Access Refresh Token, Middleware and cookies in Backend

A small bug in code, if (!(username || email)) . Jab video dekhoge to aa jayega smjh. GIthub pe b add kr diya h code. Next video me krte h discuss
hitesh.ai/whatsapp

Hello Sir, after 7 years I started coding again, because of some financial issues i cannot pursue my studies, and i have to work in another field because of availability of other jobs. I manage my time at night to gain my knowledge in coding and YOU are the main reason Sir. Thank you.

Todo's for login ( dnt know if its good )
- take input from the user from the login page.
- save it in a variable
- apply check ( as per js series form handling part ) if the username == username && password == password . Then perform some action.
- call mongodb to check the db if there is any user with the same username ( email in case ) is present or not , if not throw err . And redirect to register (dnt know how, will plan if situation arise)
- if username/email present. Then get its _id and store it in variable
- retreive username and pass from that variable to check if both are same or not. If no then err
- if yes then redirect it to the page we want
( Dnt know the use of refresh token. Actually i didnt get it by now. I hope I will understand after seeing how u are using it ) , now continue to the video...
-

After reaching new goals in playlists, 1. completed js series, build some small projects along and after, 2. completed react series, build two mega projects one along one after, 3. now watching this series, now confident enough that writing code just when you explain the functionalities, hat off.
P.S: completed all 3 series consecutively.
Great respect Sir

Hi @hitesh, Thanks for this series. I love it :) . I wish you to plan for MERN interview guide series, it would help many ❤

User ko login karne ke steps:
1. Get data from user.
1.5 . Validate the data as per your need.
2. Check if the user already exists or not , if not then give error
3.Save the email and password in jwt for further uses like not to ask the user to login again and again .
Mujhe to itna hi knowledge hai abhi tak. Dhanyawad 🙏

Great to see u back! btw we gonna make frontend for this after this series? just a random thought came into my mind as u showed us the app in the very first.

sir is not just a coding teacher hithesh sir is coding legend no doubt ❤

Sir we really appreciate the fact that you are providing quality knowledge and making it accessible for everyone!

Sir, the effort you put into each tutorial is highly appreciated. Hitesh sir is one of the best things I got from TH-cam. Wishing you a long life and good health from Bangladesh.🙏

This is the best videos you can find on internet... University should also suggest this course students because they don't teach you like this

Waah sir, itna bada lecture!!
Bohot achha laga pura dekh ke.
kaafi kuch cheezein clear hui aur nayi nayi cheezein seekhne ko mili
Thank you 😊

6:15 I think sir,
step01 => get user's email id and password
step02 => primary validation(empty field or not)
step03 => check if user already exists then generate access and refreash token
step04 => give the user accessability to log in
step05 => remove the tokens from the field
step06 => if user email and password not match route the user to the sing up page

Yes Sir, pura samjh me aarha hai. Ho hi nahi sakta hi aap samjhaye or hume samjh na aaye.. 🙏🏻🙇🏻‍♂

this was such deep and in depth lecture ,completed this in 2 days in 2 sitting ,each minute was worth it

47: 40 bilkul hitesh bhai... main masla e yahi hota ha k value aa kahan s r ha... good👍👍👍👍 from kashmir

todo's->
get the user info from fronted(username,email,password)
make a db call to find the user
if the info is wrong or empty then throw error
generate the refreshtoken and accesstoken, set duration for them

1. Fetch req body
2. Check if user is exist.
3. Check user crendtails are correct.
4. Generate access & refresh token.
5. Save refresh token in DB
6. Return access & refresh token to client.

Padharo Mhare Desh ................. My fav Rajsthani folk song

Thank you for explaining everything in such a great way

Ram Ram Sir G
jwt token ka aisa use abhi tak nhi kiya tha,maja hi aa gya

Nice video on how to use cookie, refresh token and access token
Now it clear as crystal !!!

steps to follow for user login : tried to write it before watching the whole video(might not be totally correct )
1->get username and password from front-end( req.body)
2->check for user existence in the database using username and through 'User" object
3->validation of password
4->if all steps passed ->user login successfully
At the end Thankyou so much sir for this amazing channel ❤

Todo's login user
- get the value for user
- check the value is not null
- validation - check value empty
- if the data is save then user is login.
- assigned access token
- and successfully user is login

Todo's for login:
1 validate email and password field must not be empty
2 find the user with email and check if password matches nor not using bcrypt
3 if password matches than create access token and refresh token.
4 save refresh token in database and send them to the client for storing in cookies

06:33
1. User enters the credentials
2. We check the credentials if correct
3. We loggin user
4. And using refresh token we make user to login for a particular time..
Caution :- I'm not understanding this project properly but I'm try my best after completing I'll come again and practice again

To login a user:
1) get the data from user
2) validate it (whether all fields are provided, then whether the user exists)
3) I guess then, return the access token and refresh token to user to access all other resources.

