edb5-4c15-b87c-baa49fdb5ad6\",\n \"event_type\": \"ADMIN_ACCESS_TRANSACTIONS\",\n \"user_id\": null,\n \"description\": \"Admin accessed the global transactions list\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:40:34.993Z\"\n },\n {\n \"log_id\": \"a6489cb1-aee7-4e43-9245-b532c6f732ec\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:39:51 +0000] \\\"GET /api/admin/transactions HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:39:51.073Z\"\n },\n {\n \"log_id\": \"68be4a44-818c-4760-becd-432b7bb20a8a\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:39:00 +0000] \\\"GET /api/admin/users HTTP/1.1\\\" 200 210 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:39:00.165Z\"\n },\n {\n \"log_id\": \"e304eacf-39a5-4ef7-a30b-3271965680a4\",\n \"event_type\": \"ADMIN_ACCESS_USERS\",\n \"user_id\": null,\n \"description\": \"Admin accessed the global users list\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:39:00.160Z\"\n },\n {\n \"log_id\": \"f975b362-e695-4341-966d-2ed198042e77\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:38:07 +0000] \\\"GET /api/admin/users HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:38:07.819Z\"\n },\n {\n \"log_id\": \"fd501669-2f1c-4375-b37c-0609950b33cb\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:31:00 +0000] \\\"POST /api/user/avatar HTTP/1.1\\\" 200 99 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:31:00.342Z\"\n },\n {\n \"log_id\": \"55508155-6745-4476-82e6-43436db08538\",\n \"event_type\": \"AVATAR_UPLOAD_SUCCESS\",\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"description\": \"Avatar uploaded/updated for user ID: 20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:31:00.336Z\"\n },\n {\n \"log_id\": \"97716f26-5ef3-4efe-967f-33a4fb749144\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:30:17 +0000] \\\"POST /api/user/avatar HTTP/1.1\\\" 500 76 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:30:17.249Z\"\n },\n {\n \"log_id\": \"59631107-7b95-40c4-9ec6-3e275ae59195\",\n \"event_type\": \"ERROR\",\n \"user_id\": null,\n \"description\": \"Unhandled Exception: Cannot destructure property 'imageUrl' of 'req.body' as it is undefined. | Stack: TypeError: Cannot destructure property 'imageUrl' of 'req.body' as it is undefined.\\n at exports.uploadAvatar (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/controllers/userController.js:112:17)\\n at Layer.handleRequest (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/router/lib/layer.js:152:17)\\n at next (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/router/lib/route.js:157:13)\\n at /Users/idrisawedazubair/owasp-sec-bank/secure/backend/middlewares/authMiddleware.js:39:13\\n at /Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:261:12\\n at getSecret (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:97:14)\\n at module.exports [as verify] (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:101:10)\\n at module.exports (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/middlewares/authMiddleware.js:24:13)\\n at process.processTicksAndRejections (node:internal/process/task_queues:105:5)\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:30:17.247Z\"\n },\n {\n \"log_id\": \"ae48d846-de2e-42f2-8468-6681cdbe0733\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:28:13 +0000] \\\"POST /api/user/avatar HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:28:13.822Z\"\n },\n {\n \"log_id\": \"a7682c79-c0ed-4e1f-999c-71ece872c198\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:26:59 +0000] \\\"PUT /api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 200 208 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:26:59.325Z\"\n },\n {\n \"log_id\": \"fd570e0e-5b0a-47c2-ac65-e28d67650cc7\",\n \"event_type\": \"PROFILE_UPDATE_SUCCESS\",\n \"user_id\": null,\n \"description\": \"Profile updated for user ID: 