Light Dark

Newman Run Dashboard

Sunday, 03 May 2026 10:20:37

Total Iterations

1

Total Assertions

62

Total Failed Tests

0

Total Skipped Tests

0

File Information

Collection: Prosebird API Tests
Environment: Local

Collection Description

REST API test suite for Prosebird. Covers authentication, script management, recording sessions, billing, usage, and onboarding. Includes [SECURITY] cases that demonstrate the client-enforced-only trust boundary vulnerability — endpoints that accept arbitrary userId values with no server-side token verification.

Timings and Data

Total run duration: 15.9s
Total data received: 10.14KB
Average response time: 487ms

Summary Item	Total	Failed
Requests	28	0
Prerequest Scripts	3	0
Test Scripts	28	0
Assertions	62	0
Skipped Tests	0	-

There are no failed tests

There are no skipped tests

Collection 1 — Auth - 4 Requests in the folder

Iteration: 1 - Check existing email

Request Information

Request Method: GET
Request URL: http://localhost:3000/api/auth/check-email?email=vigliano.it@gmail.com

Response Information

Response Code: 200 - OK
Mean time per request: 229ms
Mean size per request: 15B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	30420f33-8548-4015-96d1-069daa0e7177
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:22 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"exists":true}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 2000ms	1	0	0
Existing email returns exists: true	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Check new email

Request Information

Request Method: GET
Request URL: http://localhost:3000/api/auth/check-email?email=api-test-newuser@example.com

Response Information

Response Code: 200 - OK
Mean time per request: 654ms
Mean size per request: 16B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	fbeb0e3d-fab0-4941-8d38-cfa8d5ad9cfc
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:22 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"exists":false}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 2000ms	1	0	0
New email returns exists: false	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Check invalid email format

Request Information

Request Method: GET
Request URL: http://localhost:3000/api/auth/check-email?email=invalid

Response Information

Response Code: 200 - OK
Mean time per request: 215ms
Mean size per request: 16B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	aa26fbad-5034-4710-8e81-9dba1c4aa0bd
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:23 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"exists":false}

Test Information

Name	Passed	Failed	Skipped
Invalid email format — no validation (returns 200 with exists: false)	1	0	0
Response time is under 2000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Check empty email

Request Information

Request Method: GET
Request URL: http://localhost:3000/api/auth/check-email

Response Information

Response Code: 200 - OK
Mean time per request: 9ms
Mean size per request: 16B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	9504a40f-7f33-4fad-8611-81f65c1fcdb3
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:23 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"exists":false}

Test Information

Name	Passed	Failed	Skipped
Missing email parameter — no validation (returns 200 with exists: false)	1	0	0
Response time is under 2000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Collection 2 — Scripts - 7 Requests in the folder

Iteration: 1 - Create script

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/scripts/create

Response Information

Response Code: 200 - OK
Mean time per request: 1570ms
Mean size per request: 35B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	1de8d8a8-ab58-45f2-a673-7f4d2fb894fc
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	42

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3"}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:24 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"scriptId":"9qS3ZRD8srKVl3RBaMUO"}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 3000ms	1	0	0
Response contains scriptId	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Create script — missing userId

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/scripts/create

Response Information

Response Code: 500 - Internal Server Error
Mean time per request: 7ms
Mean size per request: 26B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	764540e8-75ac-435a-8f84-3c865720dbb1
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	2

Request Body

{}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:24 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"error":"Internal Error"}

Test Information

Name	Passed	Failed	Skipped
Missing userId crashes with 500 — no input validation	1	0	0
Response time is under 2000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Create script — no subscription

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/scripts/create

Response Information

Response Code: 403 - Forbidden
Mean time per request: 334ms
Mean size per request: 33B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	04723e90-5f9d-426e-b87c-627302031774
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	42

Request Body

{"userId": "k6cItzP2ihWSv31s6b5SyHyFQeS2"}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:25 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"error":"Subscription required"}

Test Information

Name	Passed	Failed	Skipped
Status code is 403	1	0	0
Response time is under 2000ms	1	0	0
Subscription gate is enforced server-side	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - [SECURITY] Create script — no auth token

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/scripts/create

Response Information

Response Code: 200 - OK
Mean time per request: 1140ms
Mean size per request: 35B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	61882108-0632-42ed-8b01-61217f2a243d
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	42

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3"}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:26 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"scriptId":"fyEgJ5o7PyrwtpPNxdJk"}

Test Information

Name	Passed	Failed	Skipped
[SECURITY] Server should require auth token — currently does not	1	0	0
Response time is under 3000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Cleanup — Authenticate

Request Information

Request Method: POST
Request URL: https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=AIzaSyCHN7a4Wol5E18keBtXT4_Ococm2MWewwg

Response Information

Response Code: 200 - OK
Mean time per request: 539ms
Mean size per request: 1.36KB

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	fd5b3a4d-c763-449f-a61f-4841bda5ae3d
Host	identitytoolkit.googleapis.com
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	83

Request Body

{"email": "vigliano.it@gmail.com", "password": "123456", "returnSecureToken": true}

Response Headers

Header Name	Header Value
Pragma	no-cache
Expires	Mon, 01 Jan 1990 00:00:00 GMT
Date	Sun, 03 May 2026 13:20:26 GMT
Cache-Control	no-cache, no-store, max-age=0, must-revalidate
Content-Type	application/json; charset=UTF-8
Vary	Origin
Vary	X-Origin
Vary	Referer
Content-Encoding	gzip
Server	ESF
X-XSS-Protection	0
X-Frame-Options	SAMEORIGIN
X-Content-Type-Options	nosniff
Alt-Svc	h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding	chunked

