1
00:00:00,110 --> 00:00:00,470
All right.

2
00:00:00,470 --> 00:00:04,640
And once we can verify whether the cookie is present.

3
00:00:04,670 --> 00:00:08,620
Up next, we want to verify the JWT as well.

4
00:00:09,170 --> 00:00:15,470
If the JWT is present, then also we want to get the data.

5
00:00:15,500 --> 00:00:17,420
Now, what data am I talking about?

6
00:00:17,420 --> 00:00:25,130
Again, let's go back to auth controller and let's remember that when we create JWT, these are the

7
00:00:25,130 --> 00:00:29,120
values that I'm passing in and this is exactly what I want to get back.

8
00:00:29,150 --> 00:00:29,720
Why?

9
00:00:29,720 --> 00:00:35,480
Well, because we'll attach this user to request and then of course we can create specific job with

10
00:00:35,480 --> 00:00:40,040
user ID and also eventually we'll use this role as well.

11
00:00:40,070 --> 00:00:46,790
And what's really cool with the library, there is actually a verify method that we can use and essentially

12
00:00:46,790 --> 00:00:48,860
we just need to provide the token.

13
00:00:49,850 --> 00:00:57,320
And also we want to provide the secret we use in order to create the JWT.

14
00:00:57,590 --> 00:01:01,010
So first of all, let's navigate to the utils.

15
00:01:01,830 --> 00:01:04,650
And here remember we have token utils.

16
00:01:04,650 --> 00:01:12,690
So at the moment we are creating JWT and since we're already familiar with the setup, let's verify

17
00:01:12,690 --> 00:01:14,100
the token as well.

18
00:01:14,310 --> 00:01:18,150
We'll right away export and I'm going to call this verify.

19
00:01:18,870 --> 00:01:26,370
Then JWT and in here I'll pass in the token basically a JWT that I'm getting back from the cookie.

20
00:01:26,610 --> 00:01:29,880
And as far as the functionality, let's come up with a variable.

21
00:01:29,880 --> 00:01:32,340
In my case, I'm going to call this decoded.

22
00:01:32,370 --> 00:01:34,540
So essentially this is the result.

23
00:01:34,560 --> 00:01:42,060
This is the payload we sent over here and this is what we're going to get back when we run JWT again,

24
00:01:42,060 --> 00:01:43,020
the library.

25
00:01:43,020 --> 00:01:45,710
And then the method name, like I said, is verify.

26
00:01:45,720 --> 00:01:47,610
And it's looking for two things.

27
00:01:47,610 --> 00:01:54,180
It's looking for a token and it's also looking for process dot env.

28
00:01:54,540 --> 00:02:01,890
Essentially the secret string which we use in order to create the JWT.

29
00:02:02,370 --> 00:02:06,210
And at the very end we just want to return the decoded.

30
00:02:06,240 --> 00:02:07,470
Let's save it.

31
00:02:07,500 --> 00:02:10,770
Now we want to navigate to auth middleware.

32
00:02:12,200 --> 00:02:19,100
Over here and right between the next and the token I want to set up, try and catch.

33
00:02:19,100 --> 00:02:29,000
So if the token cookie is present, I want to verify whether the JWT is valid and if everything is good,

34
00:02:29,030 --> 00:02:35,360
then I want to grab the user ID and role because those are the two things I passed in the payload.

35
00:02:35,360 --> 00:02:40,280
So first let's set up, try and catch and I'll actually move this next up.

36
00:02:40,430 --> 00:02:48,320
So only if everything is great then I want to move on to the next middleware, basically to our controller.

37
00:02:48,320 --> 00:02:50,900
If not, here's what we're going to do.

38
00:02:50,930 --> 00:02:52,310
Same deal.

39
00:02:52,310 --> 00:02:53,510
I'll say, You know what?

40
00:02:54,530 --> 00:02:57,440
The authentication is invalid.

41
00:02:57,470 --> 00:03:00,770
There's something off with the JWT.

