Testing
Now we test the full flow using real HTTP requests. You can use Postman, curl, or PowerShell.
Set your Invoke URL as a variable:
BASE_URL = https://xxxxxxxxxx.execute-api.us-east-1.amazonaws.com/dev
Test 1: Login with correct credentials
PowerShell:
Invoke-RestMethod -Method POST `
-Uri "$BASE_URL/login" `
-ContentType "application/json" `
-Body (@{ email="test@example.com"; password="Test@12345" } | ConvertTo-Json)
curl:
curl -X POST "$BASE_URL/login" \
-H "Content-Type: application/json" \
-d '{"email":"test@example.com","password":"Test@12345"}'
Expected response:
{
"accessToken": "...",
"idToken": "eyJraWQ...",
"refreshToken": "..."
}
Copy the idToken — you will use it in the next tests.
Test 2: Get songs with valid token
PowerShell:
Invoke-RestMethod -Method GET `
-Uri "$BASE_URL/songs" `
-Headers @{ Authorization = "<paste idToken here>" }
curl:
curl -X GET "$BASE_URL/songs" \
-H "Authorization: <paste idToken here>"
Expected response:
{
"songs": [
{ "songId": "1", "title": "Lạc Trôi", "artist": "Sơn Tùng M-TP", "genre": "vpop" }
],
"count": 1
}
Test 3: Get songs without token
PowerShell:
Invoke-RestMethod -Method GET -Uri "$BASE_URL/songs"
Expected: 401 Unauthorized
The request is rejected by API Gateway before it even reaches Lambda.
Test 4: Login with wrong password
PowerShell:
Invoke-RestMethod -Method POST `
-Uri "$BASE_URL/login" `
-ContentType "application/json" `
-Body (@{ email="test@example.com"; password="wrongpassword" } | ConvertTo-Json)
Expected: 401 with message "Incorrect email or password"
Check CloudWatch logs
If something is not working as expected, check the Lambda logs:
- Go to CloudWatch Console → Log groups
- Find
/aws/lambda/loginFunctionor/aws/lambda/getSongsFunction - Open the latest log stream to see the error details