1
00:00:01,040 --> 00:00:03,970
‫So far in our authentication implementation

2
00:00:03,970 --> 00:00:07,780
‫we have logged users in with a correct password.

3
00:00:07,780 --> 00:00:11,170
‫So basically we completed this first step

4
00:00:11,170 --> 00:00:13,170
‫of the authentication workflow

5
00:00:13,170 --> 00:00:15,760
‫where a JSON web token is created

6
00:00:15,760 --> 00:00:18,730
‫and sent back to the client if the user provides

7
00:00:18,730 --> 00:00:21,440
‫a correct email and password.

8
00:00:21,440 --> 00:00:25,350
‫So next up we will actually implement protected routes.

9
00:00:25,350 --> 00:00:28,630
‫So basically using the created JSON web token

10
00:00:28,630 --> 00:00:32,930
‫in order to give logged in users access to protected routes.

11
00:00:32,930 --> 00:00:36,220
‫And this is the second step of authentication.

12
00:00:36,220 --> 00:00:39,823
‫And so let's now go ahead and implement this functionality.

13
00:00:41,620 --> 00:00:43,880
‫So let's say that we wanted to protect the

14
00:00:43,880 --> 00:00:45,670
‫getAllTours route.

15
00:00:45,670 --> 00:00:48,470
‫So basically only allowing logged in users

16
00:00:48,470 --> 00:00:51,560
‫to get access to a list of all our tours.

17
00:00:51,560 --> 00:00:53,830
‫And what what means is that before running

18
00:00:53,830 --> 00:00:55,700
‫the get all tours handler,

19
00:00:55,700 --> 00:00:57,353
‫so let's take a look at that.

20
00:00:58,340 --> 00:01:01,330
‫Okay, so before running this handle here,

21
00:01:01,330 --> 00:01:03,240
‫we would need to have some check in place

22
00:01:03,240 --> 00:01:05,120
‫in order to verify if the user

23
00:01:05,120 --> 00:01:07,760
‫is actually logged in or not, right?

24
00:01:07,760 --> 00:01:09,540
‫And so the best way of doing that

25
00:01:09,540 --> 00:01:11,640
‫as you already know at this point probably,

26
00:01:11,640 --> 00:01:15,160
‫is to use a middleware function, all right?

27
00:01:15,160 --> 00:01:17,300
‫So in this video, in order to protect routes,

28
00:01:17,300 --> 00:01:19,640
‫we're gonna to create a middleware function which is

29
00:01:19,640 --> 00:01:23,560
‫gonna run before each of these handlers, okay.

30
00:01:23,560 --> 00:01:26,320
‫So a function that is gonna sit right here,

31
00:01:26,320 --> 00:01:29,440
‫so before this functio here can run.

32
00:01:29,440 --> 00:01:32,050
‫And this middleware will then either return an error

33
00:01:32,050 --> 00:01:34,140
‫if the user is not authenticated,

34
00:01:34,140 --> 00:01:35,850
‫so if he's not logged in,

35
00:01:35,850 --> 00:01:37,780
‫or it will call the next middleware

36
00:01:37,780 --> 00:01:42,150
‫which is in this case the getAllTours handler, right?

37
00:01:42,150 --> 00:01:44,730
‫And that than effective protects this route

38
00:01:44,730 --> 00:01:47,080
‫from unauthorized access.

39
00:01:47,080 --> 00:01:48,810
‫So let's go ahead and quickly create

40
00:01:48,810 --> 00:01:50,290
‫that middleware function

41
00:01:50,290 --> 00:01:51,480
‫and then put it here

42
00:01:51,480 --> 00:01:54,060
‫in order to illustrate what I just said.

43
00:01:54,060 --> 00:01:57,620
‫Okay, so here in our auth controller again

44
00:01:57,620 --> 00:02:00,170
‫we will create a new middleware function

45
00:02:03,920 --> 00:02:06,283
‫and it's called protect.

46
00:02:08,510 --> 00:02:09,343
‫All right,

47
00:02:09,343 --> 00:02:11,600
‫and just like before I'm gonna use catchAsync

48
00:02:12,480 --> 00:02:14,740
‫because once more all of these functions

49
00:02:14,740 --> 00:02:16,553
‫are async function actually.

