WEBVTT

00:03.850 --> 00:05.410
Hey, did everyone they share?

00:05.440 --> 00:09.970
The one last thing that is remaining in understanding the passport is we have worked through we have

00:09.970 --> 00:12.440
understood the call back, the strategy, everything.

00:12.460 --> 00:14.440
Now there is one thing that is remaining.

00:14.740 --> 00:19.480
Now, whenever we use the JSON token, we actually send this JSON token in the cookies itself so that

00:19.480 --> 00:24.670
whenever you make a request, I can actually look into the cookie, extract the ID from the token and

00:24.670 --> 00:27.160
can verify that you are the user what you are saying.

00:27.160 --> 00:31.150
So for this also in the first place, I have to actually send this.

00:31.150 --> 00:34.810
I'd have to wrap it in the token and send it to request user.

00:34.810 --> 00:40.360
So there are two steps of processing that I have to kind of wrap it around, throw it into the user,

00:40.360 --> 00:45.610
then every request I have to bring it up and that and see that what you are saying, this is exactly

00:45.610 --> 00:47.500
what we need to do here in the passport.

00:47.500 --> 00:49.630
In case you are not understanding what I'm saying.

00:49.630 --> 00:54.700
This is exactly we have spent the entirety of couple of even sections and probably more than ten videos

00:54.700 --> 00:56.410
and understanding this exact thing.

00:56.410 --> 01:01.420
This exact thing happens in the passport, but it is so vague and so abstract that I didn't bring it

01:01.420 --> 01:05.040
up first in the course and I'm bringing it in the very last of the course.

01:05.050 --> 01:09.340
Now, in case you notice, you can use a whole lot of configuration notice here.

01:09.340 --> 01:11.230
This is what we are missing up here.

01:11.320 --> 01:17.860
So if I scroll a little bit up here and you can see there is an option of passport sterilizer and passport

01:17.860 --> 01:20.440
DC user, this is exactly what is happening.

01:20.440 --> 01:25.540
It takes that user ID wraps it up in the cookie and the token and everything and throws back whenever

01:25.540 --> 01:27.970
it is required and it also serialized it.

01:27.970 --> 01:30.430
So whenever a request comes in, it just takes it first.

01:30.430 --> 01:32.620
Remember, it's a middle way, it happens both way.

01:32.620 --> 01:35.350
So it always go ahead and come back and use this one.

01:35.350 --> 01:39.340
But before we go ahead and use this one, you can actually use whatever you like.

01:39.340 --> 01:43.510
You can use sessions, you can use cookie, you can use cookie session, whatever you like.

01:43.540 --> 01:48.340
The only thing that you have to do is not use this passport in initialization we have already done,

01:48.340 --> 01:51.760
but we have to also say that about use and passport session.

01:51.770 --> 01:54.130
So this is something we are going to go ahead and use that.

01:54.130 --> 01:58.120
Let me copy that first and move it up onto the index or JS.

01:58.120 --> 02:04.420
So just where we actually go ahead and went up with the initialization of this passport, we're going

02:04.420 --> 02:08.080
to go ahead and say, hey, just go ahead and manage a sessions for me as well.

02:08.290 --> 02:14.140
Now in this of the application, we are not using cookies or anything, we are using cookies session

02:14.200 --> 02:15.070
instead of that.

02:15.070 --> 02:18.550
So we're going to go ahead and take advantage of this cookie session as well.

02:18.550 --> 02:21.370
So we're going to go ahead and scroll a little bit.

02:21.370 --> 02:28.090
And here you can see there is a middleware for app use and then we have express session and just below

02:28.090 --> 02:30.160
should be somewhere the cookie session here.

02:30.160 --> 02:34.950
Let me go ahead and quickly see that och looked at a little bit there and found it on the passwords.

02:34.960 --> 02:35.170
Yes.

02:35.170 --> 02:37.480
But actually rather was able to find it up here.

02:37.600 --> 02:43.150
Now the whole idea behind using not just the cookie and cookie session because what passport actually

02:43.150 --> 02:44.440
supports are the sessions.

02:44.440 --> 02:46.690
So they actually have something in the session.

02:46.690 --> 02:50.380
The one the library, which is famous among all the developers is cookie session.

02:50.380 --> 02:55.000
What it does, it actually stores everything in the format of cookies, but actually also supports the

02:55.000 --> 02:55.270
session.

02:55.270 --> 02:57.130
So this is kind of a hybrid in between.

02:57.130 --> 03:00.760
So we have already installed this cookie session and we have a nice example up here.

03:00.760 --> 03:05.740
We have already done the installation part and if you scroll it a little bit and this is all you have

03:05.740 --> 03:07.750
to do, so bring in the cookie session.

