he removed that line because previous just a 30sec before he did the same thing thing in middleware where he was checking that condition so that why he removed that from the code .
Fir example there is an ecommerce store and there are users and admins , users can login but can't see dashboard, which means they are authenticated but not authorized to do some functionalities
Hey Piyush, nice explanation. I would like to highlight that you are doing a boolean coercion on string (for authorizationHeaderValue), I would suggest against it. Cheer !
Sir, the projects you have made in this node js series will help us to get a fresher level job for full stack role and can I add these projects in resume or I should make new real world project pls sir suggest me ..
check access token of user ,if access token is expired then check refresh token in db is that is expired or not available then user in logged out else if access token is available then he is logged in ...that's basic concept
when you have a front end application like react or even using an xml request in case of simple js and you send a req on a specific route on server and expect a response. And based on that response you want to redirect or just show user the whatever you requested for is done, in that case you do req.send from server. for example, you created a todo list and you make a request on a endpoint that saves your todo and in response send an object which contains details of todo and a message which you can now render in react or if you are using js, you display some message. On the other hand, lets say you want to login and you fill the details on frontend and make a request on an endpoint which checks for credentials, now if the details are correct, there's no point of sending an object in response, you can simply redirect to homepage from server using res.redirect('/home'). You should know that you can redirect either from backend or even from front end. For example, in login case if credentials are correct you can send an object in response that contains a message that logged in successfully, render it on alert on login page and then redirect to home page from frontend. Its up to you what you want to send from server.
Same problem brother have you found the solution that why he use youtubeapp1 database from nowhere and how can we impliment that in our code please help me brother
same idk why he used youtube-app-1 db here and his code is also working idk how but mine is not working when i hit the url /admin/urls it returns UnAuthorized response then i changed the db to short-url and did the same changes in that db added the role field and updated to my role to ADMIN then it worked idk how his code is working!!!
Hey piyush, bro I'm struggling to complete the web RTC video call video . I am stuck at last . I know you have created s new video. But I want to complete this project it self . So can you please elaborate how to negotiate at the last after connecting.
No offence but i downloaded your whole playlist and finds to much difficulty after URL Shortner since you are just coding and all there is nothing explained why you use this and all
Well that's true but you have to figure it out on your own use chatgpt google etc you will find it easy. yet this is the best playlist I have covered it all except graphQL
Bro please upload the source code.. we follow your code but many times we encounter bugs and takes a lot of time to de bug by going to different parts of the video.
I am having one issue when i am hitting end point with postman getting token in header but when i am hitting that login url from html not getting header
and still i didn't able to understand anything about authorization and authentication at all. Btw great efforts some may understand the whole but i didn't understand the penny.
expected more details as there were in earlier videos. For eg at 9:50 you've removed line no 7 but mentioning the reason for it would've been helpful.
Can you provide me source code bcz my code not working after seeing this video 😢
he removed that line because previous just a 30sec before he did the same thing thing in middleware where he was checking that condition so that why he removed that from the code .
i mean if u have watched earlier videos then you need to be able to understand that much
Amazing, able to understand everything very well.
confusing !
Rewatch the last video and then watch this again for 10 times your homework 😂
Fir example there is an ecommerce store and there are users and admins , users can login but can't see dashboard, which means they are authenticated but not authorized to do some functionalities
Hey Piyush, nice explanation. I would like to highlight that you are doing a boolean coercion on string (for authorizationHeaderValue), I would suggest against it. Cheer !
I didn't know, we can add multiple things while signing JWT.
Thanks
Your explanation is very good
Can you provide me source code bcz my code not working after seeing this video 😢
@@flopgameryt399 const { getUser } = require('../service/auth');
async function checkForAuthentication(req, res, next) {
try {
const tokenCookie = req.cookies?.token;
req.user = null;
if (!tokenCookie) return next();
const token = tokenCookie;
const user = getUser(token);
req.user = user;
return next();
} catch (error) {
console.error("Authentication error:", error);
return res.status(500).json({ error: 'Internal Server Error' });
}
}
function restrictTo(roles = []) {
return function(req, res, next) {
try {
if (!req.user) return res.redirect("/login");
console.log(req.user.email);
console.log(roles);
if (!roles.includes(req.user.role)) return res.end("Unauthorized");
return next();
} catch (error) {
return res.status(500).json({ error: 'Internal Server Error' });
}
}
}
module.exports = {
restrictTo,
checkForAuthentication,
}
Superb video 🎉
can you make playlist for microservices with node & kafka ?
nice and easy
Thanks sir, for uploading this video👍🔥
Can you provide me source code
Amazing sir jee❤️👍
Hi Piyush,
deployed azure api, done app registrations but req.headers.authorization underfined
Sir, the projects you have made in this node js series will help us to get a fresher level job for full stack role and can I add these projects in resume or I should make new real world project pls sir suggest me ..
