WEBVTT

1
00:01.010 --> 00:02.570
Hi everyone.

2
00:02.570 --> 00:05.810
Let's go to with the.

3
00:06.110 --> 00:13.370
NestJS fundamental and core concept of NestJS.

4
00:14.240 --> 00:18.170
Okay this here will be guard.

5
00:18.410 --> 00:23.270
This is very important concept inside NestJS.

6
00:23.570 --> 00:26.300
And the guard is also the class.

7
00:26.630 --> 00:36.260
And this will be a dependency injection class which implement the something called CanActive interface.

8
00:36.530 --> 00:38.540
Now you can see the guard right here.

9
00:39.200 --> 00:39.800
Okay.

10
00:41.120 --> 00:44.480
It will protect the route handler.

11
00:46.790 --> 00:51.500
Let me let me show you something like this, actually the guard.

12
00:51.890 --> 00:56.090
We have a single responsibility okay.

13
00:56.150 --> 01:05.150
This will determine the request will be handled by router or not okay.

14
01:05.180 --> 01:08.240
This is the whole purpose of the guard.

15
01:11.120 --> 01:15.770
And we usually use in the authorization.

16
01:16.160 --> 01:16.760
Okay.

17
01:17.780 --> 01:32.210
Now we if you already know the express.js, in the NestJS  sorry, in the express.js, we normally

18
01:32.210 --> 01:38.510
use the middleware to handle the authentication or authorization.

19
01:38.540 --> 01:39.020
Right?

20
01:39.380 --> 01:50.870
But NestJS we will use the guard because it will follow the single responsibility concept one class only.

21
01:52.670 --> 01:59.180
Only responsible for one purpose, and the purpose of the guard

22
02:00.230 --> 02:06.350
It will handle it will determine okay the route handler.

23
02:09.030 --> 02:18.180
Now you can see, you can read more about the detail inside the document, it say the middleware, by

24
02:18.180 --> 02:19.770
the nature, it's dump.

25
02:20.070 --> 02:20.550
Okay.

26
02:20.850 --> 02:21.960
Very fun.

27
02:21.960 --> 02:22.650
Right?

28
02:25.170 --> 02:29.670
And with middleware, it doesn't know the which.

29
02:30.630 --> 02:32.850
It means let me summarize.

30
02:33.090 --> 02:40.590
When we call the next function in the middleware, it doesn't know okay.

31
02:40.620 --> 02:44.250
It doesn't know which handler will be executed

32
02:45.180 --> 02:45.570
Okay.

33
02:45.600 --> 02:48.570
After we go to next it doesn't know anything.

34
02:49.590 --> 02:53.580
But with the guard it has an execution context.

35
02:54.390 --> 02:54.810
Okay.

36
02:54.840 --> 02:59.640
It means it's more powerful than the middleware a little bit.

37
03:01.290 --> 03:02.280
Now that enough.

38
03:02.370 --> 03:07.650
Let me show you how we can create a guard inside the NestJS.

39
03:09.150 --> 03:10.980
Inside the guard, right

40
03:10.980 --> 03:15.300
Here I will create one more folder call guards

41
03:16.230 --> 03:21.720
And again, you don't need to remember that code

42
03:21.990 --> 03:22.470
Okay.

43
03:23.130 --> 03:26.970
This is just the common code from Nestjs.

44
03:27.000 --> 03:30.990
And it's already provided by documentation.

45
03:31.710 --> 03:33.000
You doesn't know.

46
03:33.180 --> 03:37.470
Doesn't need to know what's in the code.

47
03:38.100 --> 03:41.850
Okay, let me copy everything over here.

48
03:41.850 --> 03:48.090
And I will create auth.guard.ts and paste everything right here.

49
03:48.900 --> 03:50.940
And now it have a validate request.

50
03:53.520 --> 03:55.260
Right now I will return true

51
03:55.860 --> 03:59.520
Now you can see it will return a boolean or promise.

52
03:59.940 --> 04:00.450
Boolean.

53
04:00.930 --> 04:01.200
Uh.

54
04:01.200 --> 04:02.010
Observable.

55
04:02.010 --> 04:02.520
Boolean.

56
04:03.330 --> 04:10.740
And the reason because promise Boolean right here, it can be used by async function.

57
04:10.770 --> 04:11.160
Right.

58
04:11.190 --> 04:14.110
For example if this is an async function.

59
04:17.350 --> 04:18.190
Sorry for that.

60
04:19.330 --> 04:23.410
Let me see if I use async function right here.

61
04:26.560 --> 04:31.690
Oh, because if I use the async function, it clearly returns the promise.

62
04:31.720 --> 04:32.170
Okay.

63
04:32.170 --> 04:35.950
It doesn't have any idea to return another.

64
04:37.120 --> 04:37.750
Okay.

65
04:37.990 --> 04:46.360
But anyway you canActive right here this will be return a boolean or the promise or the observable boolean.

66
04:47.020 --> 04:51.670
Right now we will not focus inside the observable boolean.

67
04:54.670 --> 04:58.660
Now, why this here returns a boolean.

68
04:58.900 --> 05:00.880
Let me read more about that.

69
05:01.660 --> 05:06.610
Now you can see, if it returns a true, the request will be processed.

70
05:07.060 --> 05:10.390
If return false, it will deny the request.

71
05:11.380 --> 05:14.050
Let me show you how it can be used.

72
05:16.480 --> 05:25.420
For example, I can use the @UseGuard inside the controller or we can use something like this.

73
05:26.800 --> 05:34.870
Okay, we can mark the class or the instance of class, or we can use global.

74
05:38.920 --> 05:43.180
Or something like here, I will discuss this syntax later.

75
05:47.500 --> 05:49.210
refactor.

76
05:52.660 --> 05:53.080
Okay.

77
05:53.110 --> 05:57.280
Anyway let me scroll up a little bit.

78
05:58.210 --> 06:06.370
So here, in order to use a "guard" we usually use the decorator will be "@UseGuard" right here.

79
06:08.140 --> 06:13.870
If I go to the post controller and I will use the controller @UseGuard

80
06:15.220 --> 06:21.200
I will pass the "AuthGuard" my guards

81
06:21.620 --> 06:28.460
Insde here, let's see, because this returns true, it will process, right?

82
06:28.490 --> 06:30.500
It means this will work.

83
06:30.500 --> 06:33.380
But if I return false.

84
06:36.080 --> 06:36.920
It doesn't work.

85
06:36.920 --> 06:37.430
Right.

86
06:37.430 --> 06:39.680
So this is the idea.

87
06:39.920 --> 06:55.970
Later I will check if the current user is admin, I will allow it will be delete some

88
06:55.970 --> 06:57.440
post or something like this.

89
06:57.470 --> 06:58.070
Okay.

90
06:58.100 --> 07:09.980
We will authorization using the "Guard" and we can authentication also inside the "Guard" right here the

91
07:10.820 --> 07:14.060
okay I think this is the guard.

92
07:15.260 --> 07:23.960
So hopefully you understand when we use the guard inside the NestJS application.