03:07.750 --> 03:13.180
So let's go ahead and bring it up first up here with the first line and let's go up here into the index

03:13.180 --> 03:14.800
or just at the very top.

03:14.800 --> 03:20.170
Let's go ahead and bring in and we're going to convert that into const because we are not changing it.

03:20.650 --> 03:26.110
And further down the road, all I have to do is add it as a middleware, just like we added the middleware

03:26.110 --> 03:29.320
for the cookies and we forgot about it.

03:29.320 --> 03:30.850
So just like that, we have to use that.

03:30.850 --> 03:34.000
So let's go ahead and copy this and paste it up here.

03:34.000 --> 03:38.650
So we're going to go ahead and say that, hey, we're going to use passport session, but let's use

03:38.650 --> 03:40.210
it at the top up here.

03:40.510 --> 03:41.290
There we go.

03:42.010 --> 03:45.850
And the name the name is going to be not used in this case.

03:45.850 --> 03:49.000
You can actually provide a dedicated name in case you wish to.

03:49.210 --> 03:52.180
We're going to go ahead and provide another property, which is Max H.

03:52.180 --> 03:53.140
So it's a cookie.

03:53.140 --> 03:54.520
It needs to have age.

03:54.730 --> 03:57.730
We have been using so far three days, but feel free to change.

03:57.730 --> 03:58.750
Go ahead and change this one.

03:58.750 --> 04:01.720
So this needs to multiply it by 24.

04:01.750 --> 04:07.420
This needs to be multiplied by 60 further down the road, 60 and further down the road.

04:07.980 --> 04:08.620
Thousand.

04:08.620 --> 04:09.820
So this is all what we got.

04:09.820 --> 04:11.230
Let's put a comma now.

04:11.230 --> 04:11.560
Keys.

04:11.560 --> 04:13.750
We won't be providing multiple keys.

04:13.840 --> 04:15.070
We'll be using just one keys.

04:15.070 --> 04:16.840
This is exactly like the JSON token.

04:16.840 --> 04:20.650
So just like the JSON has the key, this also needs to be a secret key.

04:20.650 --> 04:24.550
So this is ae token key.

04:24.550 --> 04:30.010
And again, of course, you know that this needs to go into the Dot D and V, save that, and that's

04:30.010 --> 04:30.760
all you have to do.

04:30.760 --> 04:31.690
Now, one more thing.

04:31.690 --> 04:33.040
It's not we are all done.

04:33.040 --> 04:36.430
We have talked about this, how the sessions are going to be managed and everything.

04:36.430 --> 04:38.320
But remember, we are still missing the key thing.

04:38.320 --> 04:42.550
We have passed on everything and all of that, but right now they are still not able to access that.

04:42.550 --> 04:47.350
How we're going to actually do that for this, we have to see the lies and deceit lies, whatever the

04:47.350 --> 04:48.670
value we are passing on.

04:48.670 --> 04:50.200
So let's go ahead and scroll that.

04:50.200 --> 04:53.590
And this is exactly the piece of code that we are going to need.

04:53.590 --> 04:56.140
Copy that and bring it up here.

04:56.140 --> 05:01.360
So inside the Google strategy, just where we are using this passport dot use, these are also middleware.

05:01.360 --> 05:01.600
So.

05:01.660 --> 05:06.300
As soon as you are bringing this file, the sterilizer and Digitizer will also go into extra jazz.

05:06.370 --> 05:07.920
We have a cookie session there.

05:07.930 --> 05:12.610
We have the passport session being injected, so too many materials are injected and they'll manage

05:12.610 --> 05:13.740
the things on their own.

05:13.750 --> 05:15.070
Now notice here in the done.

05:15.070 --> 05:18.010
Now this time you are passing users ID this is absolutely fine.

05:18.010 --> 05:23.560
You don't need to say user or underscore ID now also it is saying that at the time of DC user, when

05:23.560 --> 05:28.570
it will bring the things back, it will automatically unwrap the things we don't need to do this time.

05:28.750 --> 05:30.850
JSON verify and JSON sign.

05:30.850 --> 05:31.660
We don't need to do that.

05:31.660 --> 05:33.700
It will automatically manage the things for me.

05:33.820 --> 05:38.470
Now when you are saying this user ID at the time of bringing and decentralizing it will automatically

05:38.470 --> 05:43.540
get this ID, you'll have this function and if you are going to find this, then we are going to have

05:43.540 --> 05:45.580
this done and we are going to have users.

05:45.580 --> 05:48.430
So this seems right out of the box working fine for us.

05:48.430 --> 05:50.050
Let's go ahead and save this one.

05:50.050 --> 05:55.030
And hopefully this time things are going to be much, much better as what we have seen as we are at

05:55.030 --> 05:56.260
the end of the section.