6:17
Todo for login :
Get input from the user
Validate the input data
Check whether this email exists in the database or not
Then hash the given password using bcrypt and compare it with the stored one
Then give response to the user

bhai ye tutorial really is something else insights are crazy

todos for login
1. get the data from the frontend
2. check if the user has access token
3.check if the user has refresh tocken if do not has access token
4. check in the database
5. redirect to the homepage

best backend course on youtube

Very nicly explained. Waiting for the refresh token related video.

1 input of the credentials
2 validation of the credentials
3 if credentials matches with what present in db login the user
4 generate the tokens
5 if user returns then check the tokens if it matches with the tokens present in the db login the user without taking the credentials
6 return the necessary response

//steps for logging the user in
1. take credential as input from the user
2. check is the given credential matches with the ones in the database (thiis method should be strictly await)
3 if the credential match then log the user in and assigned a acess token and
if the credentials do not match then show a pop that the user need to register first and redirect to the registration page

boht achhe se samjhaya apne, thanks

1. we take request from user like email and pass
2. we do validation user exist or not
3.if extist we send him response with refresh and accesstoken

Good to see you again sir, I hope you are feeling better now. I wanna tell you something, your teaching skills are so polished and attractive. I hope you are always here to guide us.😇😇😇😇😇😇

Dear Hitesh Sir, thank you for the incredible Backend Series. Love this series. You are providing valuable knowledge and insights with industry grade practices.

login user:
1. take data from user using frontend.
2. Now validate it with data stored in a database
3. also check the refresh token
4. if user is valid user, then login the user, otherwise throw an appropriate error to user

Such in depth explanation thank you!

To Login an user algorithm--
1. Retrive data from frontend
2. Check whether field is not empty
3. Compare the input with credentials
4. Send the success response and access token

6:20
Login the user steps
1. define the createria from which the user can login and get the data from the user
2. validate that received data is not empty
3. validate that user is already register then he/she can login na with email or with username
4. compare the password with password entered by the user and the password which is saved in the database (MongoDB)
5. after login generate accessToken for logined User
6. return login user

1. get user details
2. check whether user exists in db
3. check whether password matches
4. give access token and refresh token to user
5. Logged In

// stap 1 = coming data from req.body
// stap 2 = find the user
// stap 3 = checking user name & passuord
// stap 4 = if user dont have user name & passuord than match RefreshToken witch saver in data base
// stap 5 = send cookie

Login user:
1. take email and password i/p from user.
2. check for validation incase they are null.
3. if proper then check in db if the given credentials are of any registered user.
4. if not registered then prompt to sign up first
5. if registered provide him with access and refresh tokens.

Step 1 : Take Input From user
Step 2 : check user with This credentials exists or not
If not Than Throw Error "user not exists pleases register first
Step 3 : if credential's are matching than allow user to log in

amazing session sir. Thank you 😇

this is called real production level code❤❤❤

1. Get username/email and password from frontend.
2. Validate - any field empty or not
3. Check any user with same username/email exists or not in database.
4. If exists, validate if the given password is matching with DB password or not
5. If password also matches then generate access token, refresh token and return response data.

You are great hitesh sir ❤❤

Todo for login
1. Req body data
2. Access with username or email
3 find user in db
4. If available then check for password
5. Send access token

Best backend course ❤❤

Amazing sir....top nauch video sir ..thank you

Sir back again to backend series and fire.!.!.!.!

check validation - not empty
check if user exist
check if pass word matches the user
send user info in an object back

1. get a username,email,password ,
2. valaidation for username , email , password , is not empty
3 . check the email id is not register then back to signup form
4 . generator the access token and refresh token to the correct user email id
5. get response
6. any error to the handle catch block

Sir mujhe access and refreshtoken hi padhna tha thank you

I have gone through so many tutorials but never came accross such quality content, the thing is stuffs are not tough it's the instructors who decide wether it is going to be simple aur tough. You doing great job @chaiaurcode #chaiaurcode #backenddevelopment

thank you so much sir, your ability to impart knowledge with such passion and patience is truly commendable 🙏

Sir, feeling so lucky to be a part of this community.

