1
00:00:01,030 --> 00:00:02,580
‫Welcome back.

2
00:00:02,580 --> 00:00:05,470
‫So, authentication and authorization

3
00:00:05,470 --> 00:00:07,680
‫is all about users signing up,

4
00:00:07,680 --> 00:00:11,040
‫logging in, and accessing pages or routes,

5
00:00:11,040 --> 00:00:13,190
‫that we grant them permission to do so.

6
00:00:13,190 --> 00:00:15,570
‫So, it's really all about the users.

7
00:00:15,570 --> 00:00:18,890
‫And, so we need to start by implementing the user model

8
00:00:18,890 --> 00:00:21,260
‫in this lecture, so that in the next one,

9
00:00:21,260 --> 00:00:24,383
‫we can then create new users in our database.

10
00:00:25,990 --> 00:00:28,710
‫So, back in our application, let's go ahead

11
00:00:28,710 --> 00:00:31,740
‫and create a new file for the user model.

12
00:00:31,740 --> 00:00:34,373
‫So of course in our model folder, New File,

13
00:00:38,571 --> 00:00:40,890
‫userModel.js.

14
00:00:40,890 --> 00:00:42,610
‫And just like before, we start

15
00:00:42,610 --> 00:00:44,563
‫by requiring the Mongoose package.

16
00:00:52,430 --> 00:00:53,510
‫All right.

17
00:00:53,510 --> 00:00:55,920
‫And now, all we need to do is to create a schema

18
00:00:55,920 --> 00:00:57,890
‫and then create a model out of it.

19
00:00:57,890 --> 00:00:59,670
‫So just like we did with the tours,

20
00:00:59,670 --> 00:01:01,750
‫we're gonna do it here now with the users.

21
00:01:01,750 --> 00:01:04,140
‫And actually, since we already did that before,

22
00:01:04,140 --> 00:01:07,660
‫I want to leave this one as a challenge for you, all right?

23
00:01:07,660 --> 00:01:10,963
‫So I want you to create a schema with five fields.

24
00:01:12,020 --> 00:01:14,713
‫So, name, email,

25
00:01:16,660 --> 00:01:19,380
‫then a photo; which is just gonna be a string,

26
00:01:19,380 --> 00:01:21,063
‫so just like in our tours.

27
00:01:22,230 --> 00:01:24,223
‫I also want a field for a password,

28
00:01:25,300 --> 00:01:27,283
‫and for a passwordConfirm.

29
00:01:30,230 --> 00:01:31,063
‫Okay?

30
00:01:31,063 --> 00:01:32,330
‫And a bit more about that later

31
00:01:32,330 --> 00:01:34,190
‫when I solve this challenge for you,

32
00:01:34,190 --> 00:01:36,480
‫but for now, I really want you to practice

33
00:01:36,480 --> 00:01:38,540
‫to create this schema on your own

34
00:01:38,540 --> 00:01:41,770
‫and then also create a model out of that schema, okay?

35
00:01:41,770 --> 00:01:44,090
‫And then by the end, you can also export it.

36
00:01:44,090 --> 00:01:46,350
‫{\an8}So please pause the video at this point,

37
00:01:46,350 --> 00:01:48,250
‫{\an8}and I'll be back in a second here

38
00:01:48,250 --> 00:01:49,973
‫{\an8}to solve this challenge for you.

39
00:01:52,590 --> 00:01:53,480
‫All right.

40
00:01:53,480 --> 00:01:55,030
‫Hope you completed that challenge.

41
00:01:55,030 --> 00:01:56,690
‫And so I will now solve it.

42
00:01:56,690 --> 00:01:59,330
‫And don't worry if it doesn't look exactly the same.

43
00:01:59,330 --> 00:02:02,150
‫You can simply adapt it as we go through this video.

44
00:02:02,150 --> 00:02:03,563
‫So, through this solution.

45
00:02:05,430 --> 00:02:07,730
‫So, I'm gonna call this one the userSchema.

46
00:02:09,310 --> 00:02:13,107
‫And just like before, we create a new mongoose.Schema.

47
00:02:15,270 --> 00:02:18,010
‫And then into that, we pass our schema object,

48
00:02:18,010 --> 00:02:20,410
‫and start defining our fields.

49
00:02:20,410 --> 00:02:24,773
‫So, I want a name with the type, of course, of String.