50
00:02:17,990 --> 00:02:21,210
‫All right, and then here of course, our middleware function

51
00:02:24,320 --> 00:02:27,270
‫and for now let's very simply call next here

52
00:02:27,270 --> 00:02:30,190
‫just so that we have actually any body here

53
00:02:30,190 --> 00:02:32,240
‫in this middleware function

54
00:02:32,240 --> 00:02:35,090
‫and then let's go back to our tour routes

55
00:02:35,090 --> 00:02:38,540
‫and then protect this route, okay?

56
00:02:38,540 --> 00:02:42,190
‫So first of all I need to actually require this

57
00:02:42,190 --> 00:02:44,620
‫authentication controller module.

58
00:02:44,620 --> 00:02:45,453
‫So const

59
00:02:50,550 --> 00:02:52,350
‫and then require

60
00:02:56,410 --> 00:02:57,920
‫it's in controllers,

61
00:02:57,920 --> 00:02:59,713
‫and then authController, okay.

62
00:03:01,430 --> 00:03:04,150
‫So now let's plug it in, right here

63
00:03:04,150 --> 00:03:07,460
‫in the getAllTours route.

64
00:03:07,460 --> 00:03:08,293
‫Okay.

65
00:03:09,550 --> 00:03:13,913
‫So authController.protect.

66
00:03:14,860 --> 00:03:15,693
‫Okay.

67
00:03:15,693 --> 00:03:18,740
‫And so right now this middleware function is gonna run first

68
00:03:18,740 --> 00:03:21,875
‫and again, if the user is not authenticated

69
00:03:21,875 --> 00:03:22,950
‫then there will be an error.

70
00:03:22,950 --> 00:03:25,070
‫And of course then the next middleware

71
00:03:25,070 --> 00:03:26,690
‫so the one which actually gets

72
00:03:26,690 --> 00:03:30,540
‫and sends all of the tours will then not be executed.

73
00:03:30,540 --> 00:03:31,373
‫Okay.

74
00:03:31,373 --> 00:03:34,700
‫And so again, this will effectively protect the access

75
00:03:34,700 --> 00:03:38,223
‫to this resource here from users that are not logged in.

76
00:03:39,250 --> 00:03:42,700
‫All right, so let's go back here.

77
00:03:42,700 --> 00:03:44,340
‫Not the user routes,

78
00:03:44,340 --> 00:03:45,993
‫but the auth controller.

79
00:03:46,850 --> 00:03:49,760
‫All right, and now about the implementation of

80
00:03:49,760 --> 00:03:51,180
‫this protect middleware.

81
00:03:51,180 --> 00:03:53,660
‫What exactly will we have to do?

82
00:03:53,660 --> 00:03:56,583
‫Well, let's start by lining out a couple of steps here.

83
00:03:57,460 --> 00:04:00,660
‫All right, and actually first of all we need to mark

84
00:04:00,660 --> 00:04:03,720
‫this function as Async, otherwise we wouldn't really need

85
00:04:03,720 --> 00:04:05,630
‫the catchAsync, right?

86
00:04:05,630 --> 00:04:09,260
‫And you will see why we need this to be an Async function

87
00:04:09,260 --> 00:04:11,360
‫in a second, all right?

88
00:04:11,360 --> 00:04:13,760
‫But now let's actually lay out the steps that we need

89
00:04:13,760 --> 00:04:16,803
‫to take in order to implement this protect middleware.

90
00:04:18,460 --> 00:04:19,840
‫So just like before,

91
00:04:19,840 --> 00:04:21,990
‫I'm gonna put these steps here as comments.

92
00:04:23,340 --> 00:04:26,173
‫First off we need to actually get the token.

93
00:04:28,720 --> 00:04:29,553
‫And check

94
00:04:30,660 --> 00:04:32,610
‫if it's there basically,

95
00:04:32,610 --> 00:04:34,303
‫so checking if it exists.

96
00:04:35,400 --> 00:04:39,113
‫Then next up we need to validate the token.

97
00:04:41,860 --> 00:04:44,383
‫And so this is basically that super important step

98
00:04:44,383 --> 00:04:48,900
‫that we talked about before where the JWT algorithm verifies

99
00:04:48,900 --> 00:04:50,680
‫if the signature is valid

100
00:04:50,680 --> 00:04:51,513
‫or if it's not.

