There's a bunch of videos out there on how to setup authentication and authorization in Nestjs, but man this explains smoothly! Thanks for an awesome video!
Thanks for your tutorial on guards. I made my own decorator I can apply to any module and selectively limit access for users. I set permissions to a token like "videos" or "content". Depending on what is attached to a specific token, it limits user access. You saved me a lot of time with the guard decorators. Thank you.
Thank you for your content , it is amazing so far one comment is you could built a token service where u verify and generate accessToken/refreshToken ...etc
@@eduardojavier9577 I just apply to any works available and got in as FRONTEND Dev,but after a year suddenly i moved to another project but now i have to be BACKEND, same JavaScript but another frameworks that i not familiar with, so a lot of time i just copy another code and modified it a little bit
@@eduardojavier9577 i just apply to any work that i get from internet, i got in as a FE at first year, then get transfer to another team but as BE and using NestJs, maybe cuz it javascript, at first i just copy code i mean i'm not familiar with this framework, that why i search video about it and see this video
@vutlharimhlongo4476 I'm working on it and I can't wait to publish it. it's going to be 🔥💪 By the way is there any particular area or topic that you find particularly challenging in NestJS?
@@TechVisionExplained That'd be. TypeORM relations, Microservices inter communication (user service to booking service to fetch user's booking info), Messages queues, Containerization, CI/CD for microservices, Authentication in Gateway microservices model and where to validate authentication and drop requests.
Is it possible to make a tutorial on how to integrate NestJS with supabase for Auth ? Or how to connect nextjs with NestJS and supabase ? That would be awesome! Keep up the awesome work.
Please do beginner to advanced full course with each topic. Use mock data so people use whatever they want as db. include guards, custom pipes, tips along the way.
I really don't like to answer "It depends", but it does 😅. You are not the first one to ask so I'll be covering the different types of auth with pros and cons in a video.
With the default CLI command you always get the test file indeed. I create so much tutorials these days that I wrote my own script to remove all the boiler plate and only keep the root module. I might share the script in a community post If I get some time 🤞
We are validating the username, password as part of login api using nest js, but this is not entirely fullfiliing the complete backend login api btw. Can you make the video that completely give registration, login together with mongodb or postgresql, so that i will get the full confidence with the nestjs auth flow. It would be better if you make this video this month or next month 🎉😅
Thank you so much @omarsalah4252 for showing your support, it means a lot to me. I've been enjoying making these videos, and I have a lot more coming :)
Beginner question: is it safe to send the password in a request? Is it possible to catch that package in the middle? I know the hash is used for it, but implementing a hash on the client side and sending it to compare hashes on the server side sounds the same. Will it be safe? How to make bulletproof secure auth?
Hello @spamcolector TLDR; If you use HTTPS then it's safe. Is it "bulletproof"; No Every auth solutions has downsides and risks associated. Most of the time you would choose a solution based on the risk, effort and requirement of your product. There are many solutions to choose from and some of them don't even involve a password. For example Magic links. But that would mean sending emails to users handling links expiration etc... Is the added complexity worth it? If you use HTTPs there isn't really a point hashing the password on the client side, because the data transferred is encrypted anyway. The reason why you don't want to store the password in clear is to prevent anyone with access to the database to have access to the user password and you don't want that password to also appear in logs and other code traces. hope that answers your question
![[Gegagedigedagedago] NEW Help Gegagedigedagedago Nugget escape from Nikocado Avocado Challenge](http://i.ytimg.com/vi/hJWnwRC2Fz8/mqdefault.jpg)
There's a bunch of videos out there on how to setup authentication and authorization in Nestjs, but man this explains smoothly! Thanks for an awesome video!
Too few visualizations and comments for a really useful video like that. It deserves more! Thank you.
man your videos are awesome and that smile is so contagious, thank you so much!
Thank you for the positive energy 💜
I can't stop watching your content-many videos are well-explained in just ~30 minutes. You'll reach 100k subscribers soon!
Thank you for the kind words and the support 💜
Your videos are very well done. Looking forward to more content.
Man, first video I watch from your channel and you have such a great content, keep it up, you deserve to grow here
Thanks a lot @amaury_permer. This really means a lot to me to know that you are enjoying the content on this channel
Thanks for your tutorial on guards. I made my own decorator I can apply to any module and selectively limit access for users.
