1
00:00:03,950 --> 00:00:09,180
Now that we have understood passport and how passport adds

2
00:00:09,180 --> 00:00:14,294
in a simple authentication middleware for our NodeJS application,

3
00:00:14,294 --> 00:00:18,435
and provides a flexible easy to configure

4
00:00:18,435 --> 00:00:22,935
way and provides various strategies for user authentication,

5
00:00:22,935 --> 00:00:27,850
let's go on a journey with our passport.

6
00:00:27,890 --> 00:00:31,020
To get started on this exercise,

7
00:00:31,020 --> 00:00:33,945
as the first step let's install passport,

8
00:00:33,945 --> 00:00:40,135
passport-local and passport-local-mongoose node modules into our confusion server.

9
00:00:40,135 --> 00:00:44,030
So at the prompt type npm instal_passport,

10
00:00:44,030 --> 00:00:49,820
passport-local,

11
00:00:49,820 --> 00:00:59,430
passport local-mongoose mnus minus save and install these three modules.

12
00:00:59,430 --> 00:01:05,980
As you can see at the moment we are starting with passport 0.4.0,

13
00:01:05,980 --> 00:01:15,004
passport-local 1.0.0 and passport-local-mongoose 5.0.1 versions in this course.

14
00:01:15,004 --> 00:01:20,110
Now that we have installed passport, passport-local, and passport-local-mongoose,

15
00:01:20,110 --> 00:01:25,640
let's go to the confusion server and go to the user.js file.

16
00:01:25,640 --> 00:01:31,325
We will update the user schema and model to use the passport-local-mongoose.

17
00:01:31,325 --> 00:01:33,735
To do that, in here we'll say

18
00:01:33,735 --> 00:01:41,060
var passportLocalMongoose

19
00:01:41,060 --> 00:01:45,390
require passport-local-mongoose.

20
00:01:46,190 --> 00:01:50,330
So this we will install as

21
00:01:50,330 --> 00:01:56,780
the mongoose plugin in our application and we can remove the username and

22
00:01:56,780 --> 00:02:00,440
password because these would be automatically added in by

23
00:02:00,440 --> 00:02:04,535
the passport-local-mongoose plugin here and

24
00:02:04,535 --> 00:02:12,980
to use that as a plugin in our mongoose schema and model.

25
00:02:12,980 --> 00:02:20,160
We'll say user plug in and passport-local-mongoose.

26
00:02:20,160 --> 00:02:23,360
So, this will automatically as I said adding support for

27
00:02:23,360 --> 00:02:28,040
username and hashed storage of the password using

28
00:02:28,040 --> 00:02:33,305
the hash and salt and adding

29
00:02:33,305 --> 00:02:37,235
additional methods on the user schema

30
00:02:37,235 --> 00:02:40,880
and the model which are useful for passport authentication.

31
00:02:40,880 --> 00:02:48,390
So once we have completed updating the user.js file then in our project folder,

32
00:02:48,390 --> 00:02:55,160
we'll create a new file and name it as authenticate.js.

33
00:02:55,160 --> 00:02:57,800
In the authentic.js file,

34
00:02:57,800 --> 00:03:03,420
let me import passport.

35
00:03:03,940 --> 00:03:10,700
So we'll say require passport and we're going to

36
00:03:10,700 --> 00:03:16,700
use this file to store the authentication strategies that we will configure.

37
00:03:16,700 --> 00:03:26,195
So we'll say var. LocalStrategy require passport-local,

38
00:03:26,195 --> 00:03:36,140
so the passport local module exports a strategy that we can use for our application.

39
00:03:36,140 --> 00:03:39,800
So we'll say passport-local.Strategy

40
00:03:39,800 --> 00:03:56,700
and then we will import user from models user.

41
00:03:58,550 --> 00:04:06,270
Let's now configure the passport with the new local strategy

42
00:04:06,270 --> 00:04:13,970
and then we will export this from this file because this is going to be a node module.