101
00:04:51,513 --> 00:04:54,950
‫And so therefore if the token is valid or not, okay?

102
00:04:54,950 --> 00:04:57,450
‫And so actually let's call this here verification.

103
00:04:58,930 --> 00:05:01,680
‫I think that's what we called it in that slide where we

104
00:05:01,680 --> 00:05:03,630
‫talked about this before, all right.

105
00:05:03,630 --> 00:05:06,040
‫And if you don't really remember how that worked,

106
00:05:06,040 --> 00:05:07,350
‫well you can always go back

107
00:05:07,350 --> 00:05:10,003
‫and re watch that lecture, all right?

108
00:05:11,470 --> 00:05:15,750
‫Then next up, so if the verification was actually successful

109
00:05:15,750 --> 00:05:18,930
‫then we also need to check if the user who's trying

110
00:05:18,930 --> 00:05:21,870
‫to access the route still exists, okay?

111
00:05:21,870 --> 00:05:25,940
‫So check if user still exists,

112
00:05:25,940 --> 00:05:28,090
‫and I will talk more about why each of these steps

113
00:05:28,090 --> 00:05:32,610
‫are necessary once we start implementing them, all right?

114
00:05:32,610 --> 00:05:35,410
‫So for now this may not make so much sense to you,

115
00:05:35,410 --> 00:05:38,950
‫but again I will talk about each stop once we get there.

116
00:05:38,950 --> 00:05:39,783
‫All right?

117
00:05:39,783 --> 00:05:41,440
‫And finally we need to also check

118
00:05:42,980 --> 00:05:43,813
‫if

119
00:05:45,490 --> 00:05:47,000
‫user changed password

120
00:05:50,090 --> 00:05:51,720
‫after the JWT

121
00:05:53,060 --> 00:05:54,993
‫was issued, okay?

122
00:05:56,690 --> 00:05:58,280
‫Well, let's just say token here,

123
00:05:58,280 --> 00:06:01,060
‫we called it token everywhere else, okay?

124
00:06:01,060 --> 00:06:03,320
‫And so only if there was no problems

125
00:06:03,320 --> 00:06:05,310
‫in any of these steps here

126
00:06:05,310 --> 00:06:08,480
‫only then of course next will be called which will then

127
00:06:08,480 --> 00:06:11,210
‫get access to the route that we protected.

128
00:06:11,210 --> 00:06:16,210
‫So in our current example, again, this getAllTours handler.

129
00:06:16,420 --> 00:06:17,610
‫Right?

130
00:06:17,610 --> 00:06:19,260
‫Okay, but let's go back

131
00:06:19,260 --> 00:06:22,540
‫and start implementing our very first step here.

132
00:06:22,540 --> 00:06:24,380
‫So basically getting the token

133
00:06:24,380 --> 00:06:26,860
‫and then check if it actually exists.

134
00:06:26,860 --> 00:06:31,340
‫So a common practice is to send a token using an http header

135
00:06:31,340 --> 00:06:33,380
‫with the request, okay?

136
00:06:33,380 --> 00:06:36,580
‫So let's take a look at how we can set headers in Postman

137
00:06:36,580 --> 00:06:38,427
‫to send him along with the request

138
00:06:38,427 --> 00:06:40,420
‫and then also how we can get access

139
00:06:40,420 --> 00:06:42,410
‫to these headers in Express.

140
00:06:42,410 --> 00:06:45,300
‫And let's actually do that one first.

141
00:06:45,300 --> 00:06:50,300
‫So here in apt.js I think we have this nice middleware here,

142
00:06:51,240 --> 00:06:54,610
‫and so in here let's actually log to the console

143
00:06:56,290 --> 00:06:59,890
‫request.headers,

144
00:06:59,890 --> 00:07:03,250
‫Okay, so we talked about http headers before,

145
00:07:03,250 --> 00:07:07,140
‫and so this is how we can get access to them in Express.

146
00:07:07,140 --> 00:07:10,350
‫Okay, so basically to the request headers,

147
00:07:10,350 --> 00:07:13,753
‫so the ones that a client can send along with their request.

148
00:07:14,600 --> 00:07:17,890
‫Okay, and so here in Postman, let's now actually

149
00:07:19,060 --> 00:07:22,150
‫get to the route that we're actually trying to protect.

150
00:07:22,150 --> 00:07:24,270
‫And then here set a header.

