1
00:00:00,210 --> 00:00:04,800
Not bad and bad once we have taken care of the unauthenticated error.

2
00:00:05,280 --> 00:00:11,790
Next, I want to set up another instance method basically the one that is going to be on our user ID

3
00:00:11,790 --> 00:00:15,390
document and the name is going to be compare password then.

4
00:00:15,420 --> 00:00:20,460
Let me go back to my controller and showcase that check for the user.

5
00:00:21,150 --> 00:00:25,890
If the user doesn't exist, then we throw invalid credentials before anyone.

6
00:00:26,250 --> 00:00:32,400
But then if the user exists with such email, then I also want to compare the password.

7
00:00:33,180 --> 00:00:40,200
So the password that is coming in with a password that is in my database and look at using the instant

8
00:00:40,200 --> 00:00:42,990
method by the name of CP. password.

9
00:00:43,620 --> 00:00:49,320
Now, instead of the function body will use be CryptoCompare, which returns a promise.

10
00:00:49,320 --> 00:00:52,590
That's why we go here with 08 and then we're set up here, I think.

11
00:00:52,620 --> 00:00:55,920
Notice how this one is looking for candidate password again.

12
00:00:56,090 --> 00:01:01,440
I already said this 20000 times, but this is the one available in our request body.

13
00:01:01,500 --> 00:01:07,170
So this is coming in with a request and we're checking against the one that we have in our database.

14
00:01:07,470 --> 00:01:11,190
Now, one important thing to mention there is no one hashing going on.

15
00:01:11,640 --> 00:01:12,930
Hashing is a one way street.

16
00:01:13,230 --> 00:01:17,100
Once we hash the password storing database, that's how it's going to sit there.

17
00:01:17,430 --> 00:01:19,410
What's happening here under the hood?

18
00:01:19,500 --> 00:01:20,130
Be curbed?

19
00:01:20,130 --> 00:01:20,610
Yes.

20
00:01:21,030 --> 00:01:21,810
How is the method?

21
00:01:21,810 --> 00:01:29,850
Compare where we provide the password and then essentially it sets up that hash value again and compares

22
00:01:29,850 --> 00:01:30,840
whether they match.

23
00:01:31,350 --> 00:01:33,300
That's the overall idea.

24
00:01:33,660 --> 00:01:36,840
And in order to set everything up, we need to go to a user.

25
00:01:37,110 --> 00:01:43,260
Let's keep on moving online all the way here after the Create JWT.

26
00:01:43,830 --> 00:01:49,800
I also want to set up my function, my instant method by the name of comparer password.

27
00:01:50,160 --> 00:01:51,960
So let's get cracking.

28
00:01:51,960 --> 00:01:56,460
We're going to go with user schema and we're looking for methods more specifically.

29
00:01:56,640 --> 00:01:59,280
Let's come up with the name and maker's mark.

30
00:01:59,280 --> 00:02:04,080
I keep saying it's going to be a competitive password, but you can always go with vegan food truck.

31
00:02:04,350 --> 00:02:08,539
I mean, functionality is going to be exactly the same in and here.

32
00:02:08,550 --> 00:02:14,890
Let's go for candi date password online instead of the function body.

33
00:02:15,030 --> 00:02:18,930
We're going to go with Konst is match is equal to weight.

34
00:02:19,230 --> 00:02:21,620
So this returns a promise online.

35
00:02:21,630 --> 00:02:27,720
Let's go with our script when the method name is compare and then we want to pass in the candidate password

36
00:02:27,720 --> 00:02:30,120
and then there's that password.

37
00:02:30,960 --> 00:02:35,340
And once we have all of this in place, let's go with return and is a match.

38
00:02:35,490 --> 00:02:40,470
So if this is true, that means that passwords match.

39
00:02:40,980 --> 00:02:42,720
So that means that we can send back the token.

40
00:02:43,050 --> 00:02:47,880
If not, it's going to be false and then we throw another four or one error.

41
00:02:48,210 --> 00:02:53,190
So that's how we can set up compare password as a instance method.