43
00:04:13,970 --> 00:04:23,940
So we'll say exports.local and we'll say passport and you

44
00:04:23,940 --> 00:04:28,580
can see that the passport supports the various methods

45
00:04:28,580 --> 00:04:33,710
here so we'll say passport use and say

46
00:04:33,710 --> 00:04:39,125
new LocalStrategy and then this is where

47
00:04:39,125 --> 00:04:47,715
the functions that are supported by the passport-local-mongoose comes to our help.

48
00:04:47,715 --> 00:04:52,225
So the local strategy will need to be supplied with the verify function.

49
00:04:52,225 --> 00:04:55,210
Inside this function we will verify the user.

50
00:04:55,210 --> 00:04:59,090
This verify function will be called with the username and password that

51
00:04:59,090 --> 00:05:03,380
passport will extract from our incoming request.

52
00:05:03,380 --> 00:05:09,620
Now in the incoming request for the LocalStrategy the username and password

53
00:05:09,620 --> 00:05:16,800
should be supplied in the body of the message in the form of a Json string.

54
00:05:17,680 --> 00:05:21,560
Again because we are doing body-parser so that'll be

55
00:05:21,560 --> 00:05:24,500
added into the body of the message and then from there passport

56
00:05:24,500 --> 00:05:29,000
we'll retrieve that and then use that and supply the username and password

57
00:05:29,000 --> 00:05:34,775
as parameters to the verify function that we will supply to the LocalStrategy.

58
00:05:34,775 --> 00:05:37,565
Since we are using passport mongoose plugin,

59
00:05:37,565 --> 00:05:44,915
the mongoose plugin itself adds this function called user.authenticate.

60
00:05:44,915 --> 00:05:51,495
So it adds this method to the user schema and the model.

61
00:05:51,495 --> 00:05:55,775
We're going to supply that as the function

62
00:05:55,775 --> 00:06:00,350
that will provide the authentication for the LocalStrategy.

63
00:06:00,350 --> 00:06:02,540
Now if you are not using

64
00:06:02,540 --> 00:06:06,875
passport-local-mongoose when you set up a mongoose plugin that we have done,

65
00:06:06,875 --> 00:06:08,060
if you're not using that,

66
00:06:08,060 --> 00:06:12,540
then you need to write your own user authentication function here.

67
00:06:12,540 --> 00:06:15,720
In the lecture earlier,

68
00:06:15,720 --> 00:06:18,860
I had shown you a simple user authentication function

69
00:06:18,860 --> 00:06:22,580
that can be used here but the one that is

70
00:06:22,580 --> 00:06:25,610
supplied by the passport-local-mongoose module is more

71
00:06:25,610 --> 00:06:30,200
comprehensive and so that is what we will make use of in our application.

72
00:06:30,200 --> 00:06:36,365
Also since we are still using sessions to track users in our application,

73
00:06:36,365 --> 00:06:43,775
we need to serialize and deserialize the user.

74
00:06:43,775 --> 00:06:47,345
So this basically takes the user information.

75
00:06:47,345 --> 00:06:54,815
Now recall that the passport authenticate will mount the req.user or the user property to

76
00:06:54,815 --> 00:06:58,715
the request message and so

77
00:06:58,715 --> 00:07:04,610
that user information will be serialized and deserialized realized by using

78
00:07:04,610 --> 00:07:17,295
this saying serialize user and passport deserialize user.

79
00:07:17,295 --> 00:07:22,235
Also we'll say user deserialize user.

80
00:07:22,235 --> 00:07:27,920
These two functions they serialize user and deserialize user are provided on

81
00:07:27,920 --> 00:07:35,030
the user schema and model by the use of the passport-local-mongoose plugin here.

82
00:07:35,030 --> 00:07:38,240
So this will take care of whatever it is required for

83
00:07:38,240 --> 00:07:42,860
our support for sessions in passport.

84
00:07:42,860 --> 00:07:48,375
So once we have completed this update to the authenticate.js file,

85
00:07:48,375 --> 00:07:54,200
this file will required wherever it is needed for us to use in our authentication.