I set permissions to a token like "videos" or "content". Depending on what is attached to a specific token, it limits user access. You saved me a lot of time with the guard decorators. Thank you.
Thank you for your content , it is amazing so far one comment is you could built a token service where u verify and generate accessToken/refreshToken ...etc
in my work using nest js, but i'm not really know nest js , just copy the code that already there, but this make it clear, thanks man
Really glad it helped, thanks for the comment really appreciate it 💜
share information about how to get a work the same way you get it 😎
@@eduardojavier9577 I just apply to any works available and got in as FRONTEND Dev,but after a year suddenly i moved to another project but now i have to be BACKEND, same JavaScript but another frameworks that i not familiar with, so a lot of time i just copy another code and modified it a little bit
@@eduardojavier9577 i just apply to any work that i get from internet, i got in as a FE at first year, then get transfer to another team but as BE and using NestJs, maybe cuz it javascript, at first i just copy code i mean i'm not familiar with this framework, that why i search video about it and see this video
When are you dropping your NestJS course? It would be great to have an intermediate-to-senior level course! 🔥
@vutlharimhlongo4476 I'm working on it and I can't wait to publish it. it's going to be 🔥💪
By the way is there any particular area or topic that you find particularly challenging in NestJS?
@@TechVisionExplained That'd be. TypeORM relations, Microservices inter communication (user service to booking service to fetch user's booking info), Messages queues, Containerization, CI/CD for microservices, Authentication in Gateway microservices model and where to validate authentication and drop requests.
Good job man, really good video. Nestjs course coming soon? 😊🎉
Working on it, aiming to release something huge before the end of 2024 💪
please create a complete series on nestjs from basic to advance and also cover the sequelized orm
Is it possible to make a tutorial on how to integrate NestJS with supabase for Auth ? Or how to connect nextjs with NestJS and supabase ? That would be awesome! Keep up the awesome work.
Please do beginner to advanced full course with each topic. Use mock data so people use whatever they want as db. include guards, custom pipes, tips along the way.
your videos are so valuable, thank you so much.what are your thoughts about cookies auth?
I really don't like to answer "It depends", but it does 😅. You are not the first one to ask so I'll be covering the different types of auth with pros and cons in a video.
@@TechVisionExplained thank you so much, I really appreciate you.much respect
This is the best tutorial of authentication, thx!!
Implement it with database and also do authorization and 2fa as well.
Thank you 💚
Great work bro, keep it up we will push you there.
Very good tutorial! Thanks.
Great video! Thank you!
Glad you liked it 👌
How did you start a new Nest app without tests? There's no "--no-spec" option in "nest new".
With the default CLI command you always get the test file indeed.
I create so much tutorials these days that I wrote my own script to remove all the boiler plate and only keep the root module. I might share the script in a community post If I get some time 🤞
THANKYOU!
We are validating the username, password as part of login api using nest js, but this is not entirely fullfiliing the complete backend login api btw. Can you make the video that completely give registration, login together with mongodb or postgresql, so that i will get the full confidence with the nestjs auth flow. It would be better if you make this video this month or next month 🎉😅
clean video nice editing skill and also informative keep uploading
Thank you so much @omarsalah4252 for showing your support, it means a lot to me.
I've been enjoying making these videos, and I have a lot more coming :)
Very useful ! 🙏🏼
You’ve got a great smile 😬
Thank you for your comment @ajalasegun1
Thanks bro
Thanks! U great
Beginner question: is it safe to send the password in a request?
Is it possible to catch that package in the middle?
I know the hash is used for it, but
implementing a hash on the client side and sending it to compare hashes on the server side sounds the same. Will it be safe? How to make bulletproof secure auth?
Hello @spamcolector
TLDR;
If you use HTTPS then it's safe. Is it "bulletproof"; No
Every auth solutions has downsides and risks associated. Most of the time you would choose a solution based on the risk, effort and requirement of your product. There are many solutions to choose from and some of them don't even involve a password. For example Magic links. But that would mean sending emails to users handling links expiration etc... Is the added complexity worth it?
If you use HTTPs there isn't really a point hashing the password on the client side, because the data transferred is encrypted anyway. The reason why you don't want to store the password in clear is to prevent anyone with access to the database to have access to the user password and you don't want that password to also appear in logs and other code traces.
hope that answers your question
How a great tutorial!!!
Thanks so much
Can we have the github link to these code please?
thanks, a lot
Nice tutorial