Good Evening with a cup of Tea Sir.

1 : get login credentials
2 : check if the fields are correct
3: send the access token and refresh token to the user..

this is a great course ever

Now lagend is coming back after a long time ❤❤❤

great to have you back

//1. get data from the user
// 2. check the user registerd or not
// 3. if user is registerd then give the massage and access token to the user

1. Get user details from frontend : email, password
2. Validate user details
3. Check if user exists
4. Check if password matches
5. Create access token
6. Create refresh token
7. Save refresh token in database
8. Send access token and refresh token to frontend
9. Return response

Best explanation ❤❤

Ha Bhai ji man ga than bhot bhot dhanyawad

To do for login
1) Check if user exist in db
2) Compare password
3) show login message

Steps for User login:
Take Input of Username and password
check username and password from the db
provide user with access and refresh token
login the user

Nice playlist Sir!!!

58:05 what will be the good approach ? updating refreshToken by undefined or by empty String (" ")?

39:09 next lagega 😁

great lecture❤❤

🌟🌟🌟🌟🌟 Thank you so much for creating and sharing this amazing content! 🙏 Your videos have been incredibly helpful and insightful. I appreciate the time and effort you put into each video to make it both informative and engaging. Keep up the fantastic work! Looking forward to more valuable content from your channel. 👏

todos to login the user
1. destructure the username, password from req.body
2. check if user exists , if user exists check weather the password is correct or not
else when the user do not exist ask for signUp
3. if the password is correct login the user else throw an error of incorrect password

Todos for login
1. take email , password - request body data
2. verify email , password,
3.access token , / refresh token
4. send cookies
5.message you are successfully login

50:10
But isnt it already wrapped in asyncHandler. Why do we have to wrap it again in try catch block

Very excited ❤

Hitesh Sir on fire 🔥

step 1: required input field username and password
step2: validate input field
step3: generate an access token and refresh token
step4: set token expiry session
step5: when user come on-site give user access using there valid refresh token
step6: and generate new access token

1. get username or email and password 2. check if user account exists or not 3. verify user from db, response

// 1. First take the input from the user
// 2. validate the data filled by user
// 3. check whether the user exist or not if not then ask to register first else move ahead
// 4. generate access and refresh tokens
// 5. save the refresh token to the database
(DONT REFER THIS AS IT CAN BE WRONG, ITS PURPOSE IS TO ANSWER THE QUES ASKED IN THE VIDEO)

Following steps is followed when we signin the user
1. Get the details from frontend
2. Validate the information
3. Decrypt the password as it was in encrypted form
4. Compare the Values
5. If Value is true then Redirect the user to the next page
6. If Value is false then Give the ERROR to the user

check against username, password
use kind of bcrypt (decryption) mechanism

MAZA ARAHA HAI PARNE MAI.

Great lecture

Todos :-What we need from user is email ,password ,username,
what we need to check is the email or username & password provided by user matches the users details in backend and further we need to give him a login session we need to send a login success response

Target 🎯 completed ❤

get data from frontend
validate the data
check if user exist
if exist login

Thank you so much for the wonderful videos. Learning a lot.
Just had one doubt why we are throwing error and not sending appropriate response to api request.
For example when user does not give correct access token, sending response with appropriate status code and message.

login todos :
1) Get User Data (email, username, password)
2) verify password and encrypted password
3) check for access token
4) generate refresh token if user click on remember me

ok sir jarur banega benchmark

Great content sir..

1. take username/email and passowrd
2. check in the User database if it exist
3. check password also
4. direct to home route
bss yahi dimag mein aya

Quality content no doubt

//check for access token
//if not take input from frontend
//validate from database
//if validated send the response of all the fields except password and sensitive info

Todo:
Get data
Check field null or filled
Verification with database
Send success and token

1. Get user data
2. Empty usernane Or email validation
2. Find user
3. Password check
4. Login
I might ve sooooo wrong TwT