86
00:07:54,200 --> 00:07:57,695
Next going to the users.js file,

87
00:07:57,695 --> 00:07:59,795
in the users.js file,

88
00:07:59,795 --> 00:08:04,170
we will first import passport.

89
00:08:04,170 --> 00:08:09,525
So we'll say var passport require passport.

90
00:08:09,525 --> 00:08:16,100
Then, because we are using the passport local mongoose plugin,

91
00:08:16,100 --> 00:08:20,525
the mongoose plugin itself supplies some metrics that are

92
00:08:20,525 --> 00:08:25,380
useful for us to use in the sign-up process and in the login process.

93
00:08:25,380 --> 00:08:29,030
So going down to the router post here,

94
00:08:29,030 --> 00:08:34,120
the mongoose plugin provides us with a method called register,

95
00:08:34,120 --> 00:08:37,275
on the user schema and model.

96
00:08:37,275 --> 00:08:44,460
So we'll say user register and this will be turned into saying new user.

97
00:08:44,460 --> 00:08:51,035
This new user is the first parameter that the register takes

98
00:08:51,035 --> 00:08:58,245
and the second parameter is the req body password.

99
00:08:58,245 --> 00:09:05,440
So the password which comes in as a second parameter in the body of the message.

100
00:09:05,440 --> 00:09:08,460
So recall that the username and password are passed

101
00:09:08,460 --> 00:09:12,020
in when you sign up in the body of the message.

102
00:09:12,020 --> 00:09:14,255
Now, in this case,

103
00:09:14,255 --> 00:09:19,855
this will result in a call back function supplying error

104
00:09:19,855 --> 00:09:25,825
and the user as the two callback values here and unfortunately,

105
00:09:25,825 --> 00:09:28,790
this then doesn't work in this case.

106
00:09:28,790 --> 00:09:33,045
So I will have to cut this out from here and then

107
00:09:33,045 --> 00:09:39,415
instead handle that inside this callback method here.

108
00:09:39,415 --> 00:09:43,820
So, let me just indent this,

109
00:09:43,820 --> 00:09:48,060
so that it's more easier to see the code here.

110
00:09:48,060 --> 00:09:51,830
So I'll say, user register and the first parameter is

111
00:09:51,830 --> 00:09:53,630
a new user created with

112
00:09:53,630 --> 00:09:57,590
the username supply here and the second parameter is the password,

113
00:09:57,590 --> 00:10:02,550
and then the resulting is this callback function that'll call,

114
00:10:02,550 --> 00:10:06,100
we will say error user here.

115
00:10:06,100 --> 00:10:11,260
In this case, we have to edit the code a little bit here.

116
00:10:11,260 --> 00:10:14,620
So in the first part,

117
00:10:14,620 --> 00:10:21,850
we'll say if error,

118
00:10:21,850 --> 00:10:28,150
then they will have to explicitly send back the reply.

119
00:10:28,150 --> 00:10:34,945
So, I'm just going to copy these two here.

120
00:10:34,945 --> 00:10:37,670
So we'll say, if error,

121
00:10:37,740 --> 00:10:40,860
then res status code,

122
00:10:40,860 --> 00:10:46,970
we will set this to 500 and set header content type and then,

123
00:10:46,970 --> 00:10:52,520
we'll set res json and then error, error.

124
00:10:52,520 --> 00:10:56,790
So we'll construct a json object with the error as

125
00:10:56,790 --> 00:11:01,590
the value for the error property in there and then send this back.

126
00:11:01,590 --> 00:11:06,145
So this is how you would handle the error in this case.

127
00:11:06,145 --> 00:11:11,110
Otherwise, what we do here is that we'll

128
00:11:11,110 --> 00:11:18,970
say passport authenticate local.

129
00:11:18,970 --> 00:11:23,810
So if we're going to use passport to authenticate the user again.

130
00:11:23,810 --> 00:11:25,930
So we'll say passport authenticate local.

131
00:11:25,930 --> 00:11:28,820
To ensure that the user registration was successful.