Response Body

{
          "kind": "identitytoolkit#VerifyPasswordResponse",
          "localId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3",
          "email": "vigliano.it@gmail.com",
          "displayName": "",
          "idToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjJiMzZhYjQxYTczOTJlMTRlNjM1ZmRlM2M2YWYwOWZlYmFhM2YyZDYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vcHJvc2ViaXJkLTkwNzhkIiwiYXVkIjoicHJvc2ViaXJkLTkwNzhkIiwiYXV0aF90aW1lIjoxNzc3ODE0NDI2LCJ1c2VyX2lkIjoiS05RSFNKZDlUd1k1dU9NQUd1REtBU3dpOVVEMyIsInN1YiI6IktOUUhTSmQ5VHdZNXVPTUFHdURLQVN3aTlVRDMiLCJpYXQiOjE3Nzc4MTQ0MjYsImV4cCI6MTc3NzgxODAyNiwiZW1haWwiOiJ2aWdsaWFuby5pdEBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsidmlnbGlhbm8uaXRAZ21haWwuY29tIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.X4RaS7qYGN-DGkhybCDAC1eQkwMLIen49zEMSh4ynjo1z5ihCl4cXTrTSOZfeXEYzB0-CS9TEJVssxr3jQMcOSCOgELYwrJBPJ3FDvF8KKQ7P3tn74zKDT4jt0sE121omb9kc5Jj6uf6gSp0yoF3GNNY65uCl97F8IpmwxhKQn3ZgQ8fZ_840NCMesgW-2q9GUc-AKuvI2NQ6Vl8h8zgnFlhyL7WPqI3HAtLKV8_13LKJjJn_Y9OfdTRLcLE0gv-6zZLWt4bPxNV4oANXx_ZWIRdzhkjC8L26MsNwpUEVR2wLhI0uPoY-34x5Xfxvyqrh9DvBnVO0FfEATmPLod_sQ",
          "registered": true,
          "refreshToken": "AMf-vBxKRG-2CiG0lZe8uMVbiZhfcDX8985pjK2-LpVquelmwt_HpQwJc0IA6uOuEFc61Wp39ZpDwLWUYuB4hvdcWWfzoWmS9F-7U-4eIq20CQcCILE20H2ApMB4CaObtSwRE2BSEyCTB4o4IMUYX7I8PnB1oSyf9xoHpI1E_3MQy7nYTCxL3gUar4x59vQ0j4d9noOtf26_MFTy3siIf17xqL5Rt15gmA",
          "expiresIn": "3600"
        }

Test Information

Name	Passed	Failed	Skipped
Auth token obtained for cleanup	1	0	0
Total	1	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Cleanup — Delete test script

Request Information

Request Method: DELETE
Request URL: https://firestore.googleapis.com/v1/projects/prosebird-9078d/databases/(default)/documents/scripts/9qS3ZRD8srKVl3RBaMUO

Response Information

Response Code: 200 - OK
Mean time per request: 1046ms
Mean size per request: 3B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Authorization	Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjJiMzZhYjQxYTczOTJlMTRlNjM1ZmRlM2M2YWYwOWZlYmFhM2YyZDYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vcHJvc2ViaXJkLTkwNzhkIiwiYXVkIjoicHJvc2ViaXJkLTkwNzhkIiwiYXV0aF90aW1lIjoxNzc3ODE0NDI2LCJ1c2VyX2lkIjoiS05RSFNKZDlUd1k1dU9NQUd1REtBU3dpOVVEMyIsInN1YiI6IktOUUhTSmQ5VHdZNXVPTUFHdURLQVN3aTlVRDMiLCJpYXQiOjE3Nzc4MTQ0MjYsImV4cCI6MTc3NzgxODAyNiwiZW1haWwiOiJ2aWdsaWFuby5pdEBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsidmlnbGlhbm8uaXRAZ21haWwuY29tIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.X4RaS7qYGN-DGkhybCDAC1eQkwMLIen49zEMSh4ynjo1z5ihCl4cXTrTSOZfeXEYzB0-CS9TEJVssxr3jQMcOSCOgELYwrJBPJ3FDvF8KKQ7P3tn74zKDT4jt0sE121omb9kc5Jj6uf6gSp0yoF3GNNY65uCl97F8IpmwxhKQn3ZgQ8fZ_840NCMesgW-2q9GUc-AKuvI2NQ6Vl8h8zgnFlhyL7WPqI3HAtLKV8_13LKJjJn_Y9OfdTRLcLE0gv-6zZLWt4bPxNV4oANXx_ZWIRdzhkjC8L26MsNwpUEVR2wLhI0uPoY-34x5Xfxvyqrh9DvBnVO0FfEATmPLod_sQ
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	d157042d-6bc8-4a26-ac67-65716ed6c3d8
Host	firestore.googleapis.com
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
X-Debug-Tracking-ID	12109313246242799005;o=1
Content-Type	application/json; charset=UTF-8
Vary	Origin
Vary	X-Origin
Vary	Referer
Content-Encoding	gzip
Date	Sun, 03 May 2026 13:20:27 GMT
Server	ESF
X-XSS-Protection	0
X-Frame-Options	SAMEORIGIN
X-Content-Type-Options	nosniff
Alt-Svc	h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding	chunked

Response Body

{}

Test Information

Name	Passed	Failed	Skipped
Test script deleted or not found	1	0	0
Total	1	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Cleanup — Delete [SECURITY] test script

Request Information

Request Method: DELETE
Request URL: https://firestore.googleapis.com/v1/projects/prosebird-9078d/databases/(default)/documents/scripts/fyEgJ5o7PyrwtpPNxdJk