50
00:02:28,430 --> 00:02:31,023
‫And I also want it to be required.

51
00:02:32,440 --> 00:02:34,310
‫So whenever a new user is created,

52
00:02:34,310 --> 00:02:37,113
‫he needs to tell us his name basically.

53
00:02:37,980 --> 00:02:40,623
‫So, let's set an error message here as well.

54
00:02:41,617 --> 00:02:44,447
‫"Please tell us your name!"

55
00:02:45,890 --> 00:02:46,960
‫All right?

56
00:02:46,960 --> 00:02:48,400
‫So that's the name.

57
00:02:48,400 --> 00:02:50,373
‫Next up, we want the email.

58
00:02:51,680 --> 00:02:52,630
‫All right?

59
00:02:52,630 --> 00:02:55,310
‫And so this will be used for the user to login

60
00:02:55,310 --> 00:02:58,630
‫and we will not create a username property here, okay?

61
00:02:58,630 --> 00:03:01,920
‫So in some applications, you will see a username being used,

62
00:03:01,920 --> 00:03:04,500
‫but in this case, we wanna keep it simple here

63
00:03:04,500 --> 00:03:08,030
‫and simply identify users by emails.

64
00:03:08,030 --> 00:03:10,803
‫And so again, this is of the type String.

65
00:03:13,150 --> 00:03:14,873
‫It is also a required field.

66
00:03:22,030 --> 00:03:23,883
‫So just some error message again.

67
00:03:24,780 --> 00:03:28,873
‫Next up, I want emails also to be unique, okay?

68
00:03:30,360 --> 00:03:33,320
‫So, unique set to true.

69
00:03:33,320 --> 00:03:35,960
‫And that's basically because this email is, of course,

70
00:03:35,960 --> 00:03:39,450
‫the unique identifier of each user, okay?

71
00:03:39,450 --> 00:03:42,920
‫Now by default, emails should be unique, right?

72
00:03:42,920 --> 00:03:45,570
‫But let's just be 100% sure here

73
00:03:45,570 --> 00:03:47,000
‫that there will be no accounts

74
00:03:47,000 --> 00:03:49,740
‫with the same email address, all right?

75
00:03:49,740 --> 00:03:52,770
‫Now we can also specify another schema-type option here,

76
00:03:52,770 --> 00:03:54,373
‫which is lowercase.

77
00:03:56,150 --> 00:03:57,100
‫So that's a new one.

78
00:03:57,100 --> 00:03:58,410
‫And it's not a validator.

79
00:03:58,410 --> 00:04:00,410
‫All it's gonna do, is to basically

80
00:04:00,410 --> 00:04:03,150
‫transform the email into lowercase.

81
00:04:03,150 --> 00:04:08,140
‫So if someone says like Jonas@Gmail or whatever,

82
00:04:08,140 --> 00:04:11,260
‫then that's gonna be converted all to lowercase.

83
00:04:11,260 --> 00:04:12,210
‫Okay?

84
00:04:12,210 --> 00:04:15,380
‫And now finally, we also want to actually validate

85
00:04:15,380 --> 00:04:16,780
‫the email address.

86
00:04:16,780 --> 00:04:19,300
‫So basically testing if the provided email

87
00:04:19,300 --> 00:04:23,070
‫that corresponds to the common email format, all right?

88
00:04:23,070 --> 00:04:27,710
‫So for example again jonas@gmail.com

89
00:04:27,710 --> 00:04:29,250
‫would be a valid email,

90
00:04:29,250 --> 00:04:32,270
‫but for example, like this, it would not be.

91
00:04:32,270 --> 00:04:33,860
‫Or like this.

92
00:04:33,860 --> 00:04:36,290
‫And so for that, we need to create our own

93
00:04:36,290 --> 00:04:37,603
‫validator basically.

94
00:04:38,650 --> 00:04:41,350
‫Now we're not gonna create our own validator for that,

95
00:04:41,350 --> 00:04:44,480
‫but instead we're gonna use that validator package

96
00:04:44,480 --> 00:04:47,730
‫that I showed you before from npm, right?

97
00:04:47,730 --> 00:04:50,520
‫So remember here in the tourModel,

98
00:04:50,520 --> 00:04:52,770
‫I actually showed you this module here,

99
00:04:52,770 --> 00:04:54,620
‫but then we didn't end up using it

100
00:04:54,620 --> 00:04:57,270
‫because it wasn't really useful in our case.