132
00:11:28,820 --> 00:11:33,145
we'll try to authenticate the same user that we just registered and

133
00:11:33,145 --> 00:11:38,335
here we'll say req res and this

134
00:11:38,335 --> 00:11:48,355
will return as a third value that function inside which,

135
00:11:48,355 --> 00:11:52,300
we're going to send back the reply to our client.

136
00:11:52,300 --> 00:12:01,140
So we'll say. Let me remove this and then add it in here.

137
00:12:01,140 --> 00:12:03,190
We can now remove this then,

138
00:12:03,190 --> 00:12:11,070
because this then is not necessary for us and this is the closing of the user register.

139
00:12:11,070 --> 00:12:12,990
In the else part,

140
00:12:12,990 --> 00:12:16,810
we will do passport authenticate local.

141
00:12:16,970 --> 00:12:19,510
Look at the syntax here.

142
00:12:19,510 --> 00:12:23,425
So this is passport authenticate local and then following that,

143
00:12:23,425 --> 00:12:29,325
we have to call this function here that the parameters req,

144
00:12:29,325 --> 00:12:35,245
res and that the third one being a callback function here.

145
00:12:35,245 --> 00:12:42,275
So this is the way this is implemented because passport expects you to do it this way.

146
00:12:42,275 --> 00:12:46,495
In here, we'll set req res status code is 200,

147
00:12:46,495 --> 00:12:49,930
set header content application json and then we'll

148
00:12:49,930 --> 00:12:59,410
res json status registration successful and we'll not pass the user value here.

149
00:12:59,410 --> 00:13:03,240
Instead, what I will do is I will

150
00:13:03,240 --> 00:13:10,695
set a flag called success here to true here.

151
00:13:10,695 --> 00:13:15,620
Now this way, on our client side when this json is received,

152
00:13:15,620 --> 00:13:20,550
the client can simply extract the success property and then check to see if it is true

153
00:13:20,550 --> 00:13:25,695
or not to quickly check if the registration was successful or not.

154
00:13:25,695 --> 00:13:32,000
So this is how we will handle the user registration process here.

155
00:13:32,000 --> 00:13:35,470
So notice how the code has significantly simplified.

156
00:13:35,470 --> 00:13:38,924
If the user did not register properly,

157
00:13:38,924 --> 00:13:45,665
then this will send back an error appropriately and also the authentication will fail.

158
00:13:45,665 --> 00:13:51,115
So both cases, you'll catch the situation when the user authentication fails.

159
00:13:51,115 --> 00:13:56,270
Now, the login process itself also gets significantly simplified.

160
00:13:56,270 --> 00:14:01,650
So, we don't need to do all this in the login route here.

161
00:14:01,650 --> 00:14:07,220
So I'm going to remove all this code and this login route becomes simplified here.

162
00:14:07,220 --> 00:14:14,365
Now for the login route- for the router post when we do it here,

163
00:14:14,365 --> 00:14:19,150
here also we expect the username and password to be included

164
00:14:19,150 --> 00:14:24,240
in the body of the post message that is coming her.

165
00:14:24,240 --> 00:14:32,030
Unlike the earlier case where we were including this in the authorization header,

166
00:14:32,030 --> 00:14:37,865
here we expect this to be included in the body of the incoming post message.

167
00:14:37,865 --> 00:14:47,730
So to authenticate, we'll simply say passport authenticate and we'll say local here.

168
00:14:47,730 --> 00:14:52,320
So this will be the second call here.

169
00:14:52,320 --> 00:14:55,360
So this is the second middleware here that we're going to cut.

170
00:14:55,360 --> 00:15:01,690
So when the router post comes in on the login endpoint,

171
00:15:01,690 --> 00:15:06,095
we will first call the passport authenticate local.

172
00:15:06,095 --> 00:15:09,660
If this is successful then this will come

173
00:15:09,660 --> 00:15:13,485
in and the next function that follows will be executed.