05:56.260 --> 05:58.270
So let's go ahead and work on with this one.

05:58.270 --> 06:02.530
So let's go ahead error and let's see that how much progress we have made in this one.

06:03.790 --> 06:05.140
So we are going up here.

06:05.140 --> 06:06.760
Let's go ahead and move on to log in.

06:06.760 --> 06:12.940
Let's go Google and this time again, I want to log in and this time I'm able to successfully see the

06:12.940 --> 06:16.810
underscore ID, I'm able to see name and my email as well.

06:16.810 --> 06:23.650
So this proves that definitely there is something which is properly serializing and properly decentralizing,

06:23.650 --> 06:25.060
even managing the application.

06:25.060 --> 06:29.170
And also don't forget this part that we have this request of user.

06:29.170 --> 06:34.420
So just like we have been previously using all these middleware for request dot user, now we have access

06:34.420 --> 06:34.990
of that.

06:35.170 --> 06:40.090
Now one more thing very, very interesting thing I would like to show you is right click and inspect

06:40.420 --> 06:44.650
and we are going to go into the into the application.

06:44.770 --> 06:49.360
Let's go up here, the notice here inside the cookies, we have this localhost cookies, which is the

06:49.360 --> 06:50.950
express sessions up here.

06:50.950 --> 06:54.100
So this is exactly the cookie that is being injected.

06:54.310 --> 07:00.340
Now, let me go ahead and code out a simple kind of a log out for you and show you what happens in that

07:00.340 --> 07:00.850
case.

07:00.850 --> 07:05.170
So even if I go back on to the home page, obviously not like that.

07:06.150 --> 07:09.720
Obviously this cookies or this session will actually remain as it is up here.

07:10.080 --> 07:11.010
So there we go.

07:11.040 --> 07:12.090
These are still there.

07:12.120 --> 07:17.100
Now, let me code a little bit of the code so that we can have a log out route as well.

07:17.340 --> 07:22.320
If I go into the log in, we have this log out, which is all slash log out.

07:22.320 --> 07:24.780
So let's go ahead and quickly get of that.

07:26.070 --> 07:27.920
And this one, there we go.

07:27.930 --> 07:29.270
We can quickly code that out.

07:29.280 --> 07:30.420
Shouldn't be a big deal.

07:31.200 --> 07:31.920
Log out.

07:31.920 --> 07:33.030
And how do we log out?

07:33.030 --> 07:34.890
That is the big question in front of us.

07:34.920 --> 07:37.410
Now, in order to log out anything, there is nothing much.

07:37.410 --> 07:39.820
All you have to do is request dot log out.

07:39.840 --> 07:43.170
Again, thanks to the passport, courtesy of the password that they are giving it.

07:43.200 --> 07:50.160
Now, we don't want to hang it around up here, so we're going to go ahead and say, Hey, Rez Dot Redirect

07:50.160 --> 07:56.220
and we're going to go ahead and redirect on to slash auth slash login.

07:57.240 --> 08:00.600
So in the case of redirecting, we cannot actually rely on the middleware.

08:00.600 --> 08:04.680
We have to pass on the proper path where we want user to redirect.

08:04.710 --> 08:10.230
Let's go ahead and save this one and I hope you can see this up here that even if I refresh or anything,

08:10.230 --> 08:12.270
my tokens and everything are still there.

08:12.270 --> 08:17.230
But this actually now my logout should be working properly if I log it out.

08:17.250 --> 08:20.610
What I want to show you is what this is comprised of.

08:20.970 --> 08:25.860
So this entirety is really a big kind of a chunk up here that we have got up here.

08:26.370 --> 08:31.370
Now, if I go ahead and hit the log out the notice, it has changed a little bit there.

08:31.380 --> 08:35.040
A lot of time people say, hey, we still have a session token and everything.

08:35.040 --> 08:36.930
So why did it it cleaned it out.

08:36.960 --> 08:41.830
No, it's not cleaned out because these are not log log in sessions now.

08:41.850 --> 08:46.590
It still maintains a session in your application, but these are not log enabled sessions.

08:46.590 --> 08:49.260
So just keep that in mind in case you want to go ahead.

08:49.260 --> 08:50.510
You can clean the cookies as well.

08:50.520 --> 08:54.510
We have seen that in the past, but these are not something that you should be too much worried about.

08:54.510 --> 08:56.460
But again, clearing them is always a good habit.

08:56.460 --> 08:57.090
Always.

08:57.270 --> 08:59.520
Okay, so this is all good.

08:59.520 --> 09:04.500
But I would like to show you just one more last piece of the thing that is not too much important,

09:04.500 --> 09:05.930
but I would love to still show you.

09:05.940 --> 09:07.770
Let's go ahead and catch up in the next video.