1
00:00:00,510 --> 00:00:01,819
So all is nice.

2
00:00:01,830 --> 00:00:03,719
We send the cookie from the server.

3
00:00:03,870 --> 00:00:07,260
The browser is happy to send it back, but.

4
00:00:08,140 --> 00:00:09,820
How we can access on the server.

5
00:00:10,030 --> 00:00:17,500
Because again, this is the place where we actually check that docket and only if the token is valid,

6
00:00:17,710 --> 00:00:22,730
then the user can access the resources if it's invalid.

7
00:00:22,750 --> 00:00:27,280
Same like with our JSON response right away.

8
00:00:28,160 --> 00:00:30,350
Return a 401.

9
00:00:30,350 --> 00:00:30,800
Error.

10
00:00:31,430 --> 00:00:37,720
Now, this one is not a straightforward because we do need to install a extra package.

11
00:00:37,730 --> 00:00:39,530
So now let's take a look at the renaming.

12
00:00:39,920 --> 00:00:43,880
Notice we do need to install a package by the name of cookie parser.

13
00:00:43,910 --> 00:00:45,860
Again, this is happening on a server.

14
00:00:46,930 --> 00:00:48,850
And then this is going to be the command.

15
00:00:49,120 --> 00:00:51,460
We want to import that in the server.

16
00:00:51,460 --> 00:00:58,600
JS And somewhere where we have the middleware, we're going to go with cookie parser, we just invoke

17
00:00:58,600 --> 00:01:07,120
it and then we'll right away set up a log in the auth Jess, where I'll show you that just like with

18
00:01:07,120 --> 00:01:16,090
headers, we'll actually have access to all the cookies that we have set up in the log in register or

19
00:01:16,090 --> 00:01:18,670
any of the routes on the server.

20
00:01:18,730 --> 00:01:20,140
So let's try this one out.

21
00:01:20,970 --> 00:01:26,760
So first let me go to the terminal.

22
00:01:27,210 --> 00:01:28,250
I'll stop it here.

23
00:01:28,260 --> 00:01:29,220
I'll clear.

24
00:01:29,850 --> 00:01:30,260
Nope.

25
00:01:30,270 --> 00:01:31,320
I don't want to do that.

26
00:01:31,440 --> 00:01:34,500
And then let's go with NPM install.

27
00:01:35,000 --> 00:01:35,780
And.

28
00:01:36,700 --> 00:01:40,720
The library we're looking for is the cookie parser like so.

29
00:01:40,930 --> 00:01:42,400
So we installed this.

30
00:01:42,970 --> 00:01:47,890
Then we want to spin up again the project.

31
00:01:48,310 --> 00:01:52,750
And we want to import cookie parser in the server js.

32
00:01:52,960 --> 00:01:56,050
So let's navigate to server.

33
00:01:56,800 --> 00:01:57,730
Scroll up.

34
00:01:58,120 --> 00:02:01,050
And similar we have the imports for libraries.

35
00:02:01,060 --> 00:02:03,010
In my case, I'm going to do it right after.

36
00:02:03,870 --> 00:02:05,070
The security ones.

37
00:02:05,070 --> 00:02:06,540
We're going to go with import.

38
00:02:07,610 --> 00:02:10,490
Cookie and parser.

39
00:02:10,789 --> 00:02:12,610
And that is equal to from.

40
00:02:12,620 --> 00:02:16,550
And of course we're looking for the library cookie parser.

41
00:02:17,460 --> 00:02:18,750
Let's keep on scrolling.

42
00:02:19,020 --> 00:02:21,380
And then in my case, I'm going to do it right after Express.

43
00:02:21,450 --> 00:02:22,580
Jason, I'm going to go with that.

44
00:02:22,590 --> 00:02:23,520
That's huge.

45
00:02:23,730 --> 00:02:25,740
And we want to go with cookie parser.

46
00:02:25,770 --> 00:02:26,850
And we want to.

47
00:02:27,650 --> 00:02:28,610
Invoke it.

48
00:02:29,420 --> 00:02:32,660
Let's navigate to the middleware and let's test it out.

49
00:02:32,930 --> 00:02:35,450
So I'm going to go to Auth JS.

50
00:02:35,660 --> 00:02:39,770
And then remember, we're basically getting the request.

51
00:02:40,010 --> 00:02:45,170
And at the moment we're checking, Hey, is the authorization header present?

52
00:02:45,530 --> 00:02:50,240
And only if it's present, then of course we verify it and all that cool stuff.

53
00:02:51,310 --> 00:02:53,620
Now we want to check for the cookies.

54
00:02:53,770 --> 00:02:56,530
And again, in this video, simply log, we'll say.

55
00:02:56,560 --> 00:02:57,100
Correct.

56
00:02:57,820 --> 00:03:01,900
And we're looking for the cookies like so.

57
00:03:02,320 --> 00:03:03,400
So let's say that.

58
00:03:06,430 --> 00:03:12,520
Doesn't really matter which route you use again, because if the token is present, basically if the

59
00:03:12,520 --> 00:03:17,620
cookie is present, then browser will automatically send it back and case I have that.

60
00:03:17,620 --> 00:03:27,070
Susan User So let me refresh on the stats and if I go back to my server, I can see that I have the

61
00:03:27,100 --> 00:03:27,800
token.

62
00:03:27,820 --> 00:03:30,610
So this is what we're logging in the off.

63
00:03:30,640 --> 00:03:33,610
So we have the token here with the value.

64
00:03:34,290 --> 00:03:44,250
Now just to showcase that if, let's say the cookie expires, which I'm going to simulate by basically

65
00:03:44,250 --> 00:03:45,060
removing it.

66
00:03:45,480 --> 00:03:47,460
You'll notice that once I refresh.

67
00:03:48,490 --> 00:03:50,060
I actually have nothing here.

68
00:03:50,060 --> 00:03:52,250
So notice I have here the object.

69
00:03:52,250 --> 00:03:53,960
And that is equal to No.

70
00:03:54,380 --> 00:04:00,860
Again, this is just a showcase that yes, if the cookie is present, the browser will send it back.

71
00:04:00,860 --> 00:04:06,590
But once it expires, it will actually return empty object.

72
00:04:06,740 --> 00:04:08,510
So we'll have no cookies.

73
00:04:08,750 --> 00:04:14,720
And in the next video we'll set up the logic where we won't check for the authorization header anymore.

74
00:04:14,750 --> 00:04:16,640
We'll check for that token cookie.