174
00:15:13,485 --> 00:15:15,760
If there is any error in the authentication,

175
00:15:15,760 --> 00:15:18,850
this passport authenticate local will automatically

176
00:15:18,850 --> 00:15:24,210
send back a reply to the client about the failure of the authentication.

177
00:15:24,210 --> 00:15:26,190
So that is already taken care of.

178
00:15:26,190 --> 00:15:33,345
So notice how the code in the login process gets significantly simplified.

179
00:15:33,345 --> 00:15:36,565
So, if this goes through successfully,

180
00:15:36,565 --> 00:15:42,775
I only need to check for the req and res and in here what I will do

181
00:15:42,775 --> 00:15:49,665
is I will simply send back a message to the client side with this information in here.

182
00:15:49,665 --> 00:15:53,775
We'll say res status code 200,

183
00:15:53,775 --> 00:16:02,145
res set header content type application json and res json success true status.

184
00:16:02,145 --> 00:16:13,010
We'll say, you are successfully logged in.

185
00:16:13,010 --> 00:16:18,100
That's it. This is the change that we are going to make to the users.js file.

186
00:16:18,100 --> 00:16:21,275
So notice how, because of the user passport,

187
00:16:21,275 --> 00:16:24,655
both the sign up process and the login process,

188
00:16:24,655 --> 00:16:28,205
the code has significantly simplified in this case.

189
00:16:28,205 --> 00:16:34,465
Now we will move on to update app.js file going to app.js now.

190
00:16:34,465 --> 00:16:37,555
In app.js right up here

191
00:16:37,555 --> 00:16:50,540
we will input passport.

192
00:16:51,270 --> 00:16:55,310
Then, we will import

193
00:16:59,820 --> 00:17:07,120
the authenticate module that we just implemented.

194
00:17:07,120 --> 00:17:15,390
We will say var authenticate and in the app.js file down below here after session,

195
00:17:15,390 --> 00:17:25,320
we add app.use(passport.initialize),

196
00:17:25,320 --> 00:17:32,100
and app.use(.session).

197
00:17:32,950 --> 00:17:37,810
If the user is logged in,

198
00:17:37,810 --> 00:17:42,945
then what happens is that when the session is initiated again,

199
00:17:42,945 --> 00:17:47,095
you recall that when you log in here,

200
00:17:47,095 --> 00:17:48,735
you will be logging in here,

201
00:17:48,735 --> 00:17:51,705
and a call to the passport authenticate local,

202
00:17:51,705 --> 00:17:53,730
when this is done at the login stage,

203
00:17:53,730 --> 00:17:56,460
the passport authenticate local will

204
00:17:56,460 --> 00:18:00,625
automatically add the user property to the request message.

205
00:18:00,625 --> 00:18:03,415
So, it'll add req.user and then,

206
00:18:03,415 --> 00:18:07,265
the passport session that we have done here will automatically

207
00:18:07,265 --> 00:18:12,575
serialize that user information and then store it in the session.

208
00:18:12,575 --> 00:18:15,925
So, and subsequently, whenever

209
00:18:15,925 --> 00:18:19,135
a incoming request comes in from the client side

210
00:18:19,135 --> 00:18:22,630
with the session cookie already in place,

211
00:18:22,630 --> 00:18:29,250
then this will automatically load the req.user onto the incoming request.

212
00:18:29,250 --> 00:18:32,735
So, that is how the passport session itself is organized.

213
00:18:32,735 --> 00:18:34,445
So, once this is done,

214
00:18:34,445 --> 00:18:40,075
even our authentication code will become lot more simpler here.

215
00:18:40,075 --> 00:18:42,400
So, in the authentication code,

216
00:18:42,400 --> 00:18:49,450
we will simply say, if req.user.

217
00:18:49,450 --> 00:18:55,690
So, the req.user will be loaded in by the passport session middleware automatically,

218
00:18:55,690 --> 00:18:58,845
and so we'll say req.user.

219
00:18:58,845 --> 00:19:03,940
If not req.user we'll say var err, new error,

220
00:19:03,940 --> 00:19:09,495
you're not authenticated, and all these messages here.