Response Information

Response Code: 200 - OK
Mean time per request: 266ms
Mean size per request: 3B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Authorization	Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjJiMzZhYjQxYTczOTJlMTRlNjM1ZmRlM2M2YWYwOWZlYmFhM2YyZDYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vcHJvc2ViaXJkLTkwNzhkIiwiYXVkIjoicHJvc2ViaXJkLTkwNzhkIiwiYXV0aF90aW1lIjoxNzc3ODE0NDI2LCJ1c2VyX2lkIjoiS05RSFNKZDlUd1k1dU9NQUd1REtBU3dpOVVEMyIsInN1YiI6IktOUUhTSmQ5VHdZNXVPTUFHdURLQVN3aTlVRDMiLCJpYXQiOjE3Nzc4MTQ0MjYsImV4cCI6MTc3NzgxODAyNiwiZW1haWwiOiJ2aWdsaWFuby5pdEBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsidmlnbGlhbm8uaXRAZ21haWwuY29tIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.X4RaS7qYGN-DGkhybCDAC1eQkwMLIen49zEMSh4ynjo1z5ihCl4cXTrTSOZfeXEYzB0-CS9TEJVssxr3jQMcOSCOgELYwrJBPJ3FDvF8KKQ7P3tn74zKDT4jt0sE121omb9kc5Jj6uf6gSp0yoF3GNNY65uCl97F8IpmwxhKQn3ZgQ8fZ_840NCMesgW-2q9GUc-AKuvI2NQ6Vl8h8zgnFlhyL7WPqI3HAtLKV8_13LKJjJn_Y9OfdTRLcLE0gv-6zZLWt4bPxNV4oANXx_ZWIRdzhkjC8L26MsNwpUEVR2wLhI0uPoY-34x5Xfxvyqrh9DvBnVO0FfEATmPLod_sQ
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	81bb6e42-eedc-40db-8b42-fdb03b4212b1
Host	firestore.googleapis.com
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
X-Debug-Tracking-ID	1583718051238863241;o=1
Content-Type	application/json; charset=UTF-8
Vary	Origin
Vary	X-Origin
Vary	Referer
Content-Encoding	gzip
Date	Sun, 03 May 2026 13:20:27 GMT
Server	ESF
X-XSS-Protection	0
X-Frame-Options	SAMEORIGIN
X-Content-Type-Options	nosniff
Alt-Svc	h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding	chunked

Response Body

{}

Test Information

Name	Passed	Failed	Skipped
[SECURITY] test script deleted or not found	1	0	0
Total	1	0	0

Test Failure

Test Name	Assertion Error

Collection 3 — Recording - 6 Requests in the folder

Iteration: 1 - Init session

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/session/init

Response Information

Response Code: 200 - OK
Mean time per request: 1042ms
Mean size per request: 2.37KB

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	dfc05b30-536a-45ca-bdf3-f3d5ae79426d
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	42

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3"}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:29 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"allowed":true,"token":"AQICAHhSP--gzqwd67dd_jPEAiXH4o-iox25DgpL8nRLgcJP4QEW9KgriDYwqOHrRVBu-6hQAAAGgDCCBnwGCSqGSIb3DQEHBqCCBm0wggZpAgEAMIIGYgYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAxKhiVzFeIwGsdOQcQCARCAggYzdZXwZDIWs2gfFM_9nLkI48kfCXoiVXwWrmgUan3L1Us1-fQuF1l6JgNpkPqBvQiAgT-qvo8GoH5AmlNMZfqRanqdd1cZSiUahxVU7IQvkfjQtBFJRZCxvoLCNN2KmpmVI2mswq6BBFpxif4s1UD-N1K14XGiRCFdqSZYP15FuP79RX0_o7C6Dc55-ULnxKXWDdQvcEfIE80KfZ5G_2JH3b58kNEdtDDywmxjWJr2U3CGMXjtgWRX_ffH3FXfqdj6zULdUFeap4BnMAjeUFkVpdYNlbrKC0FWmi0FbWIW0zZ5xgUVKJVlvQpPn5I0f86OwIvzlMYzqeJT8DSt5iUdPax2tumPYrbUFFeCV6s3jde-FDOmSK2Oe9P6Jtye5W_C2hWqX-Zy06fhnZsK2Yebg1vew4WzYjKJUsTN1q2nwoEE6A0Dapz1lDNxbCu68oHXbE7pUg8b9VauWZVmMMiWG-Hh3fVfmZ9AI1Tu_KI3eAG44KDt2Q7bFZdIpB6RskZmZytnih92GswffNAliIiJ3Xeymq3JfMszeb-SVDm1Xcx3GcBtODUzbwrIsiekiZX-Yy8HIkZhFf7X5OcCoG3BaVkufS8o8NCE2Z5AR3owm99n103rxOWzX511qPH9lTYxzRVaRhFQyLQvEVf3_nam-noLocYjuJFaK7eGtsgpsDBhE0aoMzqYfbXCuoQr4JZlwuUggbBakGnf7VXgRF-_pCr3ARhiS7JPPAXnQVAjjWbndH3MSmu_NB-DqlgWGcd7vQIU2b8ye80UvJQQW0MgPSYMUowjoxcHtUL33ZfDdj4jGvkGcazrWW3BKxIq3Sq7HPV04zY3phVF2R8v6rWW2V7aIeqxVOprSTHiUc012XgpRY3NarFYBZpVB0Eix8Ybnx6yIhBt_yTw1qdvp2DEpDPHLof7PD5kb60Ms6NxukmKtJnbqRW6SB_M-2IL-k318dgbu0EmyiZfdjYOwYFPyTUzvDAoZCdDlYofNCkhnPTXX_athN3DkKeq3_pXYm5JLuwKxfQcLoYzhOW3NG1s8ZSUmCyGn3T9KsrncFQXHsyikrBQfrHrQ3l1G45tIn04kxj9w2IrREGpSmo7mPC1k2XRDUF5sPz6Y_N5-ixoXPYKyzJQwnwOXjmkQfloJIVv7w8_w4WInJJSWUWYFcek4FYh4oUz4LVwcu7SzdifXQptustxRN8n2oKy-DGTstRQWpBNHS4q4HIprUjYhq8tY1ze28gG8ACn0EimdWJ7SzW-KZw0fkhoZ8-UtgQFCPYj6KziI22fX7rtRNBJCAYwDBlIBDmItjgZoXCOfdWg4ZQOMRkrVtKrnfwLyo3BMHnc0cUMPEBFOH778wvckVpIl_q3hMpFYARbFo3UNKPKJroAklFNJ5EppdS8Db_n5_FQf3DhoUevgcUX53VZhic7wWs6W6t3B71viez4sXbr9Yq7mg6fSGvqi8BeFK8K_oqwZwKEMW2tS7izf7HEq7lwtA_9dRIjHqXDmxpcb0T0edQ_yYbru0rNwMvQ-EyCeYRsVOGyfB21-8c7VjNdZD7QHzP7U9Rtiv8KhZ-7oN3y3q7GiqEyRew8uPpAe1Uk7mXU4riY4IpY2cs8yeYgLxM4VgmVqjHeqbAjP8RHSB2kzOTlqrsG2Z-W700NfLcW5pSwYYOvQGPPgXApGgZhxwpAeop8fYE2Z5Zkc1zXTTUJdXYbv7kUOI5kR--qSLoYSvHYR0KKwIZzVEsxEQ7sODNPnIJRtErOMjwzO-BUa2X5MSgvPd_qcxN9q0CWBEQy3cuCtYHvySe2OQIAgNkZHxWPM15aTst1nnGdNRCi_3pMWpYEfbAS15Ygieppae1lf88iVLHaF3YQAYz6DhxB-OSQeqQUvs89BsCM2A9sgsnFTfkGfoRb5TentB26hWj9U3juQwZyrynxjSFcKdsGjK0BLvWhrtiOCYXHfeKtU13G2lpykKOmcSlsZinefLtrs7ZAop9BE_IYNsJZegNx2JOca4-QKB6AwlLNtIFShONGiXWpjQWdXFAvmx00iwsmoEBtlJXhNFqKFHbuR7KZsJSoBXtjSdv8yPXyTQr5MH_YeYkGEB-vCM70zgozSsIlXipe6NjM","usage":{"lastResetDate":{"_seconds":1777813839,"_nanoseconds":463000000},"transcriptionSeconds":3}}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 5000ms	1	0	0
Response contains allowed: true and AssemblyAI token	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Init session — missing userId

