1
00:00:02,200 --> 00:00:04,360
I did finish refactoring

2
00:00:04,360 --> 00:00:06,970
the authentication part for me here,

3
00:00:06,970 --> 00:00:09,270
though I will say, as I said before,

4
00:00:09,270 --> 00:00:11,610
there's always more you can do.

5
00:00:11,610 --> 00:00:13,660
I try to strike the balance

6
00:00:13,660 --> 00:00:16,329
between doing enough refactorings

7
00:00:16,329 --> 00:00:18,380
and still not changing everything,

8
00:00:18,380 --> 00:00:19,490
and therefore ensuring

9
00:00:19,490 --> 00:00:22,260
that the code can still be recognized.

10
00:00:22,260 --> 00:00:24,060
So what did I do?

11
00:00:24,060 --> 00:00:25,940
I added the auth-controller,

12
00:00:25,940 --> 00:00:29,160
and I renamed the post-controllers.js file

13
00:00:29,160 --> 00:00:31,110
to post-controller

14
00:00:31,110 --> 00:00:33,060
because now that we have more than one file,

15
00:00:33,060 --> 00:00:35,520
it's a bit clearer to see

16
00:00:35,520 --> 00:00:38,740
the actual functions are not the controllers.

17
00:00:38,740 --> 00:00:42,290
These are the actions of your controller instead.

18
00:00:42,290 --> 00:00:45,130
Instead, it's the controller files

19
00:00:45,130 --> 00:00:47,170
and the groupings of the functions

20
00:00:47,170 --> 00:00:49,270
that act on a certain feature

21
00:00:49,270 --> 00:00:51,930
like the blog or like the auth part

22
00:00:51,930 --> 00:00:54,090
that makes up a controller.

23
00:00:54,090 --> 00:00:56,350
And therefore, here we have a blog controller

24
00:00:56,350 --> 00:01:00,470
with all those actions that are related to posts,

25
00:01:00,470 --> 00:01:02,680
and I have an auth-controller

26
00:01:02,680 --> 00:01:05,610
with all these functions, these actions,

27
00:01:05,610 --> 00:01:08,180
related to authentication.

28
00:01:08,180 --> 00:01:10,330
That's why I renamed these files.

29
00:01:10,330 --> 00:01:13,390
And therefore, in the routes, of course, in blog.js,

30
00:01:13,390 --> 00:01:16,020
I'm also now using the blogController,

31
00:01:16,020 --> 00:01:19,940
I renamed this as well and changed my import path,

32
00:01:19,940 --> 00:01:22,680
and I'm doing the same in auth.js.

33
00:01:22,680 --> 00:01:25,860
This is now also a cleaned-up routes file

34
00:01:25,860 --> 00:01:28,390
where I'm using this auth-controller,

35
00:01:28,390 --> 00:01:31,970
and all these functions, these route handler functions,

36
00:01:31,970 --> 00:01:34,570
now became controller actions,

37
00:01:34,570 --> 00:01:36,573
so functions in the controller.

38
00:01:38,650 --> 00:01:42,420
Now let's take a look at the auth-controller.js file.

39
00:01:42,420 --> 00:01:45,430
It's still a relatively big file

40
00:01:45,430 --> 00:01:49,130
because login and signup are a couple of steps

41
00:01:49,130 --> 00:01:51,690
that have to be executed after each other,

42
00:01:51,690 --> 00:01:54,130
and I'm still performing these main steps

43
00:01:54,130 --> 00:01:56,313
in auth-controller.js.

44
00:01:57,150 --> 00:01:59,520
But I got rid of the database import

45
00:01:59,520 --> 00:02:02,100
because I moved all the database-related logic

46
00:02:02,100 --> 00:02:04,170
into a user model.

47
00:02:04,170 --> 00:02:06,160
You could have named it auth as well,

48
00:02:06,160 --> 00:02:08,310
but I think the actual entity

49
00:02:08,310 --> 00:02:10,763
with which we're working is a user.

50
00:02:11,650 --> 00:02:14,520
Now, in that user model, I have the constructor function

51
00:02:14,520 --> 00:02:16,087
that takes the email and password

52
00:02:16,087 --> 00:02:18,800
of the user we are working with.

53
00:02:18,800 --> 00:02:20,920
And then I got a couple of functions

54
00:02:20,920 --> 00:02:23,830
that help during the login process

55
00:02:23,830 --> 00:02:26,103
like getUserWithSameEmail.