20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:26:59.324Z\"\n },\n {\n \"log_id\": \"f5943d5a-58be-45e3-b375-3b5bebfdbaae\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:26:47 +0000] \\\"PUT /api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 200 322 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:26:47.544Z\"\n },\n {\n \"log_id\": \"55768615-95d5-4698-acef-bd6713bb8943\",\n \"event_type\": \"PROFILE_UPDATE_SUCCESS\",\n \"user_id\": null,\n \"description\": \"Profile updated for user ID: 20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:26:47.543Z\"\n },\n {\n \"log_id\": \"7e41aa08-62f7-4e57-94b2-ce73ca3b0604\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:25:09 +0000] \\\"PUT /api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 200 322 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:25:09.012Z\"\n },\n {\n \"log_id\": \"65ea8081-b386-46e8-bf96-4e73e26f3f2f\",\n \"event_type\": \"PROFILE_UPDATE_SUCCESS\",\n \"user_id\": null,\n \"description\": \"Profile updated for user ID: 20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:25:09.011Z\"\n },\n {\n \"log_id\": \"99c9d7af-12dd-4f94-9953-899ac263f6ea\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:24:33 +0000] \\\"PUT /api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 500 76 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:24:33.986Z\"\n },\n {\n \"log_id\": \"cd071838-cd38-419d-9341-d2fde7ca80c0\",\n \"event_type\": \"ERROR\",\n \"user_id\": null,\n \"description\": \"Unhandled Exception: Cannot destructure property 'username' of 'req.body' as it is undefined. | Stack: TypeError: Cannot destructure property 'username' of 'req.body' as it is undefined.\\n at exports.updateProfile (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/controllers/userController.js:12:13)\\n at Layer.handleRequest (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/router/lib/layer.js:152:17)\\n at next (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/router/lib/route.js:157:13)\\n at /Users/idrisawedazubair/owasp-sec-bank/secure/backend/middlewares/authMiddleware.js:39:13\\n at /Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:261:12\\n at getSecret (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:97:14)\\n at module.exports [as verify] (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:101:10)\\n at module.exports (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/middlewares/authMiddleware.js:24:13)\\n at process.processTicksAndRejections (node:internal/process/task_queues:105:5)\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:24:33.980Z\"\n },\n {\n \"log_id\": \"c6839b12-fe5c-4209-90de-7ac8e3e7cc8c\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:23:43 +0000] \\\"PUT /api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:23:43.782Z\"\n },\n {\n \"log_id\": \"064902fb-511b-4f4f-a28e-948f05c10616\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:16:42 +0000] \\\"GET /api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 200 161 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:16:42.576Z\"\n },\n {\n \"log_id\": \"ab847405-6c2d-4c1f-bf8b-218596b6b28f\",\n \"event_type\": \"PROFILE_ACCESS\",\n \"user_id\": null,\n \"description\": \"Profile accessed for user ID: 20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:16:42.572Z\"\n },\n {\n \"log_id\": \"8a4aec82-f06b-41d0-a526-1f900623f42c\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:15:24 +0000] \\\"GET /api/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:15:24.394Z\"\n },\n {\n \"log_id\": \"453158da-4084-4401-b6e6-569532b3037f\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:14:57 +0000] \\\"GET /api/user/4 HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:14:57.102Z\"\n },\n {\n \"log_id\": \"7eec28df-e4bd-4157-8a83-f404d7f8da2e\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:10:49 +0000] \\\"POST /api/account/lookup HTTP/1.1\\\" 200 177 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:10:49.248Z\"\n },\n {\n \"log_id\": \"e0231f06-39f7-4c0f-9513-b1ae19253fd8\",\n \"event_type\": \"ACCOUNT_LOOKUP_SUCCESS\",\n \"user_id\": null,\n \"description\": \"Account lookup successful for account: 10895423\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:10:49.244Z\"\n },\n {\n \"log_id\": \"8a353f09-d60f-4cc5-9ad9-b8b008a177a7\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:10:01 +0000] \\\"POST /api/account/lookup HTTP/1.1\\\" 404 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:10:01.882Z\"\n },\n {\n \"log_id\": \"0c9d5acf-8afe-420c-9f38-29ed4adb59b5\",\n \"event_type\": \"ACCOUNT_LOOKUP_FAIL\",\n \"user_id\": null,\n \"description\": \"Failed account lookup attempt for account: 20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:10:01.879Z\"\n },\n {\n \"log_id\": \"e4777afb-cbf9-42d8-ae57-8ab4f2adf141\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:09:29 +0000] \\\"POST /api/account/lookup HTTP/1.1\\\" 404 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:09:29.377Z\"\n },\n {\n \"log_id\": \"7e5e69e5-d9db-4339-808d-9bc301f8863d\",\n \"event_type\": \"ACCOUNT_LOOKUP_FAIL\",\n \"user_id\": null,\n \"description\": \"Failed account lookup attempt for account: 123456\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:09:29.375Z\"\n },\n {\n \"log_id\": \"2c562bd3-c4a2-489b-a980-405b605e0890\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:07:49 +0000] \\\"POST /api/account/lookup HTTP/1.1\\\" 500 76 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:07:49.015Z\"\n },\n {\n \"log_id\": \"72365eec-444e-4f73-9f05-746d51b4bca8\",\n \"event_type\": \"ERROR\",\n \"user_id\": null,\n \"description\": \"Unhandled Exception: Cannot destructure property 'account_number' of 'req.body' as it is undefined. | Stack: TypeError: Cannot destructure property 'account_number' of 'req.body' as it is undefined.\\n at exports.lookupAccount (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/controllers/accountController.js:22:17)\\n at Layer.handleRequest (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/router/lib/layer.js:152:17)\\n at next (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/router/lib/route.js:157:13)\\n at /Users/idrisawedazubair/owasp-sec-bank/secure/backend/middlewares/authMiddleware.js:39:13\\n at /Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:261:12\\n at getSecret (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:97:14)\\n at module.exports [as verify] (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/jsonwebtoken/verify.js:101:10)\\n at module.exports (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/middlewares/authMiddleware.js:24:13)\\n at process.processTicksAndRejections (node:internal/process/task_queues:105:5)\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T17:07:49.011Z\"\n },\n {\n \"log_id\": \"37144437-22a3-4084-9848-ed6b11ba13f3\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:07:03 +0000] \\\"POST /api/account/lookup HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:07:03.786Z\"\n },\n {\n \"log_id\": \"28cb55fe-2c50-4488-b1a4-a5e8b0a8d077\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:05:43 +0000] \\\"GET /api/account/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 200 249 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:05:43.066Z\"\n },\n {\n \"log_id\": \"5b4350fd-a181-4de0-aaea-3f33090c54b3\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:17:05:10 +0000] \\\"GET /api/account/user/20507e27-2c5b-44d0-8383-7ea8821bc8b6 HTTP/1.1\\\" 401 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T17:05:10.238Z\"\n },\n {\n \"log_id\": \"5201758f-a6ac-4f5c-a0b7-89ceff6e97a6\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:59:11 +0000] \\\"GET /api/transactions/history/5ee1241c-4b11-4155-a138-8990fdd1861f