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/session/init

Response Information

Response Code: 401 - Unauthorized
Mean time per request: 9ms
Mean size per request: 24B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	eafa676b-0e32-43e2-bb0c-99b69209ac44
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	2

Request Body

{}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:29 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"error":"Unauthorized"}

Test Information

Name	Passed	Failed	Skipped
Missing userId returns 401	1	0	0
Response time is under 2000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Save recording

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/recording/save

Response Information

Response Code: 200 - OK
Mean time per request: 418ms
Mean size per request: 89B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	4b6406ee-c4ed-4ca6-b62f-2816a21f960b
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	152

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3", "scriptId": "test-script-api-col3", "takeData": {"sceneId": "test-scene-api", "sceneName": "API Test Scene"}}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:30 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"success":true,"takeId":"erPgYWVImcKHVwQccpic","takeNumber":1,"name":"API Test Scene 1"}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 2000ms	1	0	0
Response confirms take created with takeId	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - [SECURITY] Init session — no auth token

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/session/init

Response Information

Response Code: 200 - OK
Mean time per request: 828ms
Mean size per request: 2.37KB

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	8971d9a0-2016-4365-88f2-02b197260de7
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	42

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3"}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:31 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"allowed":true,"token":"AQICAHhSP--gzqwd67dd_jPEAiXH4o-iox25DgpL8nRLgcJP4QHK0cNkvq2nGQwsxA3G2cPVAAAGgjCCBn4GCSqGSIb3DQEHBqCCBm8wggZrAgEAMIIGZAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAxoa7PkZBGz4qQVR0wCARCAggY1r1JIMxXlnWQVfM7YuC8inryvTqK0YMFR4me6o_OTfq-IdH4wxGlDKy--RN7_JBZqsSqH0OwZXobWrR9yjHlpuQmeBZQ-Bpktit_x5Qj4Ql3vv5e9A4Oj4P1DGq0uBxwgPkeX5PBuM_Mq-IZ5Iyo5hiI72QhENFc8LHX77jywqSJV5HibXuAeYnAjlyOKEzEaxVIIyAGiZYJwfqVijYw9qAgwROk5bhZpTak8ZFFocCxpu3Tvj9LSH2f1BH57KQFt6hgM_YQ7bPPxaLiG7wJKApJEbnuZHUrxIHv5zWhbQuiimejsxjFC2ygnWjEQOu9StYYW6-OBmzLe7gONvdXst2iDdtZ7Rvy6GIstYdSFYc9BVIQNWmqeTYxYPiwBANId9J2qU_WxLQ2oHAifNkINowx4lbRl7vmBdO6fPobDMjUWE-kEY3jLT-QfCZhhRnd0fDi0LDGCtQv33Y3nvxQ-IAL9YqsrEKDoHr4JavL5mLankSawlH9rStlRNFxxqM3-NKiG8qK0m5Mptdr4ic08b5mQl_9flW5tB-wG8i7MFXo5OiLguiDuPeRBL0Nf076ocsoLhdYHhtslfmFcwRsWtxafZQ52dgEBD2OyhsLiOn_13WD4nBjaeNaIaKyW7voFmyVbezkZl76ms5lhQSlTHpLRSOCAiBzCgGLRxkKYtK767z-PIdIhYi1ojir6mZwDQAxBPiiP67q0TEmQTRkTGk2vGhxNxyzA1jsR5AD1Wjb_Ys5qad30IC0lZltcv3oxLONMcVGgVRZpiudHD5psXXHsJF2CS_ZSANtetBpAegaV0oXRLHNfG7PqufEcXivxqdYZu6wOC_ApbzVVS6Ko1vcBDOpicPP-Lyw3sWSf2BUbso2cNnFQjpqDDe1Rwr5b0qS1J1W8C7BvRdfZ4GNPMZzslKvXHSbTHoAsF6xqFKkSnLY1h-LKMVO6ML-L3BjziOUiXE3o8fLVXJDckVH5VeJQQpUJlxYna_O6uDQqkI4gjNJPviJbWFoBMs_Oa-GbptTQ0xk1YkhsGve4neRnI_g8x3N-ivlckWlIcXDcjkmNolaMsa7SpioBX6pum-_Yp382h7P5YnbgZgSMdpQowl3nysJ6M9WRdxHsMNglZ3Cv7J9sGYoC7_5mA50XTtmbVlP4ShxE0J_y7gkqkc0nydz_cQgNLAW4xyQyB-NMb5dGi6CY8jMlTUpl_o05Pt05MJhUIhw2qJnjIC-0XdrO3Rg_5s-HR4S64h2MgEj-AIfCGM-i56UnunnIn_FWCXLNpmxCRmMiWAAWumw_VaRdHaABxz0AhpYBOXHP6L6pgTnA5LmTg_B9tUFeB7vdA2kQv