1
00:00:01,470 --> 00:00:03,450
Instructor: We're now returning a JWT token

2
00:00:03,450 --> 00:00:06,780
whenever a user signs up for our application.

3
00:00:06,780 --> 00:00:08,070
We're in a pretty good spot right now.

4
00:00:08,070 --> 00:00:09,660
So let's take a second to talk about

5
00:00:09,660 --> 00:00:11,100
where we are and where we're going

6
00:00:11,100 --> 00:00:12,690
for the rest of this entire video

7
00:00:12,690 --> 00:00:15,630
or this entire section on authentication.

8
00:00:15,630 --> 00:00:16,463
At this point,

9
00:00:16,463 --> 00:00:19,800
we have the ability to sign a user up for our application.

10
00:00:19,800 --> 00:00:22,230
We are encrypting their password when it's stored

11
00:00:22,230 --> 00:00:25,290
and we're generating a token for them to use.

12
00:00:25,290 --> 00:00:27,780
There's two major tasks that we still have ahead of us.

13
00:00:27,780 --> 00:00:29,430
Number one, we need to be,

14
00:00:29,430 --> 00:00:31,140
we need to give our users the ability

15
00:00:31,140 --> 00:00:33,330
to sign into our application.

16
00:00:33,330 --> 00:00:35,430
That is, once they've signed up,

17
00:00:35,430 --> 00:00:36,840
we need to now give them the ability

18
00:00:36,840 --> 00:00:39,240
to exchange a username and a password

19
00:00:39,240 --> 00:00:41,610
for a token in the future.

20
00:00:41,610 --> 00:00:44,760
Right now, they can only get a token by signing up.

21
00:00:44,760 --> 00:00:45,900
So that's task number one.

22
00:00:45,900 --> 00:00:48,600
We have to handle the login case.

23
00:00:48,600 --> 00:00:51,690
Task number two is we need to implement some ability

24
00:00:51,690 --> 00:00:54,480
to verify that a user is authenticated

25
00:00:54,480 --> 00:00:58,140
whenever they attempt to visit some protected resource.

26
00:00:58,140 --> 00:00:59,520
Let's take a look at a diagram

27
00:00:59,520 --> 00:01:01,713
to kind of illustrate what I mean by that.

28
00:01:03,360 --> 00:01:04,680
So let's say that we have

29
00:01:04,680 --> 00:01:06,630
the Authentication Controller right now

30
00:01:06,630 --> 00:01:07,463
and let's imagine

31
00:01:07,463 --> 00:01:10,530
that we also have a controller called Comments Controller

32
00:01:10,530 --> 00:01:12,393
and maybe Post Controller as well.

33
00:01:13,230 --> 00:01:16,560
And if a user is going to get access to either the,

34
00:01:16,560 --> 00:01:17,850
either these controllers,

35
00:01:17,850 --> 00:01:20,430
they need to be authenticated ahead of time.

36
00:01:20,430 --> 00:01:21,870
So we need to build

37
00:01:21,870 --> 00:01:23,760
is something like this box right here.

38
00:01:23,760 --> 00:01:25,470
This thing to ask the question,

39
00:01:25,470 --> 00:01:26,970
is this user logged in?

40
00:01:26,970 --> 00:01:29,010
Are they currently authenticated?

41
00:01:29,010 --> 00:01:31,680
Did they include a JWT token with their request?

42
00:01:31,680 --> 00:01:32,513
And if they did,

43
00:01:32,513 --> 00:01:34,710
is it a valid token?

44
00:01:34,710 --> 00:01:35,970
So that's what we're gonna spend time

45
00:01:35,970 --> 00:01:36,960
in this section to build.

46
00:01:36,960 --> 00:01:38,250
We're gonna build the,

47
00:01:38,250 --> 00:01:40,080
we're gonna build a service to answer

48
00:01:40,080 --> 00:01:42,930
whether or not the user is currently logged in.

49
00:01:42,930 --> 00:01:44,550
Once we know whether or not they're logged in,

50
00:01:44,550 --> 00:01:47,220
we'll go back and work on the sign in route.

51
00:01:47,220 --> 00:01:48,990
Because once we do this kind of logged in,

52
00:01:48,990 --> 00:01:49,920
you're gonna be surprised

53
00:01:49,920 --> 00:01:52,803
at how easy it is to do the sign in as well.

54
00:01:55,080 --> 00:01:58,110
So to assist us with this kind of login case right there,

55
00:01:58,110 --> 00:01:59,610
or this login handling,

56
00:01:59,610 --> 00:02:01,560
it's something that we want to intercept

57
00:02:01,560 --> 00:02:03,990
on only some routes, right?

58
00:02:03,990 --> 00:02:05,730
Everything is gonna come through our router

59
00:02:05,730 --> 00:02:08,759
and only on some very particular routes,

60
00:02:08,759 --> 00:02:09,960
do we want to check to see

61
00:02:09,960 --> 00:02:11,550
whether or not the user is logged in

62
00:02:11,550 --> 00:02:14,613
which is indicated by the presence of a valid token.

63
00:02:17,100 --> 00:02:18,180
So to build this thing,

64
00:02:18,180 --> 00:02:21,000
we're going to use a library called Passport

65
00:02:21,000 --> 00:02:24,390
or colloquially called Passport js.

66
00:02:24,390 --> 00:02:29,220
Passport is an authentication library for Node and Express.

67
00:02:29,220 --> 00:02:31,680
It's usually used for cookie based authentication.

68
00:02:31,680 --> 00:02:33,210
And so it has a lot of helpers

69
00:02:33,210 --> 00:02:35,550
for cookie based authentication.

