WEBVTT

00:03.790 --> 00:05.230
Hated everyone that they share.

00:05.230 --> 00:09.970
And welcome back to our user model and if you need to have a little bit more brainstorming session on

00:09.970 --> 00:10.630
this one.

00:10.630 --> 00:14.290
So in the previous one, we saw that how this user model is going to actually work.

00:14.290 --> 00:18.760
We have name, email, password, photo role and created that, but we just discussed that how we can

00:18.760 --> 00:22.600
add more functionality into this, which is actually the forgot password and all of that.

00:22.600 --> 00:24.850
So let's go ahead and why not to add this one as well?

00:24.850 --> 00:27.850
So somebody wants to reset the password or forgot the password.

00:27.850 --> 00:35.560
So we're going to go ahead and call this one as simply reset password, pass word token.

00:35.560 --> 00:40.330
So this is going to be the field where a token generator will generate a token and we'll save it up

00:40.330 --> 00:41.410
here in the database.

00:41.410 --> 00:46.600
Now, similar to this, we will have a reset password.

00:47.470 --> 00:48.760
Expiry.

00:48.760 --> 00:52.930
Now, what this field is going to do, this field is going to be responsible to verify that whether

00:52.930 --> 00:54.400
the token has expired or not.

00:54.430 --> 01:01.390
Now, similarly, you can add up a simple kind of a sign up a verification token and sign up verification

01:01.390 --> 01:03.760
expiry so that we can have these fields as well.

01:03.910 --> 01:08.550
Now, a couple of interesting thing comes up here as well, that if we are going to have a user, obviously

01:08.560 --> 01:13.360
user will have a token JWT token as well to verify and all of doing that.

01:13.480 --> 01:18.130
Now the big question here is that do you want to create a separate functionality of them through the

01:18.130 --> 01:21.850
controller or do you want to add some methods right into the model itself?

01:21.880 --> 01:27.550
Now, a common practice is that in most of the applications, some of the methods are injected right

01:27.550 --> 01:29.470
into the models, which are really the common ones.

01:29.470 --> 01:31.780
So let me just go ahead and add these ones and show you that.

01:31.780 --> 01:35.070
Yeah, these are the common models that we go ahead and place it up there.

01:35.080 --> 01:37.720
I think this is not a good color.

01:37.720 --> 01:39.190
We'll just choose something else.

01:39.190 --> 01:41.020
Let's go ahead and use the purple one.

01:41.950 --> 01:42.400
Okay.

01:42.400 --> 01:47.980
So what we're going to do in this one, we're going to go ahead and first work on with the JWT token.

01:47.980 --> 01:49.780
So why this field here?

01:49.990 --> 01:55.960
Now, as soon as anybody is going to register or maybe in your case you don't want to give a token on

01:55.960 --> 01:58.720
registration, you want to give it token on login only.

01:58.990 --> 02:03.760
But the thing is that no matter what happens, this token creation is inevitable.

02:03.760 --> 02:04.990
This is going to happen.

02:04.990 --> 02:10.690
So rather, if we create a kind of a function right into this model, then we will be able to just generate

02:10.690 --> 02:15.820
a token right out of the box by saying, just like we will be able to access user name, user dot email,

02:15.820 --> 02:20.890
we'll be able to say user dot, get JWT token, and it will make our life so much easier.

02:21.040 --> 02:25.750
Now another thing that we are going to work on is kind of a pre hook, so we're going to inject a pre

02:25.750 --> 02:26.050
hook.

02:26.050 --> 02:28.630
Now you might be wondering why we are injecting a pre hook.

02:28.780 --> 02:33.490
Now we are going to be taking password from the user into a very clear text format.

02:33.490 --> 02:35.800
But do we want to store them in a clear text format?

02:35.830 --> 02:37.140
Absolutely not.

02:37.150 --> 02:43.720
So rather than we previously saw that how we can do this kind of encryption of password in the controller

02:43.720 --> 02:44.230
itself.

02:44.230 --> 02:48.910
But since this is obvious thing, why don't you just inject it up here so that we don't have to do anything?

02:48.910 --> 02:51.760
We just pass on the clear text format to the model itself.

02:51.760 --> 02:55.390
And before saving that, that means pre saving the model itself.

02:55.390 --> 02:59.500
The hook is going to come in and that will collect the password and will encrypt it.

02:59.500 --> 03:02.230
So that would be so much easier for us in the future.

03:02.440 --> 03:08.680
Now obviously we need to have a compare password as well because it's not just the responsibility that

03:08.680 --> 03:10.330
we need to encrypt the password.

03:10.330 --> 03:16.120
We need to also get a method that, hey, there is an encrypted password in the database, so we need

03:16.120 --> 03:16.840
to compare that.

03:16.840 --> 03:21.610
So we'll be passing on the same secret, same number of rotation that we'll be doing, just like we

03:21.610 --> 03:22.510
did that in the past.

03:22.510 --> 03:27.220
And we'll be adding this method also in the in the roll itself now.

03:27.220 --> 03:28.420
Okay, so this is all good.

03:28.420 --> 03:37.480
But also further down the road, we will also create a method which will be get a get for got password

03:37.480 --> 03:39.550
token or any similar name like that.

03:39.550 --> 03:45.430
So why we are creating this one up here now again, this is going to be inevitable if you are creating

03:45.430 --> 03:50.380
a field of reset password, token reset password, then we need to create a reset password token as

03:50.380 --> 03:50.590
well.

03:50.590 --> 03:57.100
In fact, we should call it one as a get reset password token to make it things like more in the flow.

03:57.100 --> 03:59.680
So this is going to be get reset password token.

03:59.680 --> 04:05.140
Now again, if I have something like get sign up verification token, I would love to inject it right

04:05.140 --> 04:07.510
here into the model so that I can use this one.

04:07.510 --> 04:13.120
So not everything is done inside the model as well, but these are a few things or few features that

04:13.120 --> 04:18.310
you are going to see everywhere in the big corporate organization that they love to inject this one.

04:18.340 --> 04:23.500
Now, in case you remember, we have already worked through with the Mongoose model and their documentation

04:23.500 --> 04:27.220
that before exporting the model you need to place all these fields just about that.

04:27.220 --> 04:29.710
So please make sure that you also remember that.

04:30.070 --> 04:33.640
Okay, so this is all the theory that I wanted to talk and discuss about this.

04:33.640 --> 04:35.950
Now our all models and fields are all ready.

04:36.160 --> 04:40.720
In case you have understood, just like 40% of it, that is more than enough you want.

04:40.780 --> 04:43.180
I don't expect you to just understand everything here.

04:43.180 --> 04:47.290
I expect you to understand the things when we are actually writing the code and designing the things

04:47.290 --> 04:47.680
there.

04:47.680 --> 04:50.320
So go ahead and don't worry too much about it.

04:50.320 --> 04:54.220
You will understand each and everything up here that what are these pre hooks and compare password and

04:54.220 --> 04:54.790
all of that.

04:54.790 --> 04:59.080
When we are designing these models, code actually makes things much more clearer.

04:59.080 --> 05:01.900
So let's go ahead and catch up in the next video.