4elxpRWeMJRIuHf4FeTzsMyWBGXH43C6-SoPBYVdfxk6nDXzMhtI8nElwLH8ZR5lVTeaksTylk69NpKzXAy03Wvz5ziWi1eYQKfy0m8hR0woqVjcJ-jfq8whVwCBRDZPDY_kkjoeDpQ4wm6aHy0E-cA-_kec-f_e_50XTQuq3x60pCq7kUGocj1jSSztii4zrc_ZAdRDt0oG2DTve8RKAILnFSkbOC77w9BiNd-B9b0lbIZRrbtEkvWlOMwolLFNSsr3EyNkj9HWOSRr-Xg7sO2q8hTIu4qbt4x1ewGSbRw3GHbHW3so-Y4F5MQFyU05b09bHEYasHkyE8K2RRbRrrzIWxOvMr18WTS0cWn9QU2KbovSrEGsQJ7_eJVjfhVG8T70Dh9c452xKl9SIsqnJEZn7CzJCSglNnerRHyH262F4QsC2_G0vDK3f2opKkVmKxAjKM_6p60x07LmjWiUxpmVWJw0KiymIFWh7BUVIh5HJ6CHZsMXDEOVzqKPv1Veh1gJD-Yqq_PVuoDyAfdZh_K_wOwluzb1JgxR3x4lSY7N6SwlIti-gPY8zbnDf-pGcq3t3my_SBWXhP0vX42tIzg27HL_-3-tY_CYBMaTEusGMKx6qMFeHIwLOaJ9CaQL3CmSCEJw5MrrmQoeAP_CVuoTO-FOPUu6or7bSq6pJ0OWfPGqYy1JNQad1iaOGketDS6b8KxgvauxAr1n7QiF_lPBDNKqFLw38l8YS05LFPVcidH_qViZ5PRLtzI_HvTu78cZM4","usage":{"lastResetDate":{"_seconds":1777813839,"_nanoseconds":463000000},"transcriptionSeconds":3}}

Test Information

Name	Passed	Failed	Skipped
[SECURITY] Server should require auth token — currently does not	1	0	0
Response time is under 5000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Cleanup — Authenticate

Request Information

Request Method: POST
Request URL: https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=AIzaSyCHN7a4Wol5E18keBtXT4_Ococm2MWewwg

Response Information

Response Code: 200 - OK
Mean time per request: 318ms
Mean size per request: 1.36KB

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	2f42d6bb-8f59-4e48-b4b3-99aa8fd55f8e
Host	identitytoolkit.googleapis.com
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	83

Request Body

{"email": "vigliano.it@gmail.com", "password": "123456", "returnSecureToken": true}

Response Headers

Header Name	Header Value
Pragma	no-cache
Date	Sun, 03 May 2026 13:20:30 GMT
Expires	Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control	no-cache, no-store, max-age=0, must-revalidate
Content-Type	application/json; charset=UTF-8
Vary	Origin
Vary	X-Origin
Vary	Referer
Content-Encoding	gzip
Server	ESF
X-XSS-Protection	0
X-Frame-Options	SAMEORIGIN
X-Content-Type-Options	nosniff
Alt-Svc	h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding	chunked

Response Body

{
          "kind": "identitytoolkit#VerifyPasswordResponse",
          "localId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3",
          "email": "vigliano.it@gmail.com",
          "displayName": "",
          "idToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjJiMzZhYjQxYTczOTJlMTRlNjM1ZmRlM2M2YWYwOWZlYmFhM2YyZDYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vcHJvc2ViaXJkLTkwNzhkIiwiYXVkIjoicHJvc2ViaXJkLTkwNzhkIiwiYXV0aF90aW1lIjoxNzc3ODE0NDMwLCJ1c2VyX2lkIjoiS05RSFNKZDlUd1k1dU9NQUd1REtBU3dpOVVEMyIsInN1YiI6IktOUUhTSmQ5VHdZNXVPTUFHdURLQVN3aTlVRDMiLCJpYXQiOjE3Nzc4MTQ0MzAsImV4cCI6MTc3NzgxODAzMCwiZW1haWwiOiJ2aWdsaWFuby5pdEBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsidmlnbGlhbm8uaXRAZ21haWwuY29tIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.iG_h_PVnZVFNbJqSh1UF8iAE8Uhk6th6XUOkelzCA7ToWfWBYdVieosyHMerF3ttPNgVYH1tkV-KXwDEQP_koj718xRJsrm2rqWAEEqIQxTrFeECs3lQ6H0XAb2RurMeVeJoPi9wsm02gttS8RDM7ype5JffzKFCplS07p3WJmd5QyQRuPm_xujZtgBpb2atN287nStqx-HYo4YnqKvm8k_6YxCuSbMCiUXUR9YTGRr9Yt56mejqESJEDOj3ara8ZKtWi5vGDdyfS4rVo2O37JZf2Fi9KhryZkUFfU7qBrlTlf5pTRNgPv7FcSbhnQmiQb-LEEbgLbslm49abRHtPg",
          "registered": true,
          "refreshToken": "AMf-vBwf_ewW89P_-Fj6q1Nw7n5JKY5u2GszYwSjc9VA_kaCiZ5P_oNrJF7Z4vPKLI036OpkIEIQ-9O3MivQE9GfYi-c-6YaIPv3togKHs6Bkf7mcFAHZ6iluM27AWojOb_0hrihtg0aUOOVBL7-coP5UHbdXKcb2JIPtxGS1pr1rTwJg82kRzHSeDLn97FKxK0r34Vy9NWF-Ikxi30PimdqgoZNVlYMbg",
          "expiresIn": "3600"
        }