70
00:02:35,550 --> 00:02:38,910
We're going to use it with JWT tokens however,

71
00:02:38,910 --> 00:02:41,010
and so we're gonna go down a slightly different route

72
00:02:41,010 --> 00:02:42,510
with it than some other use.

73
00:02:42,510 --> 00:02:43,710
If you've ever used in the past,

74
00:02:43,710 --> 00:02:47,220
we're gonna have a slightly different implementation of it.

75
00:02:47,220 --> 00:02:49,920
So let's get started by installing the JW

76
00:02:49,920 --> 00:02:52,020
or the Passport library.

77
00:02:52,020 --> 00:02:53,130
Over in my terminal,

78
00:02:53,130 --> 00:02:55,530
I'm gonna end my server process

79
00:02:55,530 --> 00:02:57,420
and I'm going to install two libraries.

80
00:02:57,420 --> 00:03:01,860
I'm going to install passport

81
00:03:01,860 --> 00:03:05,287
and we're also going to install passport-jwt.

82
00:03:09,810 --> 00:03:11,520
So let these install for a bit.

83
00:03:11,520 --> 00:03:12,510
While that goes,

84
00:03:12,510 --> 00:03:14,430
I'm gonna flip back over to our code

85
00:03:14,430 --> 00:03:16,320
and I'm going to make a new folder

86
00:03:16,320 --> 00:03:19,650
to host all of our passport configuration.

87
00:03:19,650 --> 00:03:23,130
I'm gonna make a new folder called services

88
00:03:23,130 --> 00:03:23,970
and inside of it,

89
00:03:23,970 --> 00:03:28,230
I'm gonna make a new file called passport.js.

90
00:03:28,230 --> 00:03:29,760
So this is where we're going to put together

91
00:03:29,760 --> 00:03:30,840
a bunch of configuration,

92
00:03:30,840 --> 00:03:33,930
a bunch of logic to help set up Passport.

93
00:03:33,930 --> 00:03:36,120
And again, Passport is what's going to help us

94
00:03:36,120 --> 00:03:40,260
authenticate a user when they attempt to visit a,

95
00:03:40,260 --> 00:03:44,013
a route that requires authentication.

96
00:03:46,050 --> 00:03:47,670
So it looks like my install is all done.

97
00:03:47,670 --> 00:03:50,643
I'm gonna start my server back up with npm run start.

98
00:03:52,590 --> 00:03:54,153
Excuse me, npm run dev.

99
00:03:55,020 --> 00:03:56,403
Going into autopilot.

100
00:03:57,510 --> 00:03:59,040
There we go.

101
00:03:59,040 --> 00:04:00,780
Okay, so I'm in passport js.

102
00:04:00,780 --> 00:04:01,890
We're going to include,

103
00:04:01,890 --> 00:04:04,560
we're going to import a couple files at the top here.

104
00:04:04,560 --> 00:04:07,083
I'm going to include passport.

105
00:04:09,720 --> 00:04:12,393
I'm going to include our user model.

106
00:04:14,130 --> 00:04:15,420
And to get access to that,

107
00:04:15,420 --> 00:04:17,760
I need to go up one directory into models

108
00:04:17,760 --> 00:04:18,750
and then get at user.

109
00:04:18,750 --> 00:04:22,173
So I'll go up models/user.

110
00:04:23,520 --> 00:04:25,653
I'm gonna get our config file,

111
00:04:27,840 --> 00:04:29,850
which has our client secret

112
00:04:29,850 --> 00:04:34,440
and then I'm also going to include the Passport JWT Library.

113
00:04:34,440 --> 00:04:35,400
And we'll talk about exactly

114
00:04:35,400 --> 00:04:37,250
what that's doing for us in a second.

115
00:04:38,790 --> 00:04:43,203
And I'm going to very specifically call this JwtStrategy.

116
00:04:45,060 --> 00:04:47,133
I'm gonna require it from passport.

117
00:04:49,350 --> 00:04:51,540
And I'm gonna pull off a very particular property

118
00:04:51,540 --> 00:04:52,860
off of this required statement.

119
00:04:52,860 --> 00:04:54,633
So I'm gonna get at Strategy,

120
00:04:55,830 --> 00:04:59,430
the Strat, Strategy.

121
00:04:59,430 --> 00:05:00,330
There we go.

122
00:05:00,330 --> 00:05:02,358
And we'll also get one more,

123
00:05:02,358 --> 00:05:07,358
ExtractJwt, passport-Jwt, extractJwt.

124
00:05:13,050 --> 00:05:14,310
Make sure that your JwTs

125
00:05:14,310 --> 00:05:18,420
across the board are capital J and then lowercase wt.

126
00:05:18,420 --> 00:05:20,670
So we imported three modules at the top

127
00:05:20,670 --> 00:05:24,720
and then we also imported twice the passport JWT library

128
00:05:24,720 --> 00:05:26,490
and we pulled off the strategy

129
00:05:26,490 --> 00:05:30,183
and extract JWT properties off of here as well.

130
00:05:32,280 --> 00:05:33,780
So before we go any deeper

131
00:05:33,780 --> 00:05:35,370
or any more code in here,

132
00:05:35,370 --> 00:05:37,680
I wanna talk about what we're going to be building

133
00:05:37,680 --> 00:05:38,513
or what we're going,

134
00:05:38,513 --> 00:05:40,470
exactly what Passport is gonna be doing for us

135
00:05:40,470 --> 00:05:44,163
and why we need this passport JWT set up right here as well.

136
00:05:45,090 --> 00:05:46,560
To explain what's going on there.

137
00:05:46,560 --> 00:05:48,360
Let's, it's gonna take a little bit of time

138
00:05:48,360 --> 00:05:50,410
so let's tackle that in the next section.