User Password Authentication | Node.js & Express Tutorials for Beginners
ฝัง
- เผยแพร่เมื่อ 15 ก.ค. 2024
- Web Dev Roadmap for Beginners (Free!): bit.ly/DaveGrayWebDevRoadmap
Add user password authentication to your Node.js & Express app. In this tutorial, you will learn how to add user registration and authentication routes. We'll hash and salt passwords user passwords for safe storage, too.
🚩 Subscribe ➜ bit.ly/3nGHmNn
🚀 This lesson is part of an Node.js & Express for Beginners tutorial series playlist:
• Node.js Tutorials for ...
🔗 Starter Source Code: github.com/gitdagray/express_mvc
🔗 Completed Source Code: github.com/gitdagray/user_auth
User Password Authentication | Node.js & Express Tutorials for Beginners
(00:00) Intro
(00:05) Welcome
(00:32) Simulating a users database
(00:57) Two routes are needed
(01:09) Create the register controller
(03:00) Install bcrypt dependency
(04:07) Handle new user request
(07:55) Hash and Salt passwords with bcrypt
(12:34) Create the register route file
(13:50) Add the route to the server
(14:13) Start the dev server
(15:13) Test the register route
(18:21) Create the auth controller
(22:57) Create the auth route file
(23:43) Add the auth route to the server
(24:03) Test the auth route
📚 References:
Bcrypt: www.npmjs.com/package/bcrypt
How to Safely Store a Password: codahale.com/how-to-safely-st...
MDN: HTTP Response Status Codes: developer.mozilla.org/en-US/d...
📚 More References:
Node.js Official site: nodejs.org
NPM Official site: www.npmjs.com/
Express JS Official site: expressjs.com/
MDN CORS: developer.mozilla.org/en-US/d...
NPM CORS: www.npmjs.com/package/cors
✅ Follow Me:
Twitter: / yesdavidgray
LinkedIn: / davidagray
Blog: yesdavidgray.com
Reddit: / daveoneleven
Was this tutorial about user password authentication with Node.js and Express JS helpful? If so, please share. Let me know your thoughts in the comments.
#user #password #authentication - วิทยาศาสตร์และเทคโนโลยี
Dave,
I cannot express my gratitude in words. This course has everything. Thank you so much!
Keep it up Dave, learning a lot from you applying your signature comprehensive style to Express!
Thank you, and glad to hear it! 🙏💯
I have this huge class project that I accidentally put off until the last 2 weeks before the discussion so i'm cramming your playlist in hopes it'll give me all I need to finish my project. And even though I'm a complete web dev beginner I can still follow along because of your way of explaining things you don't let any part slip you always refer to where it came from!
Thank you so much :")
Sir ! You are of the best tutors available for us on youtube :)
Thank you very much @DaveGrayTeachesCode. This course is awesome. I am a C++ developer having 2 decades of experience and now I have shifted my Gears towards Web Programming. You session has provided excellent confidence to me and I am able to design the MVC using MEAN stack. Thank you very much. I have subscribed to your channel and seeking your support for my career growth. :)
great ! i hope that transition from C++ to JavaScript wasn't too rough.. that was my case at least haha. good luck, friend
Knowing now much more then I did 8 months earlier (When I first saw this video),
I came back to watch it, and I appreciate it a lot once again and even more...
Thank you.
You're welcome!
Dave:
Thank you very much for this wonderful course.
It is the best there is, especially for a clear explanation
You're very welcome!
This is so informative and entertaining.
I can't thank you enough 🙏
You're welcome, Fares!
I have watched many videos in English about coding which were difficult to understand for me, but your pronunciation is very excellent, and easy to catch it.
I appreciate your effort.
Glad it helped!
The only teacher who uses proper status codes!!!thank you sensei
Many apps require user authorization. In this tutorial, we will create registration and authorization routes in Express and handle the necessary logic required to create new users and authenticate users once they exist. If you are new to Node & Express, I suggest starting at the beginning of this Node.js for Beginners playlist found here: th-cam.com/play/PL0Zuz27SZ-6PFkIxaJ6Xx_X46avTM1aYw.html
Thanks so much, Dave; it is a valuable Node and express.js course for free.
