Understanding Authentication in Node.js - Sessions and Cookies - Web Development Concepts Explained
ฝัง
- เผยแพร่เมื่อ 29 ก.ย. 2024
- Understanding Authentication using Cookies and Sessions is a very important topic to understand in web development. I will be using Node.js and Express and MongoDB to build a very basic example of login and register.
In this video I try my best to explain the basic workings of how this process of sessions and cookies work together to make it possible to authenticate users in you website.
I hope you enjoy the video and if you did don't forget to like and subscribe and then I will see ya'll in the next one....🤓
Express-Session Docs:
www.npmjs.com/...
Connect-MongoDB-Session Docs:
www.npmjs.com/...
If you want to know how To implement Authentication when building a RESTfull API go check out my video on this.
My personal website
=================
www.thefullsta...
GitHub Repo for the project code in the video 🤓:
github.com/LloydJanseVanRensburg/Authentication_Node_Sessions_Cookies
Hope you liked this video. In the next authentication video I will be handling authentication from a API using JWT check it out in the web development concepts explained playlist!
Have a great day peace out...
Good tutorial. Thanks!
Awesome and clean tutorial thank you
I was about to comment if you don't put in source code you're gay but thanks
What an amazing tutorial!
I couldn't learn about sessions without this tutorial.
Really love that 😍😍😍
Holy shit bro this gotta be the best, easiest and most straightforward tutorial on sessions. Thank you very much!
Very useful lesson and accessible presentation. Congratulations,
you surpassed the whole Internet. Thank you sir.
Perfectly explained. More information given. This is the best video I ever searched for.
Thank you so much for this wonderful piece I have been looking for a simplified authentication tutorial for so long but could not get one. I was able to follow your steps to implement AUTH using PostgreSQL database. Thanks a million times.
Thank you sir. It was very useful. Today I understood what cookies actually do.
thank you man your lecture really helped me solving my issue
I hope yo continue to make these videos, you have a gift!
Thanks champ
thank you, finally understood how this works
Thankyou for giving this wonderfull class thankyou so much
Thank you
This was very useful for me
Amazing explanation, liked and subbed
Its really good and straightforward video.
thank you, great explanation
best explanation
Good tutorial. Thank you
48hours. I've been struggling to understand those sessions things for 48 hours, making my ways through bunch of tutorials, and you just saved me. more follower
So glad it helped!🤓🤘
Soo good, your tutorials are lit mate💯, subscribed !!
Thanks so much
A very Important question about this tutorial... how do i post the sign up (form) in Clientside Javascript with http post request? i don't see you using it in this tutorial ? do i need a fetch API on the client-side javascript?
Hi, how about expiration? Should we manually remove the session from the db? Or is there any way to do it automatically?
Great video,Thank you so much,But i have one question what is the use of storing the session details in mongodb database?, without storing the session details in database the output of the program is same,hoping to get ans to my question.
Subscribed!
what happens if the cookie expires ??
Hey man so i am going to answer both quesitons. First off sessions is data stored on the server that links to clients cookie. When making a http request in postman the cookie get set the same way it does in the browser and you can view the cookie data under the cookies tab in postman next to the response data.
And a cookie gets delete by the browser when it expires.
@@the_full_stack_junkie wow, this is amazing. Thank you very much 🤗
@@the_full_stack_junkie I've been storing JWTs in local storage 🤦🏽♂️
@@the_full_stack_junkie subscribing now 🏃🏾♂️
In mongoose.connect(), useNewUrlParser, useUnifiedTopology, useFindAndModify, and useCreateIndex are no longer supported options. In new version i.e Mongoose 6 useNewUrlParser, useUnifiedTopology, and useCreateIndex are true, and useFindAndModify is false by default. So not necessary to write them.
I've watched many videos about express-session and you are the first person that explains what is that cookie's purpose. Thank you
Thanks so much very glad it helped champ
what happens when i open two tabs and login from different account on each of them, will the cookie gets overwritten ? How will that work
Think bros struggles with the Rs 💀
I highly recommend this video to beginners... He explained EVERY line and word and code as simple as they could be...
wish he covered the OAuth tho (like google login or other authenticating platforms )
This was so clean , precise and to the point just loved it. thankyou for making this.
So glad it was helpful thanks for the comment
Bro, I watched a few tutorials on this topic but yours was the best.
I am very glad to hear this! Thanks so much for this comment
"so tommy shelby is a web dev now"
think you tho it was very helpful
thank you , awesome explanation
This video is really helpful, thank you so much
wow...excelent explication !!! 👏
Very simply explanation. Thank dude☺️☺️☺️
quick question.. do we need a fetch() API method to send the post request correctly? or is it correct to just use this tutorial ?
Do you mean a custom hook that fetches data?
everything is fine but in mobile browser cooke get destroyed automatically. if i close the browser and open it again.
Yes this is so. Unless you set the expires value on the cookie then ut will only be removed once it has expired
Amazing, clearly explained everything. Thankyou so much for this video.
what is diff between EXPRESS and EXPRESS-SESSION?
Express is web framework for node
Express-session is a middleware package used for reading and crwating sessions
Wow best video I have found tbh on this topic
Thanks a lot for this video. It helped me, a beginner, understand cookies and sessions. Keep on posting!
amazing very helpful thanks
this video simplified the cookie session, thanks a lot live more!
After login successfully, if i change the url to /login and hit enter, it is taking me back to Login page, it shouldn't do that, because the login is successful, it should remain in dashboard page only.