56
00:02:27,400 --> 00:02:30,160
Here I can simply check if I find a user

57
00:02:30,160 --> 00:02:33,020
with the email of the user I created here,

58
00:02:33,020 --> 00:02:35,150
and then I return that user.

59
00:02:35,150 --> 00:02:39,530
And I use this function in existsAlready, for example,

60
00:02:39,530 --> 00:02:44,020
which is a little utility method I added to the user model

61
00:02:44,020 --> 00:02:46,870
to look for a user with the same email address

62
00:02:46,870 --> 00:02:48,630
using that method up here,

63
00:02:48,630 --> 00:02:50,930
and then I just return true or false

64
00:02:50,930 --> 00:02:53,950
depending on whether we found one or not

65
00:02:53,950 --> 00:02:56,130
so that I don't have to perform this check

66
00:02:56,130 --> 00:02:57,250
in the controller,

67
00:02:57,250 --> 00:02:59,250
but instead there, I can just call

68
00:02:59,250 --> 00:03:02,670
this existsAlready utility method.

69
00:03:02,670 --> 00:03:04,813
And we'll see it being called in a second.

70
00:03:05,980 --> 00:03:07,610
Then I have the signup method

71
00:03:07,610 --> 00:03:11,020
where I hash the password and then write the user data

72
00:03:11,020 --> 00:03:14,200
with the hashed password and the provided email

73
00:03:14,200 --> 00:03:16,030
into the database.

74
00:03:16,030 --> 00:03:19,620
And I have the login method where I compare passwords,

75
00:03:19,620 --> 00:03:23,100
and then I return the result of that comparison.

76
00:03:23,100 --> 00:03:27,090
That's all I'm doing there because the entire validation,

77
00:03:27,090 --> 00:03:31,580
sending validation errors, and adjusting the session,

78
00:03:31,580 --> 00:03:35,150
all these parts are still done in the controller here,

79
00:03:35,150 --> 00:03:38,680
though you could also consider outsourcing those

80
00:03:38,680 --> 00:03:39,730
into the model

81
00:03:39,730 --> 00:03:43,513
or probably into some utility helper files instead.

82
00:03:45,390 --> 00:03:48,270
Now, in that auth-controller.js file,

83
00:03:48,270 --> 00:03:50,890
I therefore still have these different actions,

84
00:03:50,890 --> 00:03:52,520
these different functions,

85
00:03:52,520 --> 00:03:56,210
and I'm still using the approach where I get error data

86
00:03:56,210 --> 00:03:59,820
from a session, for example, with some default data

87
00:03:59,820 --> 00:04:02,080
in case I have no errors.

88
00:04:02,080 --> 00:04:04,070
I do the same for login.

89
00:04:04,070 --> 00:04:08,470
There, I just don't have my confirm email default field.

90
00:04:08,470 --> 00:04:13,470
And I then have my signup function, my signup action,

91
00:04:14,010 --> 00:04:18,730
where I check if the user credentials are valid.

92
00:04:18,730 --> 00:04:23,730
I outsource this logic into a separate validation.js file.

93
00:04:24,070 --> 00:04:26,820
There, I inverted the logic.

94
00:04:26,820 --> 00:04:28,320
It's not a must-do,

95
00:04:28,320 --> 00:04:31,520
but it is often considered a better practice

96
00:04:31,520 --> 00:04:36,040
to write these validation function names in a positive way,

97
00:04:36,040 --> 00:04:39,930
so isValid instead of isNotValid,

98
00:04:39,930 --> 00:04:43,480
and therefore you then wanna return the appropriate result,

99
00:04:43,480 --> 00:04:46,140
but ultimately it's not a must-do.

100
00:04:46,140 --> 00:04:47,980
But here I inverted the logic,

101
00:04:47,980 --> 00:04:51,930
and I hence return true if the user credentials are valid,

102
00:04:51,930 --> 00:04:54,193
and I return false otherwise.

103
00:04:55,880 --> 00:05:00,550
In addition, back in the auth-controller,

104
00:05:00,550 --> 00:05:03,180
I'm using the result of this function call,

105
00:05:03,180 --> 00:05:06,200
and then I flash my error data to the session

106
00:05:06,200 --> 00:05:08,090
if I do have errors,

107
00:05:08,090 --> 00:05:10,780
and I define my action that should be performed

108
00:05:10,780 --> 00:05:14,450
after the data has been flashed onto a session.

109
00:05:14,450 --> 00:05:16,800
And then if we don't have an error,

110
00:05:16,800 --> 00:05:20,460
I continue by using my User model to create a new user

111
00:05:20,460 --> 00:05:23,070
with the entered email and password.

