>/Ctf_tasks/API_lvl_3 $

cd ..

Estimated reading time: 35 seconds

Category: Web

Difficulty: Easy

Seems like my login form was too easy, so I added some serious validation. I heard that JWT is the way professionals do it.

Requirements:
* Tool: curl or Postman

curl -X GET "https://barry-dev.xyz/api/v3/flag" -H "Authorization: Bearer ew0KICAiYWxnIjogIkhTMjU2IiwNCiAgInR5cCI6ICJKV1QiDQp9.ew0KICAicm9sZSI6ICJ1c2VyIg0KfQ." -H "API_KEY: your-api-key"

Note: You can find and copy your API key from your profile.