1
00:00:00,120 --> 00:00:00,690
Great news.

2
00:00:00,720 --> 00:00:03,750
We're pretty much done with our handling now.

3
00:00:03,990 --> 00:00:07,560
We will add a few small things later, but there will be minor.

4
00:00:07,710 --> 00:00:08,700
So congrats.

5
00:00:09,150 --> 00:00:16,140
If you're still awake and eager to continue on one tiny thing, I want to mention that before we start

6
00:00:16,140 --> 00:00:23,940
hashing the passwords in the error handler middleware instead of logging the message, I'm going to

7
00:00:23,940 --> 00:00:27,240
go with an entire era just so we can see in the console.

8
00:00:27,570 --> 00:00:30,600
If there is an error online, let's keep on scrolling.

9
00:00:30,900 --> 00:00:32,490
I'll remove this line of code.

10
00:00:32,850 --> 00:00:39,870
At this point, it's useless where essentially if there is an error, I will send back the default error

11
00:00:40,140 --> 00:00:41,100
and the message.

12
00:00:41,100 --> 00:00:48,000
Property, of course, is coming from this object over here and I'll start hashing the passwords.

13
00:00:48,000 --> 00:00:54,660
So I'll open up the read me because we have quite a few steps over here.

14
00:00:55,230 --> 00:00:58,490
And then let's just take a look at our problem more at the moment.

15
00:00:58,860 --> 00:01:01,740
My first great, we have our collection for users.

16
00:01:02,780 --> 00:01:09,290
We're saving the users every time the proper values are provided, but I mean, this is unacceptable.

17
00:01:09,530 --> 00:01:17,510
You never, ever, ever want to save passwords, strengths because if your database gets compromised,

18
00:01:18,050 --> 00:01:21,310
van attacker pretty much gets all the values.

19
00:01:21,680 --> 00:01:29,030
And not only that, usually the users use the same password for everything, so a better approach is

20
00:01:29,030 --> 00:01:31,400
actually to hash our passwords.

21
00:01:31,820 --> 00:01:35,370
So before we save it in database, we ask them now.

22
00:01:35,690 --> 00:01:38,870
One thing we need to remember hashing is a one way street.

23
00:01:39,260 --> 00:01:39,830
That's it.

24
00:01:40,330 --> 00:01:42,890
Once you hash it, it's not like you can unnasch it.

25
00:01:43,220 --> 00:01:47,660
You can only compare hash values, which we're going to do when we log in.

26
00:01:47,780 --> 00:01:51,320
So when we register, we hash the password, we serve it in a database.

27
00:01:51,590 --> 00:01:56,390
And then when the user is trying to log in, then we just compare the hash values.

28
00:01:56,810 --> 00:02:01,670
And in order to set it up, we'll use this library be crypt digits.

29
00:02:01,670 --> 00:02:03,110
Again, this is very, very important.

30
00:02:03,500 --> 00:02:08,150
It is Bikram, just not just be crypt, but before we start setting everything up.

31
00:02:08,539 --> 00:02:15,230
I actually want to go over the Mongoose middleware because this is the place where we will hash the

32
00:02:15,230 --> 00:02:15,740
password.

33
00:02:16,920 --> 00:02:18,900
And here I did leave a link.

34
00:02:19,230 --> 00:02:21,030
So you want to follow the link?

35
00:02:21,180 --> 00:02:26,760
Just click on it and you'll navigate here, and we can clearly read the matter, which has a middleware.

36
00:02:27,120 --> 00:02:36,540
It's also called pre and post hooks, and you can think of this as a way for us to do something before

37
00:02:36,540 --> 00:02:38,280
or after we save the document.

38
00:02:38,550 --> 00:02:40,800
And we have a bunch of options out here.

39
00:02:40,800 --> 00:02:45,210
As you can see here, we can validate, save and I'm not going to read all of them.

40
00:02:45,660 --> 00:02:51,030
And the code is going to look something like this where we have the schema in our case, and that is

41
00:02:51,030 --> 00:02:52,260
going to be the user's schema.

42
00:02:52,810 --> 00:02:56,720
And then in this example, they go with pre and unsaved.

43
00:02:57,260 --> 00:03:04,440
So we will do some functionality before we save document in our case, hashing the password.

44
00:03:04,890 --> 00:03:08,520
And then the second argument here is the function.

45
00:03:09,150 --> 00:03:15,750
So we're passing the callback function, and here it's important that we use the good old function keyword

46
00:03:16,020 --> 00:03:23,490
because inside of the function body, we'll use this target document created by our schema in our case

47
00:03:23,760 --> 00:03:24,510
user schema.

48
00:03:24,750 --> 00:03:27,240
So our user document.

49
00:03:28,190 --> 00:03:30,680
And if you lose our function, it's not going to work.

50
00:03:31,100 --> 00:03:37,880
And then there's also a next which we pass on to the next minute or so, just like with express words,

51
00:03:38,300 --> 00:03:40,190
we want to pass it on to the next middleware.

52
00:03:40,550 --> 00:03:43,160
Otherwise basically, we'll just get stuck over here.

53
00:03:43,550 --> 00:03:51,020
Now there is a tiny exception where in Mongoose five, instead of calling next manually, you're going

54
00:03:51,020 --> 00:03:57,470
to use a function that returns a promise basically async away, which is actually going to be our case

55
00:03:57,470 --> 00:04:03,220
because the library that we're going to use the B script just and yes, I'm going to be annoying.

56
00:04:03,230 --> 00:04:04,700
Keep repeating the jazz.