Test Information

Name	Passed	Failed	Skipped
Auth token obtained for cleanup	1	0	0
Total	1	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Cleanup — Delete recording take

Request Information

Request Method: DELETE
Request URL: https://firestore.googleapis.com/v1/projects/prosebird-9078d/databases/(default)/documents/takes/erPgYWVImcKHVwQccpic

Response Information

Response Code: 200 - OK
Mean time per request: 321ms
Mean size per request: 3B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Authorization	Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjJiMzZhYjQxYTczOTJlMTRlNjM1ZmRlM2M2YWYwOWZlYmFhM2YyZDYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vcHJvc2ViaXJkLTkwNzhkIiwiYXVkIjoicHJvc2ViaXJkLTkwNzhkIiwiYXV0aF90aW1lIjoxNzc3ODE0NDMwLCJ1c2VyX2lkIjoiS05RSFNKZDlUd1k1dU9NQUd1REtBU3dpOVVEMyIsInN1YiI6IktOUUhTSmQ5VHdZNXVPTUFHdURLQVN3aTlVRDMiLCJpYXQiOjE3Nzc4MTQ0MzAsImV4cCI6MTc3NzgxODAzMCwiZW1haWwiOiJ2aWdsaWFuby5pdEBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsidmlnbGlhbm8uaXRAZ21haWwuY29tIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.iG_h_PVnZVFNbJqSh1UF8iAE8Uhk6th6XUOkelzCA7ToWfWBYdVieosyHMerF3ttPNgVYH1tkV-KXwDEQP_koj718xRJsrm2rqWAEEqIQxTrFeECs3lQ6H0XAb2RurMeVeJoPi9wsm02gttS8RDM7ype5JffzKFCplS07p3WJmd5QyQRuPm_xujZtgBpb2atN287nStqx-HYo4YnqKvm8k_6YxCuSbMCiUXUR9YTGRr9Yt56mejqESJEDOj3ara8ZKtWi5vGDdyfS4rVo2O37JZf2Fi9KhryZkUFfU7qBrlTlf5pTRNgPv7FcSbhnQmiQb-LEEbgLbslm49abRHtPg
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	d34815d1-e0d3-4ac0-836a-fc7032704413
Host	firestore.googleapis.com
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
X-Debug-Tracking-ID	14023378640903012709;o=1
Content-Type	application/json; charset=UTF-8
Vary	Origin
Vary	X-Origin
Vary	Referer
Content-Encoding	gzip
Date	Sun, 03 May 2026 13:20:31 GMT
Server	ESF
X-XSS-Protection	0
X-Frame-Options	SAMEORIGIN
X-Content-Type-Options	nosniff
Alt-Svc	h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding	chunked

Response Body

{}

Test Information

Name	Passed	Failed	Skipped
Recording take deleted or not found	1	0	0
Total	1	0	0

Test Failure

Test Name	Assertion Error

Collection 4 — Billing - 5 Requests in the folder

Iteration: 1 - Get subscription status

Request Information

Request Method: GET
Request URL: http://localhost:3000/api/stripe/subscription-status?userId=KNQHSJd9TwY5uOMAGuDKASwi9UD3

Response Information

Response Code: 200 - OK
Mean time per request: 1650ms
Mean size per request: 521B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	9540db36-d6cc-4343-85c1-a43a269a94c4
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:33 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"subscription":{"id":"sub_1TSSMuLaZuc1ibxsQ0L2zN6t","status":"trialing","currentPeriodStart":1777685359,"currentPeriodEnd":1777944559,"cancelAtPeriodEnd":false,"items":[{"priceId":"price_1SflScLaZuc1ibxs7EhBD6ih","productId":"prod_Td1VI5tHWc2frI","interval":"month","amount":1900,"currency":"usd"}]},"isActive":true,"plan":"pro","stripeCustomerId":"cus_URL2LlqAQUVgJO","usage":{"scriptCount":5,"storageUsed":0,"transcriptionSeconds":3},"limits":{"maxScripts":50,"maxStorage":10737418240,"maxTranscriptionSeconds":36000}}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 5000ms	1	0	0
Response contains isActive, usage, and limits	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Check limits — script type

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/stripe/check-limits

Response Information

Response Code: 200 - OK
Mean time per request: 539ms
Mean size per request: 39B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	8da179c9-8b46-4fcd-b0a4-7cbbd8a1c963
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	60

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3", "type": "script"}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:34 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"allowed":true,"current":5,"limit":50}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 3000ms	1	0	0
Script creation allowed — returns current usage and limit	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Check limits — take type