112
00:05:23,070 --> 00:05:25,190
I don't need to confirm password here

113
00:05:25,190 --> 00:05:27,990
because I only need that for validation.

114
00:05:27,990 --> 00:05:29,283
Here I'm using it.

115
00:05:30,400 --> 00:05:32,390
And when I create a new user,

116
00:05:32,390 --> 00:05:35,280
I then call that existsAlready utility method

117
00:05:35,280 --> 00:05:37,400
I showed you a couple of seconds ago,

118
00:05:37,400 --> 00:05:41,080
and I await this because it's a async method,

119
00:05:41,080 --> 00:05:42,820
and I use that in this if check

120
00:05:42,820 --> 00:05:46,890
to flash errors if we already have a user with that email.

121
00:05:46,890 --> 00:05:49,760
Otherwise, we proceed and we sign the user up,

122
00:05:49,760 --> 00:05:52,040
which means we store it in the database

123
00:05:52,040 --> 00:05:53,743
with the hashed password.

124
00:05:55,050 --> 00:05:58,100
Now, the login function is not too different,

125
00:05:58,100 --> 00:06:00,670
but there I start with creating a new user

126
00:06:00,670 --> 00:06:03,230
with the entered email and password.

127
00:06:03,230 --> 00:06:04,890
And I then call that function

128
00:06:04,890 --> 00:06:08,490
for getting an existing user with that email,

129
00:06:08,490 --> 00:06:11,840
and then I check if we don't have an existing user

130
00:06:11,840 --> 00:06:14,550
in which case I flash some errors.

131
00:06:14,550 --> 00:06:17,730
Otherwise, I continue and I call login

132
00:06:17,730 --> 00:06:21,910
which, as I showed you, internally then compares passwords,

133
00:06:21,910 --> 00:06:24,950
and hence I return the result of that comparison.

134
00:06:24,950 --> 00:06:28,320
And if it's not a success, I flash some errors.

135
00:06:28,320 --> 00:06:33,010
Otherwise, I continue, and then here I update my session

136
00:06:33,010 --> 00:06:36,790
with the isAuthenticated data and so on,

137
00:06:36,790 --> 00:06:39,463
and the logout function hasn't changed at all.

138
00:06:40,510 --> 00:06:42,630
Again, you could consider outsourcing

139
00:06:42,630 --> 00:06:44,410
the session changing logic

140
00:06:44,410 --> 00:06:47,490
into a separate utility file or function,

141
00:06:47,490 --> 00:06:49,480
but here I kept it in the controllers

142
00:06:49,480 --> 00:06:52,950
so that I don't change too much in one go.

143
00:06:52,950 --> 00:06:54,190
With that, however,

144
00:06:54,190 --> 00:06:56,933
everything still seems to work just fine.

145
00:07:00,090 --> 00:07:03,220
I get errors if I use incorrect credentials.

146
00:07:03,220 --> 00:07:05,740
And on the other hand, with correct credentials,

147
00:07:05,740 --> 00:07:10,410
I can log in and log out, and that all works.

148
00:07:10,410 --> 00:07:13,300
And therefore, that is some basic refactoring

149
00:07:13,300 --> 00:07:15,320
which we can use.

150
00:07:15,320 --> 00:07:17,720
We're also using the MVC pattern,

151
00:07:17,720 --> 00:07:21,240
and you hopefully see what the idea behind it is,

152
00:07:21,240 --> 00:07:26,240
that we group our database-related logic into such a model.

153
00:07:26,460 --> 00:07:30,330
And with that, we improved the structure of this project.

154
00:07:30,330 --> 00:07:32,010
And whilst this module therefore

155
00:07:32,010 --> 00:07:34,890
was a lot about moving things around

156
00:07:34,890 --> 00:07:37,720
and not about too many new features,

157
00:07:37,720 --> 00:07:40,840
this, as I mentioned at the beginning, is a vital part

158
00:07:40,840 --> 00:07:42,660
of being a developer.

159
00:07:42,660 --> 00:07:45,470
You need to be able to keep your code organized,

160
00:07:45,470 --> 00:07:48,320
and you will always refactor your code

161
00:07:48,320 --> 00:07:50,570
because you will never write the final code

162
00:07:50,570 --> 00:07:51,910
right from the start.

163
00:07:51,910 --> 00:07:55,070
Instead, you need to be willing to refactor your code,

164
00:07:55,070 --> 00:07:56,630
reorganize your code,

165
00:07:56,630 --> 00:07:59,143
and therefore ensure that it stays manageable.