101
00:04:57,270 --> 00:04:59,810
‫But now, it's gonna be quite useful,

102
00:04:59,810 --> 00:05:02,933
‫and so I'm going ahead and copying it here, okay,

103
00:05:05,620 --> 00:05:09,180
‫so that we can now use it right in our schema.

104
00:05:09,180 --> 00:05:12,653
‫So, to now create our custom validator,

105
00:05:13,730 --> 00:05:16,550
‫we use validate, remember?

106
00:05:16,550 --> 00:05:18,870
‫And then we pass in the function anti-error message,

107
00:05:18,870 --> 00:05:21,380
‫just like with our other validators.

108
00:05:21,380 --> 00:05:23,980
‫And to check if an email is valid,

109
00:05:23,980 --> 00:05:28,330
‫all we need to do is to call the isEmail method

110
00:05:29,810 --> 00:05:32,030
‫on the validator object, okay?

111
00:05:32,030 --> 00:05:34,380
‫So that, again, comes from the documentation,

112
00:05:34,380 --> 00:05:38,160
‫which I showed you before when we first used this module.

113
00:05:38,160 --> 00:05:40,600
‫And so whenever you need a custom validator,

114
00:05:40,600 --> 00:05:42,960
‫you can go ahead and check the documentation

115
00:05:42,960 --> 00:05:46,540
‫and find if there's a good function for your use case.

116
00:05:46,540 --> 00:05:49,340
‫So in this case, that's validator.Email,

117
00:05:49,340 --> 00:05:51,230
‫and our error message is gonna be

118
00:05:55,174 --> 00:05:57,540
‫"a valid email," okay?

119
00:05:57,540 --> 00:05:59,800
‫And in the next video, when we're gonna create users

120
00:05:59,800 --> 00:06:02,980
‫out of this model, we will then of course test all of this

121
00:06:02,980 --> 00:06:04,463
‫in order to see if it works.

122
00:06:05,470 --> 00:06:08,420
‫Next up, I also want the user to be able

123
00:06:08,420 --> 00:06:11,210
‫to basically upload a photo.

124
00:06:11,210 --> 00:06:13,490
‫And we're gonna store that simply in a String.

125
00:06:13,490 --> 00:06:15,600
‫But it's not required, okay?

126
00:06:15,600 --> 00:06:20,030
‫So a photo is usually optional in most web applications,

127
00:06:20,030 --> 00:06:22,050
‫and so we're gonna do the same here.

128
00:06:22,050 --> 00:06:24,420
‫So, if the user wants to upload a photo,

129
00:06:24,420 --> 00:06:27,580
‫then that will be stored somewhere in our file system

130
00:06:27,580 --> 00:06:30,380
‫and the path to that photo will then be stored

131
00:06:30,380 --> 00:06:32,910
‫into this photo field, okay?

132
00:06:32,910 --> 00:06:34,740
‫So that's similar to what we had here.

133
00:06:34,740 --> 00:06:36,373
‫Remember, we have,

134
00:06:38,490 --> 00:06:40,340
‫yeah, we have imageCover,

135
00:06:40,340 --> 00:06:42,850
‫and so that also is simply the path

136
00:06:42,850 --> 00:06:45,100
‫of the place in our file system

137
00:06:45,100 --> 00:06:47,343
‫where the image is actually uploaded.

138
00:06:49,020 --> 00:06:50,300
‫All right?

139
00:06:50,300 --> 00:06:51,570
‫So that's photo.

140
00:06:51,570 --> 00:06:52,973
‫And now we need password.

141
00:06:57,065 --> 00:07:01,120
‫And the password should be, again, of the type String.

142
00:07:02,410 --> 00:07:03,963
‫That's not correct.

143
00:07:04,850 --> 00:07:08,723
‫And the password of course is required, right?

144
00:07:09,690 --> 00:07:10,723
‫So, true.

145
00:07:15,347 --> 00:07:16,737
‫"Provide a password."

146
00:07:17,750 --> 00:07:20,900
‫And we're also gonna impose a very simple password rule,

147
00:07:20,900 --> 00:07:23,420
‫which is that a password should have at least

148
00:07:23,420 --> 00:07:24,640
‫eight characters.

149
00:07:24,640 --> 00:07:25,933
‫So, how do we do that?

