1
00:00:00,240 --> 00:00:00,690
Beautiful.

2
00:00:00,970 --> 00:00:03,600
And once we have set up our postman.

3
00:00:04,570 --> 00:00:08,410
Now, let's continue and work on the authentication.

4
00:00:09,040 --> 00:00:14,290
So essentially, yes, we can log nicely the authorization horror, but what's next?

5
00:00:14,830 --> 00:00:22,600
Well, it's kind of similar to whatever we already have in the controller, where if a value is missing

6
00:00:22,930 --> 00:00:27,190
or maybe the password doesn't match, we do what we throw error.

7
00:00:27,670 --> 00:00:30,700
Now, in this case, we already have on authenticated error.

8
00:00:30,820 --> 00:00:34,810
Remember, we used that one in the log in one, so we can definitely import that.

9
00:00:35,650 --> 00:00:37,480
Just remember that we're looking for index.

10
00:00:38,470 --> 00:00:45,010
This is somewhat of a big gotcha when you're using the modules in code, and I'm talking about the six

11
00:00:45,010 --> 00:00:45,370
modules.

12
00:00:45,940 --> 00:00:47,860
And then let's start very slowly.

13
00:00:48,010 --> 00:00:55,660
So just baby steps where, yes, I have the header and I'll just check if the header is present, then

14
00:00:55,660 --> 00:00:59,560
beautiful, pass it on to the next middleware, in our case, the controller.

15
00:00:59,980 --> 00:01:01,480
However, if it's not present.

16
00:01:02,440 --> 00:01:04,810
Then we go with an authenticator.

17
00:01:05,120 --> 00:01:10,240
So this is the case where the error is not 400 or 404, so not phone.

18
00:01:10,480 --> 00:01:11,620
Actually, it is for.

19
00:01:12,670 --> 00:01:15,490
And if you remember that was on authorized.

20
00:01:16,090 --> 00:01:20,410
And as far as the message, I'm just going to go with authentication invalid.

21
00:01:20,740 --> 00:01:22,330
So let's get cracking.

22
00:01:22,900 --> 00:01:27,910
When I get off, Jess, I'm going to look for unauthenticated error.

23
00:01:28,420 --> 00:01:30,070
Yep, this is going to be the default setup.

24
00:01:30,070 --> 00:01:36,100
But remember, we need to go with Index Jess, and let's just set up a simple condition where I'm going

25
00:01:36,100 --> 00:01:40,660
to say if there is no authorization hotter than throw the error.

26
00:01:40,840 --> 00:01:50,410
So if no off error than let's go with throw new and then we're looking for an authenticated error.

27
00:01:50,740 --> 00:01:52,900
And let's just go with authentication.

28
00:01:53,890 --> 00:01:55,330
And invalid.

29
00:01:56,080 --> 00:02:01,870
So let's try this out right now as far as the postman, so I'm going to navigate back and I'm going

30
00:02:01,870 --> 00:02:05,860
to go update user now at the moment to have better talking and I have token set up.

31
00:02:06,200 --> 00:02:09,490
Now, if we want to double check that one, just log in one more time here.

32
00:02:10,360 --> 00:02:15,280
Everything is correct and not if we go update user, we should see the string.

33
00:02:15,640 --> 00:02:16,600
All of that is nice.

34
00:02:17,020 --> 00:02:23,140
Now if I go here where I have the authorization and if I'm just going to go to north, check it out.

35
00:02:24,010 --> 00:02:24,450
Now what?

36
00:02:24,480 --> 00:02:28,290
I you getting back for her one and then authentication.

37
00:02:28,690 --> 00:02:35,950
Again, this is the most basic setup in next video make way more complex functionality, but the general

38
00:02:35,950 --> 00:02:41,560
idea is going to be exactly the same where if the token is not provided, we send back for one, if

39
00:02:41,560 --> 00:02:48,130
everything is in place, then we pass it on to the next middle or in our case, the controller for the

40
00:02:48,130 --> 00:02:50,710
route that the user is trying to access.