You have an app where users login and authenticate with a server, but is that all? What if there are different levels of authorization based on assigned user roles? In this tutorial you will learn how to React Router v6 to set up role-based user authorization for different parts of your React application. This tutorial uses a Node JS backend that was created in my Node JS for Beginners full course found here: th-cam.com/video/f2EqECiTBL8/w-d-xo.html - If you're just starting out with React, I suggest learning the basics first in my React JS for Beginners full course here: th-cam.com/video/RVFAyFWO4go/w-d-xo.html
"src/context/AuthProvider.js Line 5:32: 'children' is missing in props validation react/prop-types" I am getting this error. Can someone please help me to resolve this
I am encountering a problem... Using protected routes, if the user is not logged in, I redirect to login page. But now google has marked my login page as canonical to the order page, because google crawler is not logged in. Any way to sole this issue? Thank you. It is an amazing tutorial.
I am encountering a problem... Using protected routes, if the user is not logged in, I redirect to login page. But now google has marked my login page as canonical to the order page, because google crawler is not logged in. Any way to solve this issue? Thank you. It is an amazing tutorial.
This is EXACTLY what I've been looking for over the past year. I've been stitching most of this together on my own over that time since I started my web dev journey but there was a main issue I had with JWTs and best practice for storing those (AT & RT) - you've cleared it up and then some! Thank you so much. Liked, subbed, belled - you seem like you know what we need to see. There are too many 'guides' and 'courses' that skip over the most important parts often pertaining to best practices such as storing JWT in localstorage for simplicity or because they assume you don't care about security. Very nice to have all in one best practice / security.
Your TH-cam channel is so valuable its insane, you don't cut a single corner in your demos. I've been studying for almost a year and feel like this series has been the icing on the cake for my job hunt right now
What a detailed and explanatory video about role wise routes. It feels like an personal tutor who sits besides & guides through the path. Hats Off for your efforts. Blessings. 👍
Dave, I must say I like the style and pace of the videos. I find it really useful when you explain why we should use something unlike some other creators that say just use this.
Thanks so much for the tutorials! Easy to follow and work really well to explain what many see as a complex topic. Also love your pronunciation of Routes (most people here would say it like *roots*) and Route (and this one would be just *root*). But I understand them in React now too. So thanks again!
This is by far the best tutorial I seen on the internet regarding the login/authorization related stuff of react. You never skipped a single piece of code which other youtuber normally do. The way you explain the things is really awesome and this helps me substantially in my job search.Thanks Dave for this great content🙂
Hi Dave! 1st of all: Thanks infinitely for your work, your constant contributions to the community and your magnificent skills to teach and share your knowledge and experience. 2nd: I had written a long message to see if you could give me some perspective to sort out an issue I run into when implementing RequireAuth component and I figured out the issue when writing it down to explain it to you just now. You might not know, but you just helped me (again, eheh)! Thanks Dave!
Glad to hear that! What you did is kind of like the "rubber duck" theory where programmers explain the issue to something on their desk which helps the thought process. Teaching helps me do the same thing! 💯
@@mauroconsolani2576 If that issue is about the auth context variable loosing its value between refreshing the page I would kinda beg you for the solution :P
@@sum41greekfun Hi!! I've been trying to track down my code but couldn't locate if my issue was with the context variable. If I had to guess, on refresh you should check if you have a JWT token stored in your cookies. If so, send a request to you backend with the data you need to fill your auth context variable and recover the "state" of the app.
Just so you know youre a life saver. Your tutorial videos are always on point and helps me sort out most of the things I need to know. Keep doing what you do🤟🤟🔥🔥
I've been struggling with these access control in react You have also taught me how to add the layout of a page like a "millionaire", I was doing it the dumb way
Thanks Dave, this tutorial helped me set up some simple protected routes for an app I'm working on. Your other React Router videos have been useful as well!
Hi Dave, It's a wonderfully explained lecture about routes so far I have seen. Really appericiate your efforts and the way you are teaching beginners. Thank you so much as this really helped me in my project.