You're welcome, Mohammad! 🙏💯
you just the best of the best, thank you very much.
Really great tutorials, much appreciated!
Glad you like them!
You re awesome Dave. Thank you so much for wonderful videos.
Thank you for the support!
thank you so much sir, I have learnt most of what I know from you for free, you truly are an amazing person
You're welcome!
very nice course ,i am learning nodejs first time, glad i come to this channel recommended by my boss
Welcome aboard! And thanks to your boss for the recommendation!
Excellent now follow your channel muy respect from Dominican Republic
Thank you, Ricardo! 🙏
Perfect tutorial.
Glad it was helpful! 💯
Thanks Dave.
Welcome!
u r very good teacher. thanks for video.
You're welcome, Arman 🙏💯
Amazing tutorial thank you
Thank you!
Thank you very much.
In this lesson (such as the previous one) -
Thunder Client doesn't respond to requests
While the server runs on port 3500.
It is just at status of endlessly "Processing...".
It did work well in the Router lesson.
I do not have that problem with my code here. There must be a difference in there somewhere.
Keep it up dave....excellent video ...please more video like Node JS microservices crash course
Thank you Deepak 🙏
This series is complete now ???
@@DeepakGupta-hj2dv not yet. Protecting routes with JWT is next followed by MongoDB integration.
@@DaveGrayTeachesCode okk more video rest api integration
Спасибо большое Дэйв! Супер уроки! Очень хотелось бы PERN плэйлст
Thank you and thank you for the request!
Thank you sir😀
Most welcome!
Cool.
if you add about google auth and facebook auth logic (how to store in database and how to manage session) this lecture it will be perfect :)
Those are good additional lesson suggestions - thanks!
Still waiting for this though, thanks dave.
🚀
Just something I noticed - around the 8:00 mark, you comment that you're about to encrypt the password and you go on to hash it. Aren't those two fundamentally different? Or am I missing something?
Loving the tutorials!
Thank you! Yes, the terminology overlaps a little. We're using the npm package bcrypt, but it does hash the password. Reference here, too: stackoverflow.com/questions/9035855/is-bcrypt-used-for-hashing-or-encryption-a-bit-of-confusion
Hi Dave! Wonderful tutorials as usual so thanks for that first and foremost. I'm having a little problem though in testing the duplicate user entry function. My api request just hangs and eventually times out. For some reason, it appears it doesn't like only trying to send a status response without any message? Once I added ".json({ message: `User ${user} already exists.` })" to the return statement following "res.status(409)" it works. Any idea why? Is it always necessary to send a response message of some sort with a status code?
After building the authController, I realize it appears we must use sendStatus instead of just status. :)
Consider this from the docs: expressjs.com/en/5x/api.html#res.end
Dave, how is it that we can work with the data from users.json without using JSON.parse()? Does require() already parse the strigified data?
Good question. We didn't use JSON.stringify on the data in the json files either.. so JS just looks at that data as an array of objects when we import it.
@@DaveGrayTeachesCode Right on. Thanks for clarifying
Can you do a tutorial on how to secure routes and database production level
If you continue in this playlist, you should see how routes are secured for the backend. If you want secure routes for the frontend, checkout my React Auth playlist.
@@DaveGrayTeachesCode Appreciated. I am just getting into dev and found your tutorials very helpful so far. Will continue down the line
Hi @Dave first of thank you very much for your tutorial series. i am having an issue. while i send a request for new user i get this error "Connection was forcibly closed by a peer." but on the users.jason file i can see the new user. why it is happening?
Check your object key for username and password. I mistakenly spelt password as paswword and already registered a user. When I decided to authenticate, it threw the error same as yours. So I had to delete the content of users.json and checked my object keys spellings, if they are same as what I have passed in the logic for auth and register js files.