HTTP/1.1\\\" 200 289 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:59:11.583Z\"\n },\n {\n \"log_id\": \"9de16b71-80e4-4332-a5e7-33bcd688bcda\",\n \"event_type\": \"TRANSACTION_HISTORY_ACCESS\",\n \"user_id\": null,\n \"description\": \"Transaction history accessed for account 5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:59:11.580Z\"\n },\n {\n \"log_id\": \"9df1c88f-5e7f-4151-9a61-0d826c21d276\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:58:56 +0000] \\\"POST /api/transactions/transfer HTTP/1.1\\\" 200 318 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:58:56.677Z\"\n },\n {\n \"log_id\": \"dd2da4ba-553a-4a60-a412-59c3479ab391\",\n \"event_type\": \"TRANSFER_SUCCESS\",\n \"user_id\": null,\n \"description\": \"Transfer executed: -50 from 5ee1241c-4b11-4155-a138-8990fdd1861f to 5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:58:56.676Z\"\n },\n {\n \"log_id\": \"ea6e9237-4ec9-4ae4-9785-b582079cf9bd\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:57:36 +0000] \\\"GET /api/transactions/history/1 HTTP/1.1\\\" 500 76 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:57:36.216Z\"\n },\n {\n \"log_id\": \"0701cfb5-6bbf-49ce-9d08-5287d2ba5b40\",\n \"event_type\": \"ERROR\",\n \"user_id\": null,\n \"description\": \"Unhandled Exception: invalid input syntax for type uuid: \\\"1\\\" | Stack: error: invalid input syntax for type uuid: \\\"1\\\"\\n at /Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/pg-pool/index.js:45:11\\n at process.processTicksAndRejections (node:internal/process/task_queues:105:5)\\n at async exports.getHistory (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/controllers/transactionController.js:87:24)\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:57:36.213Z\"\n },\n {\n \"log_id\": \"f565dd66-3c47-404a-ade9-223ea399f2a7\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:57:06 +0000] \\\"GET /api/transactions/history/5ee1241c-4b11-4155-a138-8990fdd1861f HTTP/1.1\\\" 200 19 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:57:06.591Z\"\n },\n {\n \"log_id\": \"7980f35e-b00d-426c-bc64-57fa04e04c26\",\n \"event_type\": \"TRANSACTION_HISTORY_ACCESS\",\n \"user_id\": null,\n \"description\": \"Transaction history accessed for account 5ee1241c-4b11-4155-a138-8990fdd1861f\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:57:06.588Z\"\n },\n {\n \"log_id\": \"34288a4c-42a1-498f-8a20-2bb853f784c3\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:51:45 +0000] \\\"GET /api/transactions/history/1 HTTP/1.1\\\" 500 76 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:51:45.688Z\"\n },\n {\n \"log_id\": \"70f3697b-7e17-4268-bc57-34b2e7cbf2d8\",\n \"event_type\": \"ERROR\",\n \"user_id\": null,\n \"description\": \"Unhandled Exception: invalid input syntax for type uuid: \\\"1\\\" | Stack: error: invalid input syntax for type uuid: \\\"1\\\"\\n at /Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/pg-pool/index.js:45:11\\n at process.processTicksAndRejections (node:internal/process/task_queues:105:5)\\n at async exports.getHistory (/Users/idrisawedazubair/owasp-sec-bank/secure/backend/controllers/transactionController.js:87:24)\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:51:45.686Z\"\n },\n {\n \"log_id\": \"e6490b37-94e0-4b4b-bca4-0c2744090bc0\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:51:42 +0000] \\\"POST /api/auth/login HTTP/1.1\\\" 200 412 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:51:42.288Z\"\n },\n {\n \"log_id\": \"00cd5999-2e30-4a41-897c-90fe48b42394\",\n \"event_type\": \"AUTH_SUCCESS\",\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"description\": \"Successful login for user ID: 20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:51:42.286Z\"\n },\n {\n \"log_id\": \"52433d4b-909d-4844-bb69-1c0fee2cd428\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:51:35 +0000] \\\"GET /api/transactions/history/1 HTTP/1.1\\\" 401 43 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:51:35.373Z\"\n },\n {\n \"log_id\": \"da514514-8449-4b46-b406-c28b1540e08d\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:51:12 +0000] \\\"POST /api/auth/logout HTTP/1.1\\\" 200 31 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:51:12.485Z\"\n },\n {\n \"log_id\": \"9443d3ae-ae35-43ab-a1d0-4c6a0be5646f\",\n \"event_type\": \"AUTH_LOGOUT\",\n \"user_id\": null,\n \"description\": \"User successfully logged out\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:51:12.483Z\"\n },\n {\n \"log_id\": \"48add67f-f366-479e-95a9-d5e3a43e67a5\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:50:50 +0000] \\\"POST /api/auth/login HTTP/1.1\\\" 401 33 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:50:50.961Z\"\n },\n {\n \"log_id\": \"89a0be55-5d24-4b4e-bfef-2cc31d98d80b\",\n \"event_type\": \"AUTH_FAIL\",\n \"user_id\": null,\n \"description\": \"Failed login attempt for username: Zubs\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:50:50.959Z\"\n },\n {\n \"log_id\": \"5a4f9083-05e0-4c54-98f7-bc80026be6fe\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:50:37 +0000] \\\"POST /api/auth/login HTTP/1.1\\\" 200 412 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:50:37.079Z\"\n },\n {\n \"log_id\": \"b1f1045b-ee9c-4c05-b01f-125bb5024cce\",\n \"event_type\": \"AUTH_SUCCESS\",\n \"user_id\": \"20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"description\": \"Successful login for user ID: 20507e27-2c5b-44d0-8383-7ea8821bc8b6\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:50:37.078Z\"\n },\n {\n \"log_id\": \"868ed0f0-ca50-4057-bdb2-c45a05cdac2e\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:50:17 +0000] \\\"GET /api-docs.json HTTP/1.1\\\" 200 5407 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:50:17.925Z\"\n },\n {\n \"log_id\": \"110df520-4675-498f-9d77-e38fe36794f2\",\n \"event_type\": \"INFO\",\n \"user_id\": null,\n \"description\": \"::1 - - [16/Mar/2026:16:49:24 +0000] \\\"GET /api HTTP/1.1\\\" 200 101 \\\"-\\\" \\\"PostmanRuntime/7.52.0\\\"\",\n \"ip_address\": null,\n \"timestamp\": \"2026-03-16T16:49:24.159Z\"\n },\n {\n \"log_id\": \"a166e524-78bb-4ab4-9ff0-32c64bb8611f\",\n \"event_type\": \"SYSTEM_HEALTH_CHECK\",\n \"user_id\": null,\n \"description\": \"System health check accessed\",\n \"ip_address\": \"::1\",\n \"timestamp\": \"2026-03-16T16:49:24.138Z\"\n }\n ]\n}"}],"_postman_id":"27e2df9b-1027-400b-8d14-85ba6af7d2e1"}],"id":"59ecb3bc-e64d-4b31-82f3-98a50ea3e572","_postman_id":"59ecb3bc-e64d-4b31-82f3-98a50ea3e572","description":""},{"name":"Hello World!","id":"d92af041-383e-4ed1-98e3-d373f70a2ad4","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"/api","urlObject":{"path":["api"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"c1010e7a-5def-469b-b0bb-bd9af11a0746","name":"System Malfunction","originalRequest":{"method":"GET","header":[],"url":"/api"},"status":"Internal Server Error","code":500,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"62"},{"key":"ETag","value":"W/\"3e-4JzLapbTtqyxFV+wc/Vp3ZaHhBQ\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:28:48 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"System malfunction\",\n \"db\": \"unreachable\",\n \"error\": \"\"\n}"},{"id":"24414556-add0-4446-b0b6-27ec8a5ba990","name":"Hello World","originalRequest":{"method":"GET","header":[],"url":"/api"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Access-Control-Allow-Origin","value":"*"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"5181"},{"key":"ETag","value":"W/\"143d-52RFcYqWZvvR0pzgrnviAT++VDc\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:29:41 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"message\": \"Hello World, everything is operational\",\n \"db\": \"ok\",\n \"env\": {\n \"NVM_INC\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/include/node\",\n \"TERM_PROGRAM\": \"iTerm.app\",\n \"NODE\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/bin/node\",\n \"INIT_CWD\": \"/Users/idrisawedazubair/owasp-sec-bank/secure/backend\",\n \"NVM_CD_FLAGS\": \"-q\",\n \"TERM\": \"xterm-256color\",\n \"SHELL\": \"/bin/zsh\",\n \"HOMEBREW_REPOSITORY\": \"/opt/homebrew\",\n \"TMPDIR\": \"/var/folders/lb/f8bq6_yd0m76x8ppscnqfkrc0000gn/T/\",\n \"npm_config_global_prefix\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0\",\n \"TERM_PROGRAM_VERSION\": \"3.6.8\",\n \"COLOR\": \"1\",\n \"HERD_PHP_85_INI_SCAN_DIR\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/php/85/\",\n \"TERM_SESSION_ID\": \"w0t0p1:65EE1BF9-C00D-428A-AF32-887679412E54\",\n \"npm_config_noproxy\": \"\",\n \"npm_config_local_prefix\": \"/Users/idrisawedazubair/owasp-sec-bank/secure/backend\",\n \"HERD_PHP_83_INI_SCAN_DIR\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/php/83/\",\n \"NVM_DIR\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm\",\n \"USER\": \"idrisawedazubair\",\n \"COMMAND_MODE\": \"unix2003\",\n \"npm_config_globalconfig\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/etc/npmrc\",\n \"SSH_AUTH_SOCK\": \"/private/tmp/com.apple.launchd.6xF6BR55je/Listeners\",\n \"__CF_USER_TEXT_ENCODING\": \"0x1F5:0:2\",\n \"npm_execpath\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/lib/node_modules/npm/bin/npm-cli.js\",\n \"HERD_PHP_82_INI_SCAN_DIR\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/php/82/\",\n \"TERM_FEATURES\": \"T3LrMSc7UUw9Ts3BFGsSyHNoSxFP\",\n \"TERMINFO_DIRS\": \"/Users/idrisawedazubair/Applications/iTerm.app/Contents/Resources/terminfo:/usr/share/terminfo\",\n \"PATH\": \"/Users/idrisawedazubair/owasp-sec-bank/secure/backend/node_modules/.bin:/Users/idrisawedazubair/owasp-sec-bank/secure/node_modules/.bin:/Users/idrisawedazubair/owasp-sec-bank/node_modules/.bin:/Users/idrisawedazubair/node_modules/.bin:/Users/node_modules/.bin:/node_modules/.bin:/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/lib/node_modules/npm/node_modules/@npmcli/run-script/lib/node-gyp-bin:/Users/idrisawedazubair/.antigravity/antigravity/bin:/Users/idrisawedazubair/Library/Application Support/Herd/bin/:/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/bin:/opt/homebrew/bin:/opt/homebrew/sbin:/usr/local/bin:/System/Cryptexes/App/usr/bin:/usr/bin:/bin:/usr/sbin:/sbin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/local/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/bin:/var/run/com.apple.security.cryptexd/codex.system/bootstrap/usr/appleinternal/bin:/opt/X11/bin:/usr/local/share/dotnet:~/.dotnet/tools:/Users/idrisawedazubair/Applications/iTerm.app/Contents/Resources/utilities:/Users/idrisawedazubair/Library/Application Support/JetBrains/Toolbox/scripts\",\n \"npm_package_json\": \"/Users/idrisawedazubair/owasp-sec-bank/secure/backend/package.json\",\n \"npm_config_userconfig\": \"/Users/idrisawedazubair/.npmrc\",\n \"npm_config_init_module\": \"/Users/idrisawedazubair/.npm-init.js\",\n \"__CFBundleIdentifier\": \"com.googlecode.iterm2\",\n \"npm_command\": \"run\",\n \"PWD\": \"/Users/idrisawedazubair/owasp-sec-bank/secure/backend\",\n \"npm_lifecycle_event\": \"start\",\n \"EDITOR\": \"vi\",\n \"npm_package_name\": \"backend\",\n \"LANG\": \"en_GB.UTF-8\",\n \"ITERM_PROFILE\": \"Default\",\n \"npm_config_npm_version\": \"11.5.2\",\n \"XPC_FLAGS\": \"0x0\",\n \"npm_config_node_gyp\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/lib/node_modules/npm/node_modules/node-gyp/bin/node-gyp.js\",\n \"npm_package_version\": \"1.0.0\",\n \"XPC_SERVICE_NAME\": \"0\",\n \"SHLVL\": \"2\",\n \"HOME\": \"/Users/idrisawedazubair\",\n \"COLORFGBG\": \"15;0\",\n \"LC_TERMINAL_VERSION\": \"3.6.8\",\n \"HOMEBREW_PREFIX\": \"/opt/homebrew\",\n \"ITERM_SESSION_ID\": \"w0t0p1:65EE1BF9-C00D-428A-AF32-887679412E54\",\n \"npm_config_cache\": \"/Users/idrisawedazubair/.npm\",\n \"LOGNAME\": \"idrisawedazubair\",\n \"npm_lifecycle_script\": \"npm run swagger && node index.js\",\n \"NVM_BIN\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/bin\",\n \"npm_config_user_agent\": \"npm/11.5.2 node/v23.7.0 darwin arm64 workspaces/false\",\n \"INFOPATH\": \"/opt/homebrew/share/info:\",\n \"HOMEBREW_CELLAR\": \"/opt/homebrew/Cellar\",\n \"LC_TERMINAL\": \"iTerm2\",\n \"DISPLAY\": \"/private/tmp/com.apple.launchd.QzDmJBLsDh/org.xquartz:0\",\n \"OSLogRateLimit\": \"64\",\n \"npm_node_execpath\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/bin/node\",\n \"npm_config_prefix\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0\",\n \"COLORTERM\": \"truecolor\",\n \"_\": \"/Users/idrisawedazubair/Library/Application Support/Herd/config/nvm/versions/node/v23.7.0/bin/node\",\n \"DATABASE_URL\": \"postgres://postgres:password@localhost:5432/insecure_bank\",\n \"LIVE_DATABASE_URL\": \"postgresql://owasp_sec_bank_insecure_user:Ocw1tJHKBtX05YmDTplmIz07AW0YHgIe@dpg-d5muu9er433s739dnif0-a/owasp_sec_bank_insecure\",\n \"SONAR_TOKEN\": \"e875e1aab7db3f1267ac5a8125cef77e3c986461\"\n },\n \"timestamp\": \"2026-03-10T04:29:41.412Z\"\n}"}],"_postman_id":"d92af041-383e-4ed1-98e3-d373f70a2ad4"},{"name":"Get API Docs","id":"1ed9a00b-bfe4-43ef-aec4-2c3376223e83","protocolProfileBehavior":{"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"/api-docs.json","urlObject":{"path":["api-docs.json"],"host":[""],"query":[],"variable":[]}},"response":[{"id":"7e521830-e82a-4c47-964d-9371c6369fbe","name":"Get API Docs","originalRequest":{"method":"GET","header":[],"url":"/api-docs.json"},"status":"OK","code":200,"_postman_previewlanguage":null,"header":[{"key":"X-Powered-By","value":"Express"},{"key":"Vary","value":"Origin"},{"key":"Access-Control-Allow-Credentials","value":"true"},{"key":"Content-Type","value":"application/json; charset=utf-8"},{"key":"Content-Length","value":"5463"},{"key":"ETag","value":"W/\"1557-60cZMO39OP3+Snqjr9Yw1eM7VF0\""},{"key":"Date","value":"Tue, 10 Mar 2026 04:31:55 GMT"},{"key":"Connection","value":"keep-alive"},{"key":"Keep-Alive","value":"timeout=5"}],"cookie":[],"responseTime":null,"body":"{\n \"swagger\": \"2.0\",\n \"info\": {\n \"title\": \"Sec-Bank Secure API\",\n \"description\": \"Automatically generated documentation\",\n \"version\": \"1.0.0\"\n },\n \"host\": \"owasp-sec-bank-insecure.onrender.com\",\n \"basePath\": \"/\",\n \"schemes\": [\n \"https\"\n ],\n \"securityDefinitions\": {\n \"bearerAuth\": {\n \"type\": \"apiKey\",\n \"name\": \"Authorization\",\n \"in\": \"header\",\n \"description\": \"Enter your bearer token in the format **Bearer <token>**\"\n }\n },\n \"paths\": {\n \"/api-docs.json\": {\n \"get\": {\n \"description\": \"\",\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n }\n }\n }\n },\n \"/api/\": {\n \"get\": {\n \"description\": \"\",\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/auth/register\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"body\",\n \"in\": \"body\",\n \"schema\": {\n \"type\": \"object\",\n \"properties\": {\n \"username\": {\n \"example\": \"any\"\n },\n \"password\": {\n \"example\": \"any\"\n },\n \"full_name\": {\n \"example\": \"any\"\n },\n \"email\": {\n \"example\": \"any\"\n }\n }\n }\n }\n ],\n \"responses\": {\n \"201\": {\n \"description\": \"Created\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/auth/login\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"body\",\n \"in\": \"body\",\n \"schema\": {\n \"type\": \"object\",\n \"properties\": {\n \"username\": {\n \"example\": \"any\"\n },\n \"password\": {\n \"example\": \"any\"\n }\n }\n }\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/auth/logout\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"400\": {\n \"description\": \"Bad Request\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/account/user/{id}\": {\n \"get\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"id\",\n \"in\": \"path\",\n \"required\": true,\n \"type\": \"string\"\n },\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"404\": {\n \"description\": \"Not Found\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/account/lookup\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n },\n {\n \"name\": \"body\",\n \"in\": \"body\",\n \"schema\": {\n \"type\": \"object\",\n \"properties\": {\n \"account_number\": {\n \"example\": \"any\"\n }\n }\n }\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"404\": {\n \"description\": \"Not Found\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/transactions/transfer\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n },\n {\n \"name\": \"body\",\n \"in\": \"body\",\n \"schema\": {\n \"type\": \"object\",\n \"properties\": {\n \"from_account_id\": {\n \"example\": \"any\"\n },\n \"to_account_id\": {\n \"example\": \"any\"\n },\n \"amount\": {\n \"example\": \"any\"\n },\n \"description\": {\n \"example\": \"any\"\n }\n }\n }\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"400\": {\n \"description\": \"Bad Request\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"404\": {\n \"description\": \"Not Found\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/transactions/history/{accountId}\": {\n \"get\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"accountId\",\n \"in\": \"path\",\n \"required\": true,\n \"type\": \"string\"\n },\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/user/{id}\": {\n \"put\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"id\",\n \"in\": \"path\",\n \"required\": true,\n \"type\": \"string\"\n },\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n },\n {\n \"name\": \"body\",\n \"in\": \"body\",\n \"schema\": {\n \"type\": \"object\",\n \"properties\": {\n \"username\": {\n \"example\": \"any\"\n },\n \"password\": {\n \"example\": \"any\"\n },\n \"full_name\": {\n \"example\": \"any\"\n },\n \"email\": {\n \"example\": \"any\"\n },\n \"role\": {\n \"example\": \"any\"\n }\n }\n }\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"400\": {\n \"description\": \"Bad Request\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"404\": {\n \"description\": \"Not Found\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n },\n \"get\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"id\",\n \"in\": \"path\",\n \"required\": true,\n \"type\": \"string\"\n },\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"404\": {\n \"description\": \"Not Found\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/user/avatar\": {\n \"post\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n },\n {\n \"name\": \"body\",\n \"in\": \"body\",\n \"schema\": {\n \"type\": \"object\",\n \"properties\": {\n \"imageUrl\": {\n \"example\": \"any\"\n }\n }\n }\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"400\": {\n \"description\": \"Bad Request\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/admin/system-logs\": {\n \"get\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/admin/users\": {\n \"get\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n },\n \"/api/admin/transactions\": {\n \"get\": {\n \"description\": \"\",\n \"parameters\": [\n {\n \"name\": \"authorization\",\n \"in\": \"header\",\n \"type\": \"string\"\n }\n ],\n \"responses\": {\n \"200\": {\n \"description\": \"OK\"\n },\n \"401\": {\n \"description\": \"Unauthorized\"\n },\n \"403\": {\n \"description\": \"Forbidden\"\n },\n \"500\": {\n \"description\": \"Internal Server Error\"\n }\n }\n }\n }\n }\n}"}],"_postman_id":"1ed9a00b-bfe4-43ef-aec4-2c3376223e83"}],"id":"2871b8bd-6f09-478d-8d0b-864d1978a50b","_postman_id":"2871b8bd-6f09-478d-8d0b-864d1978a50b","description":""}],"variable":[{"key":"baseURL","value":"","type":"default"},{"key":"token","value":""}]}