Hi Dave, thank you very much for this awesome tutorial series, it helped me a lot. Could you please tell me how to keep context from "clearing" when opening link in a new tab. When i use it seems that the context is lost and auth becomes empty in RequireAuth so it redirects me to the login page. Any help would be much appreciated. Thank you
Dave this tutorial is amazing complete your node tutorial and now doing this. JWT and authorization was daunting but your tutorials made them very easy to grasp cant wait to incorporate this into my full stack projects! do you have a discord or anything like that?
Hi Dave, I have a question. You specified separating concerns between routing and authorization, but what about navigation links that utilize rrd's Link component? I was thinking of conditionally rendering navigation Links based on the user's role. I wasn't sure if this was still against the convention you speak of. I would hope not, but wanted to see!
I absolutely love your tutorials! They are so insightful and correctly paced. The only thing I was wondering is if you could do this same website without axios? Or is that not a good idea? I am currently building a react app for my capstone project in college, and I am not using axios.
You can just use fetch. It doesn't have all of the nice features built-in that axios does though. Axios is a lightweight dependency that will not bog down your project. Given the choice, I would use axios.
Hello, I'm newbie, just a question, i just want to make a page for the owner of the website and customer shouldn't access that page, even if they try to write the in address bar and it re-directs them to website. how is that possible? is it done the way u explained and showed in the video?
Hi Dave, your video is amazing, but i have ad doubt, i am creating an app which has front end with react and backend on express with apis, now , for authorization of the API i have JWT implemented correctly with passport jwt, but how can i implement stateful session with passport local strategy for the front end? i am very blurry there. Example: when the JWT expires the API requests are unauthorised, but the application doesn't logs the user out as JWT is stateless, therefore the use can still access the protected routes with no data(as the data is fetched from the API). Can you help?
Somehow my auth would not change update after setAuth is called. However, it updates if I browse through my app 1~2 times. After hours of searching on google, I solved this with useEffect, put useNavigate inside there and made auth as dependency. So when auth is updated by setAuth, useEffect navigated the user. It works perfectly fine now but I wonder why yours worked. I went to your source code and copied the code almost exactly but it did not work as intended.
The "almost exactly" might be it - hard to compare if not exact. React Router has had some updates. Check my source package.json to see if you were using the same version or maybe an update is the difference.
I’m a bit confused, I have a login form that connects to sql db then response is 200 if user exists. Why would I need a token if validation is already achieved? Is this a silly question?
Hey Dave, Great playlist btw. I just completed both NodeJS and React Auth playlists. I had a doubt lingering in my mind. Please answer that whenever you can. It seems we can access protected routes which do not require to fetch data from the backend even after the access token get expired. If so, is this something to be concerned about? Should I make it this way that I ask the backend for a new access token every time I open any protected route? or is this overkill?
"src/context/AuthProvider.js Line 5:32: 'children' is missing in props validation react/prop-types" I am getting this error. Can someone please help me to resolve this
@@DaveGrayTeachesCode I copied the same code from git repo. Still getting the error. I had to add this block AuthProvider.propTypes = { children: PropTypes.any.isRequired, }
This is a value to let React Router know where the user is coming from. We provide an || (or) which does default to "/"... but the user may be coming from somewhere else and from will hold that value if that is the case.
Hi Dave, this is exactly what I needed! Thanks a lot!. I just noticed that if I create a user that is not authorized for certain page and I look for that page directly in the browser search bar instead of using a button like you do, I get redirected to the home page, instead of the unauthorized one. Do you know why is this happening and how could I change it? Once again, thanks a lot for the help!!
@DaveGrayTeachesCode im not seeing this issue anywhere, feels like im the only one with it? it says setAuth is not a function? everything is set up the same i have no idea why this error is popping, doesn't seem to make anysense. it pops on the login handleSubmit function...any fixes for this?