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/stripe/check-limits

Response Information

Response Code: 200 - OK
Mean time per request: 204ms
Mean size per request: 48B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	65e0899b-7d87-4575-b2d1-08d45cffe7eb
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	76

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3", "type": "take", "fileSize": 1024}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:34 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"allowed":true,"current":0,"limit":10737418240}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 3000ms	1	0	0
Take upload allowed — returns current usage and limit	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Check limits — missing type

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/stripe/check-limits

Response Information

Response Code: 400 - Bad Request
Mean time per request: 8ms
Mean size per request: 35B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	eb26cb6b-1ac5-460b-90d7-f426a6475ecf
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	42

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3"}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:34 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"error":"Missing required fields"}

Test Information

Name	Passed	Failed	Skipped
Missing type returns 400 with validation error	1	0	0
Response time is under 2000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - [SECURITY] Get subscription — another user's UID

Request Information

Request Method: GET
Request URL: http://localhost:3000/api/stripe/subscription-status?userId=k6cItzP2ihWSv31s6b5SyHyFQeS2

Response Information

Response Code: 200 - OK
Mean time per request: 905ms
Mean size per request: 203B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	44c6b8f7-d2c2-436f-80af-c6a772eda8e5
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:35 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"subscription":null,"isActive":false,"plan":"none","usage":{"scriptCount":0,"storageUsed":0,"transcriptionSeconds":0},"limits":{"maxScripts":50,"maxStorage":10737418240,"maxTranscriptionSeconds":36000}}

Test Information

Name	Passed	Failed	Skipped
[SECURITY] Server should require auth token — currently does not	1	0	0
Response time is under 5000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Collection 5 — Usage - 4 Requests in the folder

Iteration: 1 - Authenticate

Request Information

Request Method: POST
Request URL: https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=AIzaSyCHN7a4Wol5E18keBtXT4_Ococm2MWewwg

Response Information

Response Code: 200 - OK
Mean time per request: 307ms
Mean size per request: 1.36KB

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	de57f604-4ed9-472d-9704-ca32d752a2c3
Host	identitytoolkit.googleapis.com
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	83

Request Body

{"email": "vigliano.it@gmail.com", "password": "123456", "returnSecureToken": true}

Response Headers

Header Name	Header Value
Date	Sun, 03 May 2026 13:20:35 GMT
Expires	Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control	no-cache, no-store, max-age=0, must-revalidate
Pragma	no-cache
Content-Type	application/json; charset=UTF-8
Vary	Origin
Vary	X-Origin
Vary	Referer
Content-Encoding	gzip
Server	ESF
X-XSS-Protection	0
X-Frame-Options	SAMEORIGIN
X-Content-Type-Options	nosniff
Alt-Svc	h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Transfer-Encoding	chunked

Response Body

{
          "kind": "identitytoolkit#VerifyPasswordResponse",
          "localId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3",
          "email": "vigliano.it@gmail.com",
          "displayName": "",
          "idToken": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjJiMzZhYjQxYTczOTJlMTRlNjM1ZmRlM2M2YWYwOWZlYmFhM2YyZDYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vcHJvc2ViaXJkLTkwNzhkIiwiYXVkIjoicHJvc2ViaXJkLTkwNzhkIiwiYXV0aF90aW1lIjoxNzc3ODE0NDM1LCJ1c2VyX2lkIjoiS05RSFNKZDlUd1k1dU9NQUd1REtBU3dpOVVEMyIsInN1YiI6IktOUUhTSmQ5VHdZNXVPTUFHdURLQVN3aTlVRDMiLCJpYXQiOjE3Nzc4MTQ0MzUsImV4cCI6MTc3NzgxODAzNSwiZW1haWwiOiJ2aWdsaWFuby5pdEBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsidmlnbGlhbm8uaXRAZ21haWwuY29tIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.AQTDOyK5Qf1CbIj3UIodARX10goivxtDs0Hf94xjaUfa-yh87ZisWPMNBemVs4nY0fX8FPKBUUCAURCgyofxTljtyVneajkeDLHQfK8nfMU74zFqyhHj2oNzUVmSLQ8zlI13oLfvD36zAklhrxmKVFrX5cwH-Ht88dfFY-LCBqNh71WNETVuFyOd4bYxawe2-0FWpzOxsUTOynsGjQsIKZcZGLPfIVn3P7DyxyouBvw2RMjQGAPak9xA6wDPtaxMCu7jw7x2z4yc8G8okvR3gAO75UGkKae01_n_UpCvOwBSJJ6tqqKIE4ZP0Sif5wE1zbuX98wVsvz-1HPcxylOdw",
          "registered": true,
          "refreshToken": "AMf-vBwiObYLIXPfsEbNhTawf7V_00QPgxBB0WTgvY-22qulIWHGKb3t52yy8qgqg-0_lFoLgcpesxY0QrvfnhNGgTI-6AGbTTcxQJ6fQqQr3KEWPXrpeRWs8LiUJwipKkIIjnlVJPRe8MbB8tCzoTLNMizgXtjCi4wQBBdTzLn90_APqI_f9T4MpwQdonSTHMqIOcwpV-36i-7kNFw-lsOXjqKQHvW8eA",
          "expiresIn": "3600"
        }

Test Information

Name	Passed	Failed	Skipped
Auth token obtained	1	0	0
Total	1	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Get usage (authenticated)