151
00:07:24,270 --> 00:07:25,670
‫And let's just do a test one

152
00:07:29,100 --> 00:07:32,070
‫and set it to jonas, okay?

153
00:07:32,070 --> 00:07:33,340
‫Now I will just send this

154
00:07:35,140 --> 00:07:38,240
‫and here in Express, let's take a look at that.

155
00:07:38,240 --> 00:07:41,800
‫And so indeed here we get an object with all of the headers

156
00:07:41,800 --> 00:07:43,900
‫that are part of the request.

157
00:07:43,900 --> 00:07:45,700
‫So all of this here.

158
00:07:45,700 --> 00:07:48,380
‫And you see that there are a bunch of headers that Postman

159
00:07:48,380 --> 00:07:51,090
‫actually sends automatically along with the request

160
00:07:51,090 --> 00:07:54,740
‫for example, it says the the user-agent is Postman

161
00:07:54,740 --> 00:07:56,970
‫it also sends the host,

162
00:07:56,970 --> 00:07:59,370
‫and some other ones that we're gonna talk about later

163
00:07:59,370 --> 00:08:00,943
‫like accept for example.

164
00:08:01,800 --> 00:08:04,070
‫Now what matters here is actually the header

165
00:08:04,070 --> 00:08:05,470
‫that we set ourselves.

166
00:08:05,470 --> 00:08:08,730
‫Okay, so the test header set to jonas that we just sent

167
00:08:08,730 --> 00:08:10,360
‫in our request.

168
00:08:10,360 --> 00:08:14,240
‫Now to send a JSON web token as a header, there's actually

169
00:08:14,240 --> 00:08:16,470
‫a standard for doing that.

170
00:08:16,470 --> 00:08:21,080
‫So let's go back here, get rid of all of this.

171
00:08:21,080 --> 00:08:24,760
‫And so that standard for sending a token is that we should

172
00:08:24,760 --> 00:08:27,503
‫always use a header called authorization.

173
00:08:30,430 --> 00:08:31,263
‫Okay?

174
00:08:31,263 --> 00:08:32,940
‫So just like this

175
00:08:32,940 --> 00:08:35,890
‫and then the value of that header should always start

176
00:08:35,890 --> 00:08:37,410
‫with Bearer, okay?

177
00:08:37,410 --> 00:08:42,300
‫Because basically we bear, we have, we possess this token

178
00:08:42,300 --> 00:08:44,680
‫and then here the value of the token.

179
00:08:44,680 --> 00:08:47,750
‫So just like this random string that we got before.

180
00:08:47,750 --> 00:08:51,610
‫So let's just leave it her at this as an example,

181
00:08:51,610 --> 00:08:53,323
‫and so let's send that now.

182
00:08:55,180 --> 00:08:57,913
‫And then indeed, we should get it here.

183
00:08:59,050 --> 00:09:00,310
‫Okay.

184
00:09:00,310 --> 00:09:03,620
‫Now Express then automatically turns all header names

185
00:09:03,620 --> 00:09:06,160
‫to lowercase, as you can see here,

186
00:09:06,160 --> 00:09:09,950
‫but of course, our header value here is still the same.

187
00:09:09,950 --> 00:09:13,550
‫Okay, and so basically this piece of the header value

188
00:09:13,550 --> 00:09:15,050
‫is our token.

189
00:09:15,050 --> 00:09:16,870
‫And so that's how we should now read

190
00:09:16,870 --> 00:09:18,720
‫that token from the header.

191
00:09:18,720 --> 00:09:19,553
‫All right?

192
00:09:20,550 --> 00:09:21,960
‫So

193
00:09:21,960 --> 00:09:22,793
‫if

194
00:09:24,130 --> 00:09:29,130
‫there actually is req.headers.authorization,

195
00:09:32,730 --> 00:09:34,300
‫okay,

196
00:09:34,300 --> 00:09:39,300
‫and if it starts basically with this bearer string here

197
00:09:39,810 --> 00:09:40,643
‫okay,

198
00:09:42,720 --> 00:09:46,670
‫so req.headers.authorization

199
00:09:46,670 --> 00:09:48,240
‫and now this is a string and so we can

200
00:09:48,240 --> 00:09:50,050
‫use startsWith on that

201
00:09:52,210 --> 00:09:55,290
‫okay, so this is just normal JavaScript again

202
00:09:57,910 --> 00:09:58,930
‫okay.

