WEBVTT 00:00.900 --> 00:06.990 Now that we logged in and have the network tab open inside of Chrome Tools, let's take a look at the 00:06.990 --> 00:08.800 request we have first here. 00:08.820 --> 00:13.650 So this is the log in request inside of Postman or inside of Chrome tools. 00:13.680 --> 00:16.050 We can see that it's a post request. 00:16.230 --> 00:22.680 It has a URL here and it has a lot of headers and cookies. 00:22.680 --> 00:23.580 It's being set. 00:23.580 --> 00:24.690 That's been set. 00:25.110 --> 00:29.400 Now you can see my form data for the form here. 00:29.400 --> 00:31.020 And yeah, that's my password. 00:31.020 --> 00:32.820 I'm okay with the password. 00:33.060 --> 00:34.200 I will change it. 00:34.200 --> 00:36.960 And I actually don't care about this account so much. 00:38.670 --> 00:42.450 So that's the form data that's being sent and that's all the headers. 00:43.070 --> 00:50.300 Now, a quick tip if you want to test this request inside of Postman and not have to copy all the headers 00:50.300 --> 00:57.920 manually and the form data, we can right click here and say copy and copy as curl request and then 00:57.920 --> 00:59.810 let's go inside of Postman. 01:00.460 --> 01:03.460 And let's open up a new request here. 01:04.570 --> 01:06.460 And let's say import. 01:07.270 --> 01:12.760 And paste raw text and just paste in the curl request here. 01:13.180 --> 01:20.320 And then Postman fills up the request with all the headers and the body already being set, which is 01:20.320 --> 01:21.400 really convenient. 01:21.430 --> 01:22.510 Then we can test. 01:22.510 --> 01:27.550 Does the request still work inside of Postman and we can see it still works. 01:27.550 --> 01:29.710 It says you're already logged in. 01:29.710 --> 01:32.410 It's okay because I am actually already logged in. 01:32.440 --> 01:36.790 It sees that the cookie is already logged in in this session. 01:38.880 --> 01:45.210 So what we want to do now is to replicate this inside of NodeJS request. 01:46.380 --> 01:47.640 So how can we do that? 01:47.640 --> 01:52.680 Well, let's try and see how much you need to be able to do this request here. 01:53.360 --> 01:59.690 If I disable the cookie here and I also delete the cookies inside of Postman. 02:00.720 --> 02:05.220 By clicking on the cookies up here in the corner, clearing them all out. 02:05.580 --> 02:09.570 And if I don't have the cookies set down here in the request, well. 02:10.290 --> 02:13.200 Then we get a 403 forbidden. 02:13.230 --> 02:15.600 That means that the request is forbidden. 02:15.600 --> 02:18.180 And it says something about csrf. 02:18.210 --> 02:21.270 The request you are the request is not allowed. 02:21.540 --> 02:24.810 So we need to have cookies set on this request. 02:24.810 --> 02:31.590 And the cookies are initially being set when we go on to the front page of this website. 02:31.590 --> 02:33.780 So if I try to log out here. 02:35.800 --> 02:40.720 The cookies are originally being set just as we visit this website. 02:40.720 --> 02:46.840 And that's sometimes the case with these authentication websites that you have to visit one website, 02:46.870 --> 02:53.890 have a cookie being set, and then you can log in onto the website when you have this cookie set. 02:54.010 --> 02:57.250 So you have to do that inside NodeJS requests sometimes. 02:57.250 --> 02:59.650 And let me show you now how we can do that.