{
  "info": {
    "name": "BGMI Tournament API",
    "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
    "description": "Postman collection to test key endpoints for BGMI Tournament app. Set baseUrl variable as your app base (e.g., http://localhost/bgmi/public)."
  },
  "item": [
    {
      "name": "Home (sanity)",
      "request": {"method": "GET", "url": "{{baseUrl}}/"}
    },
    {
      "name": "Login Page (fetch CSRF)",
      "event": [
        {
          "listen": "test",
          "script": {
            "type": "text/javascript",
            "exec": [
              "// Extract hidden _token from HTML and store as collection variable",
              "const body = pm.response.text();",
              "const m = body.match(/name=\"_token\"\s+value=\"([^\"]+)\"/);",
              "if (m) { pm.collectionVariables.set('csrf_token', m[1]); pm.test('CSRF token captured', function(){ pm.expect(m[1]).to.have.length.above(10); }); }",
              "else { pm.test('CSRF token not found', function(){ pm.expect.fail('No CSRF token found in login page'); }); }"
            ]
          }
        }
      ],
      "request": {"method": "GET", "url": "{{baseUrl}}/login"}
    },
    {
      "name": "Login (POST)",
      "event": [
        {
          "listen": "prerequest",
          "script": {"type": "text/javascript","exec": [
            "if (!pm.collectionVariables.get('csrf_token')) {",
            "  pm.sendRequest({ url: pm.variables.get('baseUrl') + '/login', method: 'GET' }, function(err, res){",
            "    if (!err) { const m = res.text().match(/name=\"_token\"\s+value=\"([^\"]+)\"/); if (m) pm.collectionVariables.set('csrf_token', m[1]); }",
            "  });",
            "}"
          ]}
        }
      ],
      "request": {
        "method": "POST",
        "header": [ {"key": "Content-Type", "value": "application/x-www-form-urlencoded"} ],
        "url": "{{baseUrl}}/login",
        "body": {
          "mode": "urlencoded",
          "urlencoded": [
            {"key": "email", "value": "admin@demo.com"},
            {"key": "password", "value": "Admin@123"},
            {"key": "_token", "value": "{{csrf_token}}"}
          ]
        }
      }
    },
    {
      "name": "List Tournaments (GET)",
      "request": {"method": "GET", "url": "{{baseUrl}}/api/tournaments"}
    },
    {
      "name": "Join Tournament (POST)",
      "event": [
        {"listen": "prerequest", "script": {"type": "text/javascript","exec": [
          "if (!pm.collectionVariables.get('csrf_token')) {",
          "  pm.sendRequest({ url: pm.variables.get('baseUrl') + '/login', method: 'GET' }, function(err, res){",
          "    if (!err) { const m = res.text().match(/name=\"_token\"\s+value=\"([^\"]+)\"/); if (m) pm.collectionVariables.set('csrf_token', m[1]); }",
          "  });",
          "}"
        ]}}
      ],
      "request": {
        "method": "POST",
        "header": [
          {"key": "Content-Type", "value": "application/x-www-form-urlencoded"},
          {"key": "X-CSRF-Token", "value": "{{csrf_token}}"}
        ],
        "url": "{{baseUrl}}/api/tournaments/join",
        "body": {"mode": "urlencoded", "urlencoded": [ {"key": "tournament_id", "value": "1"} ]}
      }
    },
    {
      "name": "My Transactions (GET)",
      "request": {"method": "GET", "url": "{{baseUrl}}/api/me/transactions"}
    },
    {
      "name": "Mark Notification Seen (POST)",
      "event": [
        {"listen": "prerequest", "script": {"type": "text/javascript","exec": [
          "if (!pm.collectionVariables.get('csrf_token')) {",
          "  pm.sendRequest({ url: pm.variables.get('baseUrl') + '/login', method: 'GET' }, function(err, res){",
          "    if (!err) { const m = res.text().match(/name=\"_token\"\s+value=\"([^\"]+)\"/); if (m) pm.collectionVariables.set('csrf_token', m[1]); }",
          "  });",
          "}"
        ]}}
      ],
      "request": {
        "method": "POST",
        "header": [
          {"key": "Content-Type", "value": "application/json"},
          {"key": "X-Requested-With", "value": "XMLHttpRequest"},
          {"key": "X-CSRF-Token", "value": "{{csrf_token}}"}
        ],
        "url": "{{baseUrl}}/notifications/seen",
        "body": {"mode": "raw", "raw": "{\n  \"id\": 1\n}"}
      }
    },
    {
      "name": "Wallet Withdraw (POST)",
      "event": [
        {"listen": "prerequest", "script": {"type": "text/javascript","exec": [
          "if (!pm.collectionVariables.get('csrf_token')) {",
          "  pm.sendRequest({ url: pm.variables.get('baseUrl') + '/login', method: 'GET' }, function(err, res){",
          "    if (!err) { const m = res.text().match(/name=\"_token\"\s+value=\"([^\"]+)\"/); if (m) pm.collectionVariables.set('csrf_token', m[1]); }",
          "  });",
          "}"
        ]}}
      ],
      "request": {
        "method": "POST",
        "header": [
          {"key": "Content-Type", "value": "application/x-www-form-urlencoded"},
          {"key": "X-CSRF-Token", "value": "{{csrf_token}}"}
        ],
        "url": "{{baseUrl}}/wallet/withdraw",
        "body": {"mode": "urlencoded", "urlencoded": [
          {"key": "amount", "value": "100"},
          {"key": "upi_id", "value": "demo@upi"},
          {"key": "_token", "value": "{{csrf_token}}"}
        ]}
      }
    }
  ],
  "variable": [
    {"key": "baseUrl", "value": "http://localhost/bgmi/public"}
  ]
}