1
00:00:00,270 --> 00:00:01,650
All right, so that's pretty cool.

2
00:00:01,770 --> 00:00:04,050
We now know how we can send a token.

3
00:00:04,660 --> 00:00:10,320
But I mean, it's going to be a bit of a pain if we'll have to do that manually to all routes.

4
00:00:10,860 --> 00:00:17,370
And just remember that it's not like you just need to set it up once, meaning every time you'll be

5
00:00:17,370 --> 00:00:20,010
testing something, you'll have to change our token.

6
00:00:20,010 --> 00:00:24,210
For example, if I log in with different user, token is going to be different.

7
00:00:24,810 --> 00:00:29,670
So if you're doing this manually, I mean, it's going to be a little bit like a headless chicken where

8
00:00:29,670 --> 00:00:33,900
you just need to run through all the routes and then the token value.

9
00:00:34,650 --> 00:00:35,850
Now what is the better approach?

10
00:00:36,270 --> 00:00:41,100
We take a look at the Redmi four register and log routes.

11
00:00:41,550 --> 00:00:49,920
We want to go with pests over here, so add that to the Redmi test with a capital.

12
00:00:50,160 --> 00:00:53,160
So in the test, we want to set up this code.

13
00:00:54,110 --> 00:00:59,690
Where we have this PM, meaning poached maneuverable and in there we can access the response.

14
00:00:59,870 --> 00:01:05,840
And essentially this is the response that we're sending back from the server and we want to go with

15
00:01:05,870 --> 00:01:06,470
Jason.

16
00:01:06,830 --> 00:01:08,870
And then we want to set up a global variable.

17
00:01:09,140 --> 00:01:10,820
Remember when we set up the URL?

18
00:01:11,300 --> 00:01:12,440
So this is similar.

19
00:01:12,590 --> 00:01:16,160
The only difference is that we are doing this programmatically or dynamically.

20
00:01:16,160 --> 00:01:17,180
How are you want to call them?

21
00:01:17,570 --> 00:01:24,710
So we go with this command Global's set, then the name my Marcus, I'm going to go with token.

22
00:01:24,920 --> 00:01:26,330
You can go access token.

23
00:01:26,570 --> 00:01:28,520
You can go with JWT, whatever you want.

24
00:01:28,910 --> 00:01:31,220
I'm Jason data.

25
00:01:31,700 --> 00:01:33,440
We're looking for Dot token.

26
00:01:33,830 --> 00:01:34,310
Why?

27
00:01:34,440 --> 00:01:38,750
Well, because that's how the response is structured from our end.

28
00:01:39,290 --> 00:01:43,490
So if the response is going to be structured differently, then of course you're looking for different

29
00:01:43,490 --> 00:01:43,820
value.

30
00:01:44,030 --> 00:01:45,470
This is very, very crucial.

31
00:01:45,740 --> 00:01:48,650
So we're going to go to controllers and let me just show us something.

32
00:01:49,100 --> 00:01:55,160
The reason why I go with Dot token is simply because when I'm sending this back, whether it's a registered

33
00:01:55,160 --> 00:01:59,150
login, I have my object and in there I have the token.

34
00:01:59,420 --> 00:02:05,120
That's a really, really important, and I'll discuss these ones once we have this setup in place.

35
00:02:05,450 --> 00:02:07,580
So let me navigate back to the postman.

36
00:02:07,910 --> 00:02:13,340
And first I'll just remove this authorization one so it can actually delete it if we want just so we

37
00:02:13,340 --> 00:02:16,250
can clearly see that everything is working, let's save it.

38
00:02:16,430 --> 00:02:22,670
Let's quickly tested out what we have over here and notice, and now I have this undefined as far as

39
00:02:22,670 --> 00:02:25,580
the authorization header, and you're not in this case.

40
00:02:26,000 --> 00:02:29,890
Well, actually going to go back to the fourth one and we don't need to.

41
00:02:30,260 --> 00:02:35,780
I mean, it's pretty clear what's happening and I'm also not going to log what I'm interested is just

42
00:02:35,780 --> 00:02:36,530
this author.

43
00:02:36,770 --> 00:02:39,920
And at the moment, I can clearly see that it is undefined.

44
00:02:40,030 --> 00:02:41,990
I won't because we're not passing it correct.

45
00:02:42,320 --> 00:02:44,300
Now, how do we set this up programmatically?

46
00:02:44,660 --> 00:02:51,290
Well, let's start here with registry user and then we'll do the same thing in logging in when we go

47
00:02:51,290 --> 00:02:56,060
to the test and then we want to go with Konst and then JSON data.

48
00:02:56,510 --> 00:03:01,430
So whatever response we're getting back again p.m. That's going to be the global variable.

49
00:03:01,700 --> 00:03:04,390
And then we're looking for a response.

50
00:03:04,400 --> 00:03:06,260
So that is going to be the response.

51
00:03:06,260 --> 00:03:11,690
We're getting back from the server out and then we run a run of each someone, we invoke it.