203
00:09:58,930 --> 00:10:03,020
‫And so these are the conditions under which we actually want

204
00:10:03,020 --> 00:10:05,430
‫to save a token, okay?

205
00:10:05,430 --> 00:10:08,530
‫So, again, in case that tghe header exists

206
00:10:08,530 --> 00:10:13,260
‫and that its value starts with Bearer, okay.

207
00:10:13,260 --> 00:10:18,260
‫Then in that case we want to say that the token is equal

208
00:10:18,460 --> 00:10:22,257
‫to req.headers.authorization

209
00:10:23,890 --> 00:10:26,810
‫and now how do we actually get this second part

210
00:10:26,810 --> 00:10:28,350
‫of the string?

211
00:10:28,350 --> 00:10:30,820
‫Well, we're basically gonna split the string

212
00:10:30,820 --> 00:10:33,050
‫by this space character, okay,

213
00:10:33,050 --> 00:10:34,610
‫which will then create an array

214
00:10:34,610 --> 00:10:35,890
‫with this Bearer

215
00:10:35,890 --> 00:10:37,860
‫and with this token

216
00:10:37,860 --> 00:10:39,690
‫and so then we're gonna take that part

217
00:10:39,690 --> 00:10:41,063
‫of the array that we want.

218
00:10:42,260 --> 00:10:45,080
‫So split using space,

219
00:10:45,080 --> 00:10:48,380
‫and then from that array we want the second element.

220
00:10:48,380 --> 00:10:49,490
‫All right?

221
00:10:49,490 --> 00:10:52,760
‫Now we can't actually define a variable inside

222
00:10:52,760 --> 00:10:53,800
‫of an if block

223
00:10:53,800 --> 00:10:55,440
‫because const, and let,

224
00:10:55,440 --> 00:10:58,260
‫so the new ES6 variable declaratory are

225
00:10:58,260 --> 00:10:59,710
‫actually block scoped,

226
00:10:59,710 --> 00:11:02,650
‫and so whatever we define in this block here

227
00:11:02,650 --> 00:11:04,700
‫will then not be available outside of it.

228
00:11:05,690 --> 00:11:08,643
‫Okay, and so let's actually do that outside.

229
00:11:11,970 --> 00:11:16,280
‫And then simply reassign this value to the token.

230
00:11:16,280 --> 00:11:17,113
‫Okay.

231
00:11:18,670 --> 00:11:21,880
‫And now, let's log the token to the console

232
00:11:21,880 --> 00:11:23,863
‫just to see if it works.

233
00:11:25,130 --> 00:11:28,670
‫Okay, and in fact let's actually get

234
00:11:28,670 --> 00:11:30,373
‫kind of get a real token here.

235
00:11:31,240 --> 00:11:33,253
‫So the one that we just logged in with.

236
00:11:35,990 --> 00:11:39,710
‫And then put that one here, all right.

237
00:11:39,710 --> 00:11:40,723
‫So send it,

238
00:11:42,360 --> 00:11:43,930
‫and

239
00:11:43,930 --> 00:11:45,480
‫ah! Here we go.

240
00:11:45,480 --> 00:11:49,760
‫So here we have our JSON web token data we just sent along

241
00:11:49,760 --> 00:11:51,110
‫with the request.

242
00:11:51,110 --> 00:11:55,120
‫Let's just quickly turn off this console log here.

243
00:11:55,120 --> 00:11:59,590
‫All right, and then just before we move on

244
00:11:59,590 --> 00:12:03,480
‫let's then actually check if the token actually exists.

245
00:12:03,480 --> 00:12:04,313
‫Okay.

246
00:12:05,810 --> 00:12:07,510
‫So if there is no token

247
00:12:10,360 --> 00:12:14,090
‫well, then, of course we want to create a new error.

248
00:12:14,090 --> 00:12:16,630
‫Right, and so just like before

249
00:12:16,630 --> 00:12:19,030
‫we return from this middleware

250
00:12:19,030 --> 00:12:21,260
‫and call the next one, okay.

251
00:12:21,260 --> 00:12:24,560
‫And now in here, we are then going to create an error

252
00:12:24,560 --> 00:12:26,140
‫and so we will move straight

253
00:12:26,140 --> 00:12:29,403
‫to our global error handling middleware with this error.