221
00:19:09,495 --> 00:19:15,410
Otherwise, see the else part also now gets simplified.

222
00:19:17,280 --> 00:19:20,010
We'll say else next.

223
00:19:20,010 --> 00:19:27,335
So, your authentication code becomes lot more simpler because if req.user is not present,

224
00:19:27,335 --> 00:19:31,695
then that means that the authentication has not been done correctly so,

225
00:19:31,695 --> 00:19:33,345
that's why you indicate the error.

226
00:19:33,345 --> 00:19:35,470
Otherwise, you are authenticated.

227
00:19:35,470 --> 00:19:37,110
If req.user is present,

228
00:19:37,110 --> 00:19:39,900
that means the passport has done the authentication and the

229
00:19:39,900 --> 00:19:42,970
req.user user is loaded on to the request message,

230
00:19:42,970 --> 00:19:46,410
and so you can just go on further down.

231
00:19:46,410 --> 00:19:49,815
So, that's the change that we need to make to app.js.

232
00:19:49,815 --> 00:19:57,775
Let's save all the changes and then look at the application in Postman.

233
00:19:57,775 --> 00:20:01,385
Once you save all the changes, restart your server.

234
00:20:01,385 --> 00:20:02,600
If your server is running,

235
00:20:02,600 --> 00:20:04,700
stop it, and then restart your server.

236
00:20:04,700 --> 00:20:07,680
Let me start my server.

237
00:20:08,160 --> 00:20:10,450
Once the server is up and running,

238
00:20:10,450 --> 00:20:13,900
let's go to Postman and do a few request.

239
00:20:13,900 --> 00:20:17,650
Going to Postman, let me now try to register a new user

240
00:20:17,650 --> 00:20:22,120
by doing a post on the users sign up endpoint.

241
00:20:22,120 --> 00:20:28,485
When the registration is posted,

242
00:20:28,485 --> 00:20:31,850
you see that in the body of the reply message it says,

243
00:20:31,850 --> 00:20:35,805
success true, and status registration successful.

244
00:20:35,805 --> 00:20:40,430
So, the user has been registered successfully on the client side.

245
00:20:40,430 --> 00:20:44,870
So, now, let me do a login of the user.

246
00:20:44,870 --> 00:20:50,000
So, we'll say, "Login," and still supply

247
00:20:50,000 --> 00:20:55,765
the username and password in the body of the message here.

248
00:20:55,765 --> 00:20:58,345
So, when I click on the "Send",

249
00:20:58,345 --> 00:21:02,550
you will immediately notice that at the bottom,

250
00:21:02,550 --> 00:21:05,050
it says, success, true, and status,

251
00:21:05,050 --> 00:21:09,440
you're logged in and then in the header itself,

252
00:21:09,440 --> 00:21:13,515
you would see a set-cookie coming in because we are setting up the session,

253
00:21:13,515 --> 00:21:17,390
and then you see the cookie in place there.

254
00:21:17,390 --> 00:21:19,465
When you click on the cookies,

255
00:21:19,465 --> 00:21:23,875
you see the session ID in place right there.

256
00:21:23,875 --> 00:21:26,980
So, now we are successfully logged in.

257
00:21:26,980 --> 00:21:35,630
Let's send a request to the Get localhost: 3000 dishes endpoint.

258
00:21:35,630 --> 00:21:42,210
You see that your request went in successfully and then a reply was sent.

259
00:21:42,210 --> 00:21:43,350
Of course, at this moment,

260
00:21:43,350 --> 00:21:48,330
my database is empty so that's why it sends back an empty array

261
00:21:48,330 --> 00:21:54,530
from the server site when I ask for localhost:3000/dishes.

262
00:21:55,050 --> 00:21:58,165
This is perfectly fine.

263
00:21:58,165 --> 00:22:00,610
Let me now log out the user.

264
00:22:00,610 --> 00:22:02,995
So, when I log out the user, now,

265
00:22:02,995 --> 00:22:10,450
you will notice that the user has been logged out and when you click on the cookies,

266
00:22:10,450 --> 00:22:14,660
you will notice that, that cookie for localhost is gone already.