57
00:04:05,000 --> 00:04:10,130
Otherwise, someone might install the other library and then the functionality is not going to work.

58
00:04:10,310 --> 00:04:16,670
But back to my point in the library, the functions we're going to use are async anyway.

59
00:04:16,970 --> 00:04:18,980
So eventually this function will be async.

60
00:04:19,250 --> 00:04:22,640
But I just want to showcase how the next year is going to work.

61
00:04:23,240 --> 00:04:28,490
And also, before we start setting up everything in the user scheme, I do want to mention that when

62
00:04:28,490 --> 00:04:33,080
it comes to register, yes, it's going to be a little bit annoying where at least in my case, I will

63
00:04:33,080 --> 00:04:37,790
keep on removing the users so that way I can just keep on using the John.

64
00:04:38,120 --> 00:04:42,920
I don't want to add 20 users and then each and every time I want a registered user, I need to come

65
00:04:42,920 --> 00:04:44,240
up with those unique.

66
00:04:44,870 --> 00:04:48,230
Not a big deal, but in my case, I always just prefer removing.

67
00:04:48,290 --> 00:04:50,780
Keep in mind that it is only for registering.

68
00:04:50,930 --> 00:04:56,000
And then once we start setting the rest of the functionality, it's not going to be the case.

69
00:04:56,810 --> 00:04:57,980
So what do we want to do now?

70
00:04:58,460 --> 00:05:04,570
Well, we want you well, in my case, what I want is pretty much to remove all the tabs here close

71
00:05:04,590 --> 00:05:08,690
to everything, and then I'm going to be looking for the model user.

72
00:05:09,080 --> 00:05:11,990
And in here, we want to scroll all the way to the bottom.

73
00:05:12,620 --> 00:05:21,090
And in order to set up the middleware, we're going to go with user schema of one pre show before and

74
00:05:21,090 --> 00:05:22,820
in our case, we're going to go with save.

75
00:05:23,180 --> 00:05:28,340
So before we save the document, we want to run some kind of functionality.

76
00:05:28,340 --> 00:05:35,960
And again, you have branch and bunch of options over here, and I'm not going to cover each and every

77
00:05:35,960 --> 00:05:36,590
one of them.

78
00:05:37,010 --> 00:05:44,750
But one important thing that I do want to mention that this will get trigger in our case in two instances.

79
00:05:45,050 --> 00:05:53,240
So in the off controller notice over here, how we create the user using Dart Create and then later

80
00:05:53,630 --> 00:05:57,890
in the update user, what we're going to do, we're going to create this user instance.

81
00:05:58,200 --> 00:06:03,770
Again, the moment probably won't make sense, but eventually we will create that user instance and

82
00:06:03,770 --> 00:06:05,990
then we can always use dart save.

83
00:06:06,350 --> 00:06:11,810
And if that's the case, will also trigger that hook, that middleware.

84
00:06:12,200 --> 00:06:21,830
But if, for example, you go here with user and then find one and update that is not going to trigger

85
00:06:22,100 --> 00:06:23,000
off the hook.

86
00:06:23,850 --> 00:06:30,810
And this is very, very important part, because knowing this will help you avoid chasing a bug that

87
00:06:30,810 --> 00:06:31,830
actually doesn't exist.

88
00:06:32,160 --> 00:06:33,510
So again, very, very important.

89
00:06:33,750 --> 00:06:42,630
Yes, this is a hook that gets called before we say the document, but not every method is going to

90
00:06:42,630 --> 00:06:43,110
trigger it.

91
00:06:43,470 --> 00:06:48,450
And again, I'll talk about this once we get to update user, but this is something that I wanted to

92
00:06:48,450 --> 00:06:50,610
mention right from the get go.

93
00:06:50,910 --> 00:06:56,940
So let's say this one online back in the user, why do we want to do we want to pass in the callback

94
00:06:56,940 --> 00:06:57,330
function?

95
00:06:57,600 --> 00:07:00,210
And again, we want to go with good old function here.

96
00:07:00,510 --> 00:07:04,860
So the function with the function keyword and for the time being, here's what I want to do.

97
00:07:05,190 --> 00:07:12,420
I want to go with log and let's just log this dot and password and a quick update, as you'll see in

98
00:07:12,420 --> 00:07:12,960
a second.

99
00:07:13,460 --> 00:07:18,620
It looks like, at least in my case, the request is being passed on to the next model anyway.

100
00:07:18,960 --> 00:07:25,320
Basically, without calling next part, if it's not the case in your setup, remember about the next

101
00:07:25,320 --> 00:07:28,110
parameter and the fact that you need to invoke it.

102
00:07:28,620 --> 00:07:32,790
With that said, in next video, we will make this function async anyway.

103
00:07:33,360 --> 00:07:37,470
And at that point, like they're mentioned and docked, it will work regardless.

104
00:07:37,860 --> 00:07:40,420
So let me navigate back to my post, man.

105
00:07:41,170 --> 00:07:48,630
And in that case, I'm going to go with John, and I just want to see whether I'm getting back that

106
00:07:48,630 --> 00:07:49,020
value.

107
00:07:49,380 --> 00:07:51,000
And as you can see, I am.

108
00:07:51,210 --> 00:07:53,430
So I get back to John over here.

109
00:07:53,820 --> 00:07:58,530
And then when it comes to the console, I can clearly see the secret.

110
00:07:58,950 --> 00:08:04,770
And once we know how the middleware works, now let's implement harsh password functionality.