Hi Dave, I watched few times these series and learn already a lot but I have got a question - you are passing the data from the server to the context. After reloading the page I got a new state which is an empty state and thats a reason that I have to log in again through the login component. What is the best idea to keep state after the login and do not loose it when the page is reloaded ? Also in the network payload I can see the password wich has been written during the sign in the application - is any chance to hide it? To be honest I learn front end dev and I am a beginner with node but literally I just want to know more what is going on on the backend side :D Thank you so much for your tutorials. BDW do you have a slack community or discord etc? I would join to that kind of group under your mentoring :D
Great questions! 1) If you continue in this series, there is a "Persist Login" tutorial that handles the reloading and reauthorization. You will always lose app state when you reload, but that video shows how to maintain a user login. 2) You could possibly encrypt client side, but this isn't common - if there is a major concern here about your network traffic being hacked, you should use a secure connection - say a VPN if available. Also, https is a must. ...You're welcome and yes, I just opened up a Discord community here: discord.gg/neKghyefqh
dave I think you should get some helpers that will devote themselves to answering the questions of your students. I would love to be one and Id do it for free. I came up with this since sometimes there are things which you dont explain, that I want to know
when i'm in admin panel index page that is allowed only to admin role and go to another protected route under admin protection and refresh the page it sends me back to admin index page...how to solve that?
Hello Dave, Everything is working fine in my code but after I login and refresh the browser, it redirects me to the login page and the useAuth object is being reset. Can you help me please ? Thanks.
You have an app where users login and authenticate with a server, but is that all? What if there are different levels of authorization based on assigned user roles? In this tutorial you will learn how to React Router v6 to set up role-based user authorization for different parts of your React application. This tutorial uses a Node JS backend that was created in my Node JS for Beginners full course found here: th-cam.com/video/f2EqECiTBL8/w-d-xo.html - If you're just starting out with React, I suggest learning the basics first in my React JS for Beginners full course here: th-cam.com/video/RVFAyFWO4go/w-d-xo.html
Hi Dave,
What if user is at home page and uses brower back button.
Will he get navigate to login page or will remain at home page?
@Dave Gray
You are one the best teachers out there, I love the way you use stories to explain from both a client, user or developer point of view
"src/context/AuthProvider.js
Line 5:32: 'children' is missing in props validation react/prop-types"
I am getting this error. Can someone please help me to resolve this
I am encountering a problem...
Using protected routes, if the user is not logged in, I redirect to login page.
But now google has marked my login page as canonical to the order page, because google crawler is not logged in. Any way to sole this issue?
Thank you. It is an amazing tutorial.
I am encountering a problem...
Using protected routes, if the user is not logged in, I redirect to login page.
But now google has marked my login page as canonical to the order page, because google crawler is not logged in. Any way to solve this issue?
Thank you. It is an amazing tutorial.
This is EXACTLY what I've been looking for over the past year. I've been stitching most of this together on my own over that time since I started my web dev journey but there was a main issue I had with JWTs and best practice for storing those (AT & RT) - you've cleared it up and then some! Thank you so much. Liked, subbed, belled - you seem like you know what we need to see. There are too many 'guides' and 'courses' that skip over the most important parts often pertaining to best practices such as storing JWT in localstorage for simplicity or because they assume you don't care about security. Very nice to have all in one best practice / security.
Thank you, Karsen! 🙏💯
Your TH-cam channel is so valuable its insane, you don't cut a single corner in your demos. I've been studying for almost a year and feel like this series has been the icing on the cake for my job hunt right now
Thank you for the kind words! 🙏🙏
What a detailed and explanatory video about role wise routes. It feels like an personal tutor who sits besides & guides through the path. Hats Off for your efforts. Blessings. 👍
Glad it was helpful! 💯
Dave, I must say I like the style and pace of the videos. I find it really useful when you explain why we should use something unlike some other creators that say just use this.
Thank you, Simon. I appreciate your feedback! 🙏💯
Thanks so much for the tutorials! Easy to follow and work really well to explain what many see as a complex topic. Also love your pronunciation of Routes (most people here would say it like *roots*) and Route (and this one would be just *root*). But I understand them in React now too. So thanks again!
I so wish that I had found this course 6 months back. Absolute gem!
Thanks!
Thanks Dave for these intermediate lectures. On TH-cam it's either beginners or too advanced good to see someone teaching intermediate stuff 👍
You're welcome! 💯
I have followed three videos of this course, as of now. And they all were helpful.
Dude, I feel a little more confident in my understanding after each of your tutorials. You rock.
Right on! 🤘
great video for refreshing my memory before applying for a job
This is by far the best tutorial I seen on the internet regarding the login/authorization related stuff of react. You never skipped a single piece of code which other youtuber normally do. The way you explain the things is really awesome and this helps me substantially in my job search.Thanks Dave for this great content🙂
You're very welcome!