267
00:22:14,660 --> 00:22:19,245
So, now, if you try to do a get on the localhost:dishes,

268
00:22:19,245 --> 00:22:24,910
you see that the reply says,

269
00:22:24,910 --> 00:22:26,640
you are not authenticated.

270
00:22:26,640 --> 00:22:32,760
Let's sign in one more time by doing a post on the users login,

271
00:22:32,760 --> 00:22:36,290
and then, you see that we can successfully login at this point.

272
00:22:36,290 --> 00:22:37,830
You also notice that,

273
00:22:37,830 --> 00:22:40,075
that new cookie has been set up here.

274
00:22:40,075 --> 00:22:44,480
Then, if we do a get on the localhost:dishes here,

275
00:22:44,480 --> 00:22:46,465
now, this will be successful.

276
00:22:46,465 --> 00:22:51,624
Since we are using passport-local mongoose as the mongoose plugin,

277
00:22:51,624 --> 00:22:55,790
let's also go and check our MongoDB server to see how

278
00:22:55,790 --> 00:23:00,410
the user's information is actually stored in our MongoDB.

279
00:23:00,410 --> 00:23:04,880
So, in your terminal,

280
00:23:04,880 --> 00:23:06,970
you can open the Mongo ripple,

281
00:23:06,970 --> 00:23:11,775
so let's say Mongo at the terminal and then connect to our MongoDB server,

282
00:23:11,775 --> 00:23:16,500
and then say use conFusion.

283
00:23:16,500 --> 00:23:26,285
Then we'll say db.users.find().pretty() and then print out the user's information.

284
00:23:26,285 --> 00:23:31,180
So, when you print out the user's information as you see here,

285
00:23:31,180 --> 00:23:35,235
there is one user that we have registered earlier.

286
00:23:35,235 --> 00:23:40,840
So, you'll see that the user's record contains the object ID and then,

287
00:23:40,840 --> 00:23:42,665
the username down below here,

288
00:23:42,665 --> 00:23:46,060
and the admin flag which is false and then,

289
00:23:46,060 --> 00:23:53,720
also notice that instead of storing the password itself what the Mongos

290
00:23:53,720 --> 00:23:57,515
passport-local mongoose plugin does is it stores

291
00:23:57,515 --> 00:24:01,865
its salt value here and a hash value here.

292
00:24:01,865 --> 00:24:08,655
Now, what Mongo's plugin does is that it will use the salt as a way of

293
00:24:08,655 --> 00:24:15,990
encrypting the password and install the hashed password in this hash field here.

294
00:24:15,990 --> 00:24:17,980
So, when you try to log in,

295
00:24:17,980 --> 00:24:23,130
it will apply the same transformation to the incoming password,

296
00:24:23,130 --> 00:24:27,330
and then try to match it with this hash value that is stored here.

297
00:24:27,330 --> 00:24:29,580
So, you can see that in the database itself,

298
00:24:29,580 --> 00:24:32,855
the password is not directly stored inside

299
00:24:32,855 --> 00:24:38,280
the hashed value of the password which is hashed using this salt key here,

300
00:24:38,280 --> 00:24:39,435
that we see here,

301
00:24:39,435 --> 00:24:42,780
is stored in the record there.

302
00:24:42,780 --> 00:24:47,440
So, that is how the passport-local Mongoose plugin enables us

303
00:24:47,440 --> 00:24:53,905
to store the user information within our database.

304
00:24:53,905 --> 00:24:58,680
With this quick understanding of how passport, passport-local,

305
00:24:58,680 --> 00:25:02,590
and passport-local-Mongoose help us to simplify

306
00:25:02,590 --> 00:25:09,390
the local strategy for username and password in our application.

307
00:25:09,390 --> 00:25:11,660
We complete this exercise.

308
00:25:11,660 --> 00:25:18,390
This is a good time for you to do a Git commit with the message passport.