42
00:03:01,070 --> 00:03:04,820
Now, as far as the result, our right away or you know what?

43
00:03:04,880 --> 00:03:05,990
Let me log it.

44
00:03:05,990 --> 00:03:07,220
I think it's going to be easier.

45
00:03:07,220 --> 00:03:09,050
For now, I'll just call this data.

46
00:03:09,350 --> 00:03:12,020
But essentially, this is our payload.

47
00:03:12,910 --> 00:03:15,430
And we want to go verify JWT.

48
00:03:15,460 --> 00:03:19,750
Remember, it's looking for one thing and one thing only, the token.

49
00:03:19,750 --> 00:03:24,220
And like I said, eventually we'll add it to the request.

50
00:03:24,310 --> 00:03:27,640
For now, let's just go with log.

51
00:03:27,820 --> 00:03:28,990
And you know what?

52
00:03:29,560 --> 00:03:31,360
It's actually a user, so.

53
00:03:32,540 --> 00:03:33,440
Let's be precise.

54
00:03:33,440 --> 00:03:34,700
I'm going to go with user.

55
00:03:34,790 --> 00:03:38,000
So let's navigate back again to our get all jobs.

56
00:03:38,000 --> 00:03:40,400
Let's send it and check it out.

57
00:03:40,640 --> 00:03:45,740
Since the cookie is present, since the token is valid, what do you know?

58
00:03:45,740 --> 00:03:53,180
I have user ID which essentially matches the user ID of John and I also have the admin.

59
00:03:53,180 --> 00:03:56,150
And what's super, super, super, super awesome.

60
00:03:56,150 --> 00:03:58,970
We can attach these values to the request.

61
00:03:59,590 --> 00:04:03,400
So then in the upcoming controllers, we can use them.

62
00:04:03,400 --> 00:04:05,180
So how is that going to look like?

63
00:04:05,200 --> 00:04:11,830
Well, in here, like I said, I'm going to destructure both of them and I'll create a new property

64
00:04:11,830 --> 00:04:14,270
on the request object.

65
00:04:14,290 --> 00:04:20,230
So for starters, let's just go over here and say user ID, so I'll destructure it.

66
00:04:20,260 --> 00:04:22,660
Then also let's grab the role.

67
00:04:22,660 --> 00:04:29,980
And when it comes to request, I'm going to create a new object, a new property, which is going to

68
00:04:29,980 --> 00:04:30,820
be an object.

69
00:04:31,210 --> 00:04:38,080
First value user ID, second one role, and then we'll pass it on to the next controller.

70
00:04:38,080 --> 00:04:41,740
So now let's navigate to pum pum pum pum pum.

71
00:04:41,740 --> 00:04:48,610
Job controller and same deal since we're working with Get all jobs again, we just want to log.

72
00:04:49,000 --> 00:04:53,500
And more specifically, we want to look for req dot user.

73
00:04:53,500 --> 00:04:55,200
So now let's check it out.

74
00:04:55,210 --> 00:04:59,530
We're going to go to get all jobs and if everything is correct.

75
00:05:00,570 --> 00:05:05,700
We'll be able to see the user object we just created.

76
00:05:05,820 --> 00:05:10,590
Actually in the console, which again is super, super awesome.

77
00:05:10,590 --> 00:05:17,370
And as a result, we now have restricted access to the job routes.

78
00:05:17,370 --> 00:05:25,530
So we restrict the access if the cookie is not present or the JWT is not valid.

79
00:05:25,560 --> 00:05:34,740
However, if everything is fine, then we actually attach the user from the JWT to our request, which

80
00:05:34,740 --> 00:05:38,970
will allow us to set up the upcoming functionality.

81
00:05:38,970 --> 00:05:47,580
And this user object is going to be available in all of the controllers which have this authenticate

82
00:05:47,610 --> 00:05:50,840
user middleware sitting in front.

83
00:05:50,850 --> 00:05:55,260
And of course, in our case, those are all the job controllers.