52
00:03:12,080 --> 00:03:19,100
And now let's right away set up that global variable and notice that even right away, give you a code

53
00:03:19,100 --> 00:03:19,430
snippet.

54
00:03:19,910 --> 00:03:22,970
And as a quick sign out if you're using environment.

55
00:03:23,000 --> 00:03:28,430
The only difference is that you need to go with set an environment variable instead of global one.

56
00:03:28,550 --> 00:03:34,390
Now, since my setup is global, that's why I went with the set global variable instead.

57
00:03:34,760 --> 00:03:40,100
And then we go with Palm Global's set and what is going to be the name my cash.

58
00:03:40,130 --> 00:03:44,810
I think I'm going to go with the token thing that makes more sense.

59
00:03:45,380 --> 00:03:49,100
And as far as the value, well, now I want to access the response.

60
00:03:49,220 --> 00:03:57,380
So Jason there and like I said, we go with dot and token, and once we have this one in place, let's

61
00:03:57,380 --> 00:03:58,070
save it.

62
00:03:58,580 --> 00:04:04,330
And what we're looking for in the update user is not the manual approach, but instead we'll look for

63
00:04:04,340 --> 00:04:04,940
different app.

64
00:04:05,330 --> 00:04:09,980
Now, before we continue, since this is a register and I don't want to remove the user, I mean, I

65
00:04:09,980 --> 00:04:15,560
know that this code is correct, but since I don't want to bother with that whole song and dance, I'm

66
00:04:15,560 --> 00:04:18,709
going to grab the code and I'll add it in, log in as well.

67
00:04:18,829 --> 00:04:23,450
And when we'll be testing, we'll be testing with log in because I do agree that each and every time

68
00:04:23,450 --> 00:04:27,350
me deleting the user, I mean, it can get annoying, pretty fast.

69
00:04:27,740 --> 00:04:31,370
So let me navigate to the tests in the login copy and paste.

70
00:04:31,610 --> 00:04:32,990
And now let's send it.

71
00:04:33,290 --> 00:04:34,580
So we send it over here.

72
00:04:34,820 --> 00:04:40,940
We set up that global variable and what you notice about in any of the routes where you want to use

73
00:04:40,940 --> 00:04:41,120
it.

74
00:04:41,390 --> 00:04:46,040
Instead of doing the manual approach, you go for authorization by default is going to be this one.

75
00:04:46,280 --> 00:04:51,800
Inherit off when we want to go with bearer token and notice the value right away.

76
00:04:52,010 --> 00:04:54,110
Now if you don't, of course, add this manually.

77
00:04:54,470 --> 00:05:00,530
So we'll go here with two curlies and then the name of the variable, which in my case is token.

78
00:05:00,890 --> 00:05:08,420
And also, yes, we can see that we're here once we have successful register or login event of this,

79
00:05:08,420 --> 00:05:14,270
one will be added to our Global's nav means that each and every time we log in with a different user,

80
00:05:14,480 --> 00:05:16,890
well, we'll also set this one automatically.

81
00:05:17,330 --> 00:05:21,320
So now every time we use the update user, it will use that latest token.

82
00:05:21,620 --> 00:05:22,730
Hopefully, that is clear.

83
00:05:22,940 --> 00:05:26,420
And now, once I save it over here as well, I send it.

84
00:05:26,690 --> 00:05:32,630
You'll notice that back on a server again, we have that token and now quickly add to the rest of the

85
00:05:32,630 --> 00:05:37,520
route, so I don't need to worry about it for the remainder of the project.

86
00:05:37,640 --> 00:05:40,400
So let me go to create job and I'll do the same thing.

87
00:05:40,730 --> 00:05:43,730
Essentially, it will go with their token and with passion token.

88
00:05:43,730 --> 00:05:49,280
Let's send right away and I'll test them at the very end, just so I can see whether I have some weird

89
00:05:49,400 --> 00:05:50,960
typos or bugs or whatever.

90
00:05:51,290 --> 00:05:53,090
But pretty much for all of them wounded.

91
00:05:53,210 --> 00:06:00,470
Set up authorisation per token, let's send it, and we also have one for update jump as well as the

92
00:06:00,470 --> 00:06:00,980
lead drum.

93
00:06:01,280 --> 00:06:04,220
So all of these routes are going to be protected.

94
00:06:04,520 --> 00:06:07,820
So let's go here and bear token and then let's send.

95
00:06:08,360 --> 00:06:16,100
And once I go back to my server, you should see all of the accounts, and for all of them, you should

96
00:06:16,100 --> 00:06:16,820
see the token.

97
00:06:17,180 --> 00:06:20,810
And if that's the case, now, I can move on to the next step.

98
00:06:21,140 --> 00:06:28,160
Where in the off the middleware, we'll check for those values and then, depending on those values,

99
00:06:28,160 --> 00:06:36,530
will either pass along our request to the next controllers with already user on the request object or

100
00:06:36,560 --> 00:06:37,670
will send back the.