In addition check the error message in console to trace the exact area the error is coming from, that's the file tree. Hope this helps
my refresh token is not working. I keep getting 401 un authorized. I downloaded the git repo and added my .env file but same issue. I dont have any error in my terminal, and not sure where exactly to look
You may need to add secure: true in the authController when the cookie is issued in the Node.js code.
Until now, we have created three routers (employees, register, and auth) rather than root. You put employees router in the api folder, but you did not put register and auth routers into api folder. It seems that they too seems api. Why did not you put them into api folder? I think your answer will make me clear regarding the definition of API.
It is all in how to you choose to set up your routing. You can look ahead in the course resources and see that I create routers for all of the main routes, but I chose to make an api directory for the routes that provide data - both users and employees. github.com/gitdagray/mongo_async_crud/tree/main/routes
Hey!
When I deleted the employee 2 then created new employee, new employee id was added as 4, how can i make it fill in the id that been deleted??
Filling in a number that was deleted is not usually a good idea. It could possibly link to other things from the previous user account. Always create a new id.
@@DaveGrayTeachesCode I see! And WOW! Thanks for really quick reply!
I'm getting this strange error that I can't locate:
[nodemon] starting `node server.js`
C:\Projects\Dave Gray\BackendServerTuts\ExpressTutorial\UserPasswordAuth
ode_modules\express\lib
outer\index.js:502
this.stack.push(layer);
^
TypeError: Cannot read property 'push' of undefined
at Function.route (C:\Projects\Dave Gray\BackendServerTuts\ExpressTutorial\UserPasswordAuth
ode_modules\express\lib
outer\index.js:502:14)
at Function.proto. [as post] (C:\Projects\Dave Gray\BackendServerTuts\ExpressTutorial\UserPasswordAuth
ode_modules\express\lib
outer\index.js:509:22)
at Object. (C:\Projects\Dave Gray\BackendServerTuts\ExpressTutorial\UserPasswordAuth
outes
egister.js:5:8)
at Module._compile (internal/modules/cjs/loader.js:1063:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
at Module.load (internal/modules/cjs/loader.js:928:32)
at Function.Module._load (internal/modules/cjs/loader.js:769:14)
at Module.require (internal/modules/cjs/loader.js:952:19)
at require (internal/modules/cjs/helpers.js:88:18)
at Object. (C:\Projects\Dave Gray\BackendServerTuts\ExpressTutorial\UserPasswordAuth\server.js:28:22)
[nodemon] app crashed - waiting for file changes before starting...
Anyone have an idea how to fix? It happed at 15:13 when initially starting the server for this video.
The error happens in your code here: server.js:28:22 ..which means line 28 at character 22. And "TypeError: Cannot read property 'push' of undefined" means you are trying to use the "push" method on something that is undefined.
This video is very useful and all but, would of been better if you actually used a real database instead of just a json file. The reason being is that if someone is trying to learn User Password Authentication and watches this video its not even close to a production state they would need to change the code to work with their preferred database which means totally different syntax ect even if you showed in this video how to convert it to use mongodb or postgress ect would of been fine but from what i can tell you don't.
Thanks for the comment. I will be introducing MongoDB in this series and replacing the dev JSON file... but I wanted to develop all Express routes first. Then the Mongo tutorials could be subbed for Postgres, MySQL or something else as well. Kind of like a book with chapters that build on each other.
@@DaveGrayTeachesCode O okay, I didn't know this was going to be a series usually the video is in a playlist or has a number associated with the series. Its looks like a one off video which is what led me to the feedback above. Anyways, i'm looking forward to this.
@@TheNamesJT no worries! Yes, still building out the Node.js & Express for Beginners. The goal is to cover the full MERN stack when combining this series with the React series. Thanks again for the comment!
by the way there's a shorter way of writing a function inside an object
{ myFunction: function() { this.a = 1; } };
can be shortened to
{ myFunction() { this.a = 1; } };
Good advice!