Why 3 people disliked it, they have no soul
This is surely the easiest video about authontication 😍. Thanks bro your are amazing
what happens when i open two tabs and login from different account on each of them, will the cookie gets overwritten ? How will that work
Something's bugging me here. In the middleware isAuth, where does it check if isAuth true? Browser cookie or MongoDB session? If it's browser cookie then anyone can fake isAuth and access the dashboard.
great work made, helped in my project.
this video help me understand the seccions and the cookies of login and logout,after hours and days search ,thanks so much
great video ,thanks very much
Hello,
When I try to go to my dashboard page, I get this error :
Cannot read properties of undefined (reading 'isAuth')
What should I do ?
Hello, I'm using express-session package. When i log in, i see that there is a cookie in the response.
However, when i try to make a new request to the server, I don't see the cookie in the request header.
PS: I'm using Nuxt3 for client side.
I have a question. I wanted to make a forum type site, I would like that after the user is authenticated show on a page as their data such as post, videos, message that he put on the site (through a form) how would I do this?
bruh tysm i hve been strugling over 2 weeks only ur video did it
tysm
Namaste,This is dileep dilraj.Actually I want to scrap a website which asking login to scrap details but the problem is to request the website "we have to now what is in the form" here I cant see details I have to fill in the form and it showing in the form ids: (number) ,Could you please help me to solve this problem.
this is soooo simplified. its like some authentication and authorization courses🥰🥰🥰🥰🥰
So glad you found it helpful 🤓
Thank you so much for this wonderful piece I have been looking for a simplified authentication tutorial for so long but could not get one. I was able to follow your steps to implement AUTH using PostgreSQL database. Thanks a million times.
love it, thank you Teacher!
dude video is amazing but one question:::
what is the purpose of saving the session in database?
please give me answer
below is bullshit, didn't wanted to write but I was forced.... sorry
.
.
.
.
okay I did everything same as the video except that I didn't used connect-mongoose-session at all, it worked the same way, so what is the purpose of saving the session in database, whereas we all know that sessions are used till user close the browser and saving the session in db it's not useful....,
we can use cookies to save userInfo for long period of time...., okay all I need to know is what is the purpose of saving session in database
I have connected mongdb atlas, and connected successfully but there is no "session" database and "my_session" colleciton are being created automatically, as shown in video, why?
Can I use session across multiple modules like
Student Login, register, Logout
Teacher Login, Logout, regsiter
Admin Login, Logout, register???
Not working with reactjs. Cookies is not settinh up in browser
Nice Share , thanks my bro , it's pretty worth for me !
Thanks for positive feedback back champ
Nice & to the point! Great!!
Thank you so much, I was searching the web for a good understanding of these subjects and you explained them very well my friend!
Wow, this video is amazing!!!!!Thanks so much it wouldn't have been possible to understand this without your video!!! I could deploy my app finally thanks to you!!!
outstanding tutorial man, thanks so much I learned a lot
Thanks for the comment, glad you found it helpful 💪
what happens when i open two tabs and login from different account on each of them, will the cookie gets overwritten ? How will that work
Great Video, Thanks for this
I have watched many videos but did not get clear picture of how the session is working. your video has cleared my lots of doubts, Thanks for such a wonderful tutorial.
As others have said I also watched many videos about this but this is THE BEST, it's just so clean, straightforward, it's amazing, thanks!
The explanation is very clear
If I am using react and routing on the frontend, how do I check if the user is authenticated to route them to protected pages?
thank you very great and informative video... people are just tend to sue lot of addons or libraries , but from your video we can understand basic fundalmentals of authentication in nodejs using simple cookies and a database.
great video... thanks 😍
omg I think it's just me but that "r" is soooo distracting!!!! XD just curl your tongue man! not that hard XD
thank you so much
one of the clear video on the express session very very thank you Junkie
Thank you so much for the video. Your video helped me so much with the login and logout section.
omg!! finally, I found a good video about authentication, thank you for this great explanation
Yes I agree. Very good explanation. I watched many videos, only this made my work finished
Thank you so much for making this. You explained it well. Thank you
man, this is the best video on how to do a simple authentication on nodejs! congrats!!
Thanks man it was helpful
thank you so much
Whenever I clicked on logout button. Session is not getting deleted from Database
Best explanation !! thank u so much
You are welcome! Glad it was helpful.
Thank you for the Tutorial.
But I have a question.
Just After you installed the session middleware, you did this;
req.session.isAuth = true and it affected the client by giving you a cookie ID on the browser without you needing to send a response.
How is this possible. I thought the only way for the server to communicate with the client in a http transaction is through the response object.
I'm really confused. I have been searching Google to see perhaps there is some Abstraction in the session Middleware that I am not aware of.
Thank you.
Yeah I am having the same doubt. If isAuth is set true by client, then dashboard is viewed without verification of if session is valid or not.
Dude!!!! I finally get it!!!!
Thanks for the video man. How do I go about authorization? Do I just store a property in the session?
Thank you very Much.
Finally, I figured out user authentication thanks to your video, thanks a lot.
One little question: Is "isAuth" special method of express-session module? Ican't find it in documentation.
No, is just an attribute he creates to store the boolean. You can name it however you want.
Great sessions tutorial!
I'm really thankful that you solve my problem I was stuck like from 2 days and I don't get it why my session and passport auth not working. Your method of teaching is more calm and understandable. I'm really thankful to you
Thanks for kind words 🙏
thank you... so understandable.. best taught ❤️❤️
I'm a little late to the party, but I have a question: if I somehow obtain the ID from the session cookie of another user and manually insert a cookie into my browser, can I log in to that user's session? If so, is there any way to prevent this?
what happens when i open two tabs and login from different account on each of them, will the cookie gets overwritten ? How will that work
You've got an Afrikaans accent.
That is correct
Am the type that really found it hard to understand but this video is solid Gold
Nice tutorial man!!! You really explained everything so well. Thanks 😊
Thanks for comment champ hope to keep making content that helps
This is super helpful
What we are taking req session.isAuth = true. And what if we not initialise it?