150
00:07:26,840 --> 00:07:28,920
‫Well, that's quite easy.

151
00:07:28,920 --> 00:07:31,003
‫All we have to do is minlength,

152
00:07:32,480 --> 00:07:34,880
‫and set it to eight in this case.

153
00:07:34,880 --> 00:07:37,070
‫And that's actually the only password rule

154
00:07:37,070 --> 00:07:38,650
‫that we're gonna impose.

155
00:07:38,650 --> 00:07:41,270
‫And many apps have all these crazy rules

156
00:07:41,270 --> 00:07:45,300
‫like at least one number and one character and one symbol,

157
00:07:45,300 --> 00:07:47,450
‫but we're not gonna implement any of that here

158
00:07:47,450 --> 00:07:49,250
‫because actually it has been found

159
00:07:49,250 --> 00:07:52,140
‫that that's not really effective, okay?

160
00:07:52,140 --> 00:07:53,750
‫Usually the most secure passwords

161
00:07:53,750 --> 00:07:55,530
‫are the longest ones, okay,

162
00:07:55,530 --> 00:07:58,550
‫and not these ones with the crazy symbols and characters

163
00:07:58,550 --> 00:07:59,513
‫and all that.

164
00:08:00,580 --> 00:08:03,610
‫That's enough for the password for now,

165
00:08:03,610 --> 00:08:06,340
‫but we're gonna create some more specific fields here

166
00:08:06,340 --> 00:08:10,190
‫for the password when we start to like manage passwords

167
00:08:10,190 --> 00:08:12,020
‫in the database, okay?

168
00:08:12,020 --> 00:08:14,403
‫But for now, that is enough here.

169
00:08:16,160 --> 00:08:18,407
‫And so now it's passwordConfirm.

170
00:08:19,390 --> 00:08:22,230
‫So you know how usually when you create a new account

171
00:08:22,230 --> 00:08:24,450
‫on some web application, you always need

172
00:08:24,450 --> 00:08:28,260
‫to put in your password and then confirm it just to be sure

173
00:08:28,260 --> 00:08:29,480
‫that they are the same.

174
00:08:29,480 --> 00:08:31,523
‫And so that's what this field is for.

175
00:08:32,410 --> 00:08:35,573
‫So of course it's also of type String.

176
00:08:36,720 --> 00:08:38,723
‫And of course it's also required.

177
00:08:45,081 --> 00:08:45,914
‫Okay.

178
00:08:45,914 --> 00:08:48,860
‫And again, we're gonna create some more properties here

179
00:08:48,860 --> 00:08:52,210
‫in the schema-type option a bit later, okay?

180
00:08:52,210 --> 00:08:56,130
‫Specifically, validators to see if the confirm password

181
00:08:56,130 --> 00:09:00,600
‫is actually the same than the main password, all right?

182
00:09:00,600 --> 00:09:03,220
‫But for now, this schema is actually enough,

183
00:09:03,220 --> 00:09:06,300
‫and so it has these fields that I asked you

184
00:09:07,179 --> 00:09:08,529
‫to create in the challenge.

185
00:09:09,980 --> 00:09:12,360
‫And now, actually, all we need to do is to go ahead

186
00:09:12,360 --> 00:09:14,703
‫and create the model out of the schema.

187
00:09:16,410 --> 00:09:18,930
‫So the User, with a capital U,

188
00:09:18,930 --> 00:09:22,090
‫just to follow that convention that model variables

189
00:09:22,090 --> 00:09:24,393
‫are usually always with a capital letter,

190
00:09:25,490 --> 00:09:30,490
‫then mongoose.model, and then pass in the name of the model,

191
00:09:31,400 --> 00:09:33,850
‫and of course, we want this one to be called User

192
00:09:34,910 --> 00:09:39,150
‫and created out of the userSchema that we created before.

193
00:09:39,150 --> 00:09:44,150
‫And then module.exports set to User.

194
00:09:45,300 --> 00:09:46,260
‫And that's it.

195
00:09:46,260 --> 00:09:49,230
‫That's our simple userSchema that's gonna allow us

196
00:09:49,230 --> 00:09:51,720
‫to get started with actually creating users

197
00:09:51,720 --> 00:09:53,570
‫right in the next video.

198
00:09:53,570 --> 00:09:54,963
‫So, see you by then.