Helping bro... Nice one
Can you provide me source code bcz my code not working after seeing this video 😢
can you please add the gitub link for this project?
i am getting error at req.headers ["authorization"] it is saying at headers???
OP!
Sir muje confusion hoo raha h 😟 .....Please suggest me some books to learn backend through MERN
26th video completed watching of this playlist thanks piyush bhaiya. can u provide us the code.
Can you provide me source code
how to check the user is logged in or not in reactjs?
check access token of user ,if access token is expired then check refresh token in db is that is expired or not available then user in logged out else if access token is available then he is logged in ...that's basic concept
Guru ji , Please give us sourcecode also to read code for revison. Because our practice code not enough clear to read.
Did you say something 17:11
what did he say?
@Q-Productions23 chu
Hi Piyush,
how can we know when we have to use return in request handler, with res.send or res.redirect
when you have a front end application like react or even using an xml request in case of simple js and you send a req on a specific route on server and expect a response. And based on that response you want to redirect or just show user the whatever you requested for is done, in that case you do req.send from server. for example, you created a todo list and you make a request on a endpoint that saves your todo and in response send an object which contains details of todo and a message which you can now render in react or if you are using js, you display some message. On the other hand, lets say you want to login and you fill the details on frontend and make a request on an endpoint which checks for credentials, now if the details are correct, there's no point of sending an object in response, you can simply redirect to homepage from server using res.redirect('/home'). You should know that you can redirect either from backend or even from front end. For example, in login case if credentials are correct you can send an object in response that contains a message that logged in successfully, render it on alert on login page and then redirect to home page from frontend. Its up to you what you want to send from server.
anyone say error about this block showing error at req.headers ["authorization"]
function checkForAuthentication(req, res ,next) {
const authorizationHeaderValue = req.headers["authorization"];
req.user= null;
if (
!authorizationHeaderValue ||
!authorizationHeaderValue.startsWith("Bearer")
)
return next();
const token = authorizationHeaderValue.split("Bearer ")[1];
const user = getUser(token);
req.user=user;
return next();
}
Why You used youtube-app-1 database to update the user collection?? because in this application you were using short-url database..
Same problem brother have you found the solution that why he use youtubeapp1 database from nowhere and how can we impliment that in our code please help me brother
same idk why he used youtube-app-1 db here and his code is also working idk how but mine is not working when i hit the url /admin/urls it returns UnAuthorized response then i changed the db to short-url and did the same changes in that db added the role field and updated to my role to ADMIN then it worked idk how his code is working!!!
Since you are busy in just coding your project and everything
Hey piyush, bro I'm struggling to complete the web RTC video call video . I am stuck at last . I know you have created s new video. But I want to complete this project it self . So can you please elaborate how to negotiate at the last after connecting.
i was also facing that issue but i have fixed now.
It got bit complex and confusing because of the previous changes made from JWT cookie to JWT response 😵
No offence but i downloaded your whole playlist and finds to much difficulty after URL Shortner since you are just coding and all there is nothing explained why you use this and all
Yes I feel same !..
Same bro
Well that's true but you have to figure it out on your own use chatgpt google etc you will find it easy. yet this is the best playlist I have covered it all except graphQL
same brother
I too feel that
bhaiya great projects kab aayega bhaiya aap project react ke saath banao aur react bhi samja dena aisa theek rhega
Bro please upload the source code.. we follow your code but many times we encounter bugs and takes a lot of time to de bug by going to different parts of the video.
I am having one issue when i am hitting end point with postman getting token in header but when i am hitting that login url from html not getting header
and still i didn't able to understand anything about authorization and authentication at all. Btw great efforts some may understand the whole but i didn't understand the penny.
same brooo 😑😑
how is the jwt token decoded without the key?
bhai apka fullstack project ka link kaha milega?
where to get these videos code on github, any link?
from previous video comment section
in the playlist
Can I get the code
where is the code?
Sir we are waiting for react JS course?
Ayega Ayega, React bhi ayega
Provide the code link or source code please
sir source code bhi de dete .
confused !!!!!
Bro sab video source code do