Request Information

Request Method: GET
Request URL: http://localhost:3000/api/usage

Response Information

Response Code: 200 - OK
Mean time per request: 634ms
Mean size per request: 94B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Authorization	Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6IjJiMzZhYjQxYTczOTJlMTRlNjM1ZmRlM2M2YWYwOWZlYmFhM2YyZDYiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL3NlY3VyZXRva2VuLmdvb2dsZS5jb20vcHJvc2ViaXJkLTkwNzhkIiwiYXVkIjoicHJvc2ViaXJkLTkwNzhkIiwiYXV0aF90aW1lIjoxNzc3ODE0NDM1LCJ1c2VyX2lkIjoiS05RSFNKZDlUd1k1dU9NQUd1REtBU3dpOVVEMyIsInN1YiI6IktOUUhTSmQ5VHdZNXVPTUFHdURLQVN3aTlVRDMiLCJpYXQiOjE3Nzc4MTQ0MzUsImV4cCI6MTc3NzgxODAzNSwiZW1haWwiOiJ2aWdsaWFuby5pdEBnbWFpbC5jb20iLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImZpcmViYXNlIjp7ImlkZW50aXRpZXMiOnsiZW1haWwiOlsidmlnbGlhbm8uaXRAZ21haWwuY29tIl19LCJzaWduX2luX3Byb3ZpZGVyIjoicGFzc3dvcmQifX0.AQTDOyK5Qf1CbIj3UIodARX10goivxtDs0Hf94xjaUfa-yh87ZisWPMNBemVs4nY0fX8FPKBUUCAURCgyofxTljtyVneajkeDLHQfK8nfMU74zFqyhHj2oNzUVmSLQ8zlI13oLfvD36zAklhrxmKVFrX5cwH-Ht88dfFY-LCBqNh71WNETVuFyOd4bYxawe2-0FWpzOxsUTOynsGjQsIKZcZGLPfIVn3P7DyxyouBvw2RMjQGAPak9xA6wDPtaxMCu7jw7x2z4yc8G8okvR3gAO75UGkKae01_n_UpCvOwBSJJ6tqqKIE4ZP0Sif5wE1zbuX98wVsvz-1HPcxylOdw
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	602361ed-f3f0-4b68-a4f7-93dcbee3d90d
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:36 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"storageBytes":0,"scriptCount":5,"takeCount":0,"transcriptionSeconds":0,"lastResetDate":null}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 2000ms	1	0	0
Response contains usage fields	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Report usage

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/usage/report

Response Information

Response Code: 200 - OK
Mean time per request: 237ms
Mean size per request: 16B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	e425134b-061d-4b28-964c-ee1b4e6d75fc
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	56

Request Body

{"userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3", "seconds": 1}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:37 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"success":true}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 2000ms	1	0	0
Usage reported successfully	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Get usage — no auth token

Request Information

Request Method: GET
Request URL: http://localhost:3000/api/usage

Response Information

Response Code: 401 - Unauthorized
Mean time per request: 6ms
Mean size per request: 24B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	c525d9ab-8f0e-4643-80b2-c554f24688fc
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:37 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"error":"Unauthorized"}

Test Information

Name	Passed	Failed	Skipped
No auth token returns 401	1	0	0
Response time is under 2000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Collection 6 — Onboarding - 2 Requests in the folder

Iteration: 1 - Check exemption — non-exempt email

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/onboarding/check-exemption

Response Information

Response Code: 200 - OK
Mean time per request: 214ms
Mean size per request: 16B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	92aa0c43-7748-4cc9-b425-be29a60dc574
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	86

Request Body

{"email": "non-exempt-api-test@example.com", "userId": "KNQHSJd9TwY5uOMAGuDKASwi9UD3"}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:37 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"exempt":false}

Test Information

Name	Passed	Failed	Skipped
Status code is 200	1	0	0
Response time is under 2000ms	1	0	0
Non-exempt email returns exempt: false	1	0	0
Total	3	0	0

Test Failure

Test Name	Assertion Error

Iteration: 1 - Check exemption — missing body

Request Information

Request Method: POST
Request URL: http://localhost:3000/api/onboarding/check-exemption

Response Information

Response Code: 400 - Bad Request
Mean time per request: 6ms
Mean size per request: 35B

Test Pass Percentage

100 %

Request Headers

Header Name	Header Value
Content-Type	application/json
User-Agent	PostmanRuntime/7.39.1
Accept	/
Cache-Control	no-cache
Postman-Token	4884ae47-b405-4dd0-8bd4-b747965f9229
Host	localhost:3000
Accept-Encoding	gzip, deflate, br
Connection	keep-alive
Content-Length	2

Request Body

{}

Response Headers

Header Name	Header Value
vary	rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch
content-type	application/json
Date	Sun, 03 May 2026 13:20:37 GMT
Connection	keep-alive
Keep-Alive	timeout=5
Transfer-Encoding	chunked

Response Body

{"error":"Missing email or userId"}

Test Information

Name	Passed	Failed	Skipped
Missing body returns 400	1	0	0
Response time is under 2000ms	1	0	0
Total	2	0	0

Test Failure

Test Name	Assertion Error

Newman Run Dashboard

Sunday, 03 May 2026 10:20:37

Total Iterations

1

Total Assertions

62

Total Failed Tests

0

Total Skipped Tests

0

File Information

Collection Description

Timings and Data

There are no failed tests

There are no skipped tests

1 Iteration available to view

Request Information

Response Information

Test Pass Percentage

100 %

Request Headers

Response Headers

Response Body

Test Information

Test Failure

Request Information

Response Information

Test Pass Percentage

100 %

Request Headers

Response Headers

Response Body

Test Information

Test Failure

Request Information

Response Information

Test Pass Percentage

100 %

Request Headers

Response Headers

Response Body

Test Information

Test Failure

Request Information

Response Information

Test Pass Percentage

100 %

Request Headers

Response Headers

Response Body

Test Information

Test Failure

Request Information

Response Information

Test Pass Percentage

100 %

Request Headers

Request Body

Response Headers

Response Body

Test Information

Test Failure

Request Information

Response Information

Test Pass Percentage

100 %

Request Headers

Request Body

Response Headers

Response Body

Test Information

Test Failure

Request Information

Response Information

Test Pass Percentage

100 %

Request Headers

Request Body

Response Headers

Response Body