254
00:12:30,487 --> 00:12:33,860
‫All right, so if there is no token sent with the request,

255
00:12:33,860 --> 00:12:35,913
‫then that means that we're not logged in.

256
00:12:36,870 --> 00:12:40,310
‫So let's send to the user you are not

257
00:12:41,530 --> 00:12:42,373
‫logged in.

258
00:12:45,610 --> 00:12:48,793
‫Please log in to get access.

259
00:12:50,137 --> 00:12:52,380
‫All right, and now the status code for this

260
00:12:52,380 --> 00:12:55,090
‫kind of of situation is 401

261
00:12:55,090 --> 00:12:58,040
‫which means unauthorized, okay?

262
00:12:58,040 --> 00:13:00,430
‫Not sure if we've used that one before

263
00:13:00,430 --> 00:13:03,380
‫and yeah, actually we did it here as well.

264
00:13:03,380 --> 00:13:05,290
‫Okay, and so this basically means

265
00:13:05,290 --> 00:13:08,890
‫that the data that was sent in the request is correct,

266
00:13:08,890 --> 00:13:12,110
‫but they are not enough basically to get the user access

267
00:13:12,110 --> 00:13:15,050
‫to a resource he is requesting.

268
00:13:15,050 --> 00:13:16,080
‫All right.

269
00:13:16,080 --> 00:13:17,280
‫Just give it a save here

270
00:13:18,280 --> 00:13:20,270
‫and test it out again.

271
00:13:20,270 --> 00:13:24,660
‫So, if we basically take away this header here,

272
00:13:24,660 --> 00:13:28,090
‫then we should straight away go into that error,

273
00:13:28,090 --> 00:13:29,120
‫right?

274
00:13:29,120 --> 00:13:31,910
‫And indeed, you are not logged in,

275
00:13:31,910 --> 00:13:33,340
‫please log in to get access.

276
00:13:33,340 --> 00:13:35,600
‫With 401 unauthorized.

277
00:13:35,600 --> 00:13:38,950
‫Great! So that part is already working.

278
00:13:38,950 --> 00:13:41,500
‫All right, and now just to recap,

279
00:13:41,500 --> 00:13:44,590
‫so right now we are not sending any token along with

280
00:13:44,590 --> 00:13:45,903
‫the request, right?

281
00:13:47,330 --> 00:13:51,370
‫And so of that reason, of course, there is no token, okay?

282
00:13:51,370 --> 00:13:53,380
‫And therefore we create this error,

283
00:13:53,380 --> 00:13:56,680
‫which will then trigger our error handler middleware to send

284
00:13:56,680 --> 00:13:59,260
‫that error back to the client, okay?

285
00:13:59,260 --> 00:14:02,690
‫And then of course we do not get access to all the tours,

286
00:14:02,690 --> 00:14:05,600
‫because of course this middleware runs

287
00:14:05,600 --> 00:14:08,710
‫before the getAllTours controller.

288
00:14:08,710 --> 00:14:13,070
‫And so right now, this really is protected, okay?

289
00:14:13,070 --> 00:14:17,170
‫So it's really working quite nice already at this point.

290
00:14:17,170 --> 00:14:19,870
‫But of course, this is far from enough,

291
00:14:19,870 --> 00:14:23,480
‫because it's not enough to just send a token with a request.

292
00:14:23,480 --> 00:14:26,290
‫It also need to be a valid token.

293
00:14:26,290 --> 00:14:28,410
‫So basically a token where no one tried

294
00:14:28,410 --> 00:14:30,270
‫to change the payload.

295
00:14:30,270 --> 00:14:34,110
‫Okay, and the payload, remember, in our case is always

296
00:14:34,110 --> 00:14:39,110
‫the user_id of the user for which the token was issued.

297
00:14:39,210 --> 00:14:41,380
‫All right, and so next up we need

298
00:14:41,380 --> 00:14:44,200
‫to implement this verification step.

299
00:14:44,200 --> 00:14:47,160
‫But this lecture is already running pretty long

300
00:14:47,160 --> 00:14:49,520
‫and there's still a lot of stuff to do here,

301
00:14:49,520 --> 00:14:52,403
‫and so let's actually leave that for the next video.