Sold in less than 30 minutes! Thank you for explaining these concepts with real life scenarios.
Glad it was helpful!
ive been woking on react authentication with react router.really your worked well helped fror me thanks..now i got the motivation.i will do it
Keep making progress! 🚀
You have explained the concepts to the core. This video has really helped me to understand those
. Thank you Really helpful..
Hi Dave!
1st of all: Thanks infinitely for your work, your constant contributions to the community and your magnificent skills to teach and share your knowledge and experience.
2nd: I had written a long message to see if you could give me some perspective to sort out an issue I run into when implementing RequireAuth component and I figured out the issue when writing it down to explain it to you just now. You might not know, but you just helped me (again, eheh)!
Thanks Dave!
Glad to hear that! What you did is kind of like the "rubber duck" theory where programmers explain the issue to something on their desk which helps the thought process. Teaching helps me do the same thing! 💯
@@DaveGrayTeachesCode definitely the "rubber duck" method! Thanks again!
@@mauroconsolani2576 If that issue is about the auth context variable loosing its value between refreshing the page I would kinda beg you for the solution :P
@@sum41greekfun Hi!! I've been trying to track down my code but couldn't locate if my issue was with the context variable. If I had to guess, on refresh you should check if you have a JWT token stored in your cookies. If so, send a request to you backend with the data you need to fill your auth context variable and recover the "state" of the app.
Just so you know youre a life saver. Your tutorial videos are always on point and helps me sort out most of the things I need to know. Keep doing what you do🤟🤟🔥🔥
I've been struggling with these access control in react
You have also taught me how to add the layout of a page like a "millionaire", I was doing it the dumb way
Glad I could help! 🚀🚀
The best guide for react ever. The attention to detail is just awesome. Thanks Dave
Glad it was helpful!
You are not only a great help, but also an awesome awesome teacher. Thank you Dave Sir for your work, we appreciate you a ton
You're welcome!
Hello sir, your teaching pace and the way of teaching is just awesome 🔥❤️ its much easy to understand even a complex topics 💯💯
Thank you for the kind words!
Great and clear explanation without filler words. Amazing
Thanks Dave, this tutorial helped me set up some simple protected routes for an app I'm working on. Your other React Router videos have been useful as well!
Glad to hear it! 🚀🚀
Another banger. I'm going one by one through this series and this one was great too!
Glad to hear that, Shawn! 🚀
you have some great material! I also love the little details you add in while you are going through the code. keep it up!
Thank you, Chris! 💯
Just one tutorial from you and i am loving it. SUBSCRIBED.
U made me understand jwt totally 🎉❤❤❤
Thank you so much, Mr. Dave.
I love your videos and your way of teaching 🧡
Great tutorials! concise and informative 👏🏻
Thank you, Faris!
the best detailed explanalation of RR6 and Role based control.
Thank you!
You can't imagine how much I appreciate this great tutorial. Thank you Sir for sharing your knowledge.
Glad it was helpful! 💯🚀
Hi Dave,
It's a wonderfully explained lecture about routes so far I have seen. Really appericiate your efforts and the way you are teaching beginners. Thank you so much as this really helped me in my project.
Glad it was helpful!
Hi Dave, thank you very much for this awesome tutorial series, it helped me a lot. Could you please tell me how to keep context from "clearing" when opening link in a new tab. When i use it seems that the context is lost and auth becomes empty in RequireAuth so it redirects me to the login page. Any help would be much appreciated. Thank you
The playlist on how to use Chrome Dev Tools would be awesome. Please, consider to do it someday...
Dave gray made me who i am today. Blessings ❤.
Hi Dave. I'm thankful for this tutorial. I learned tons from it and hope you keep on making these kinda videos! God bless you!
You're welcome!
perfect timing, as I am going through the same concept and setting up a Bank App!
Glad it was helpful! 🚀
Thanks!
Thank you for the support, Rob! 🙏💯
Best video ever on authorization
Thank you Dave, these guides are awesome and have helped me a lot 😊
Glad to hear!
Thank you man. Awesome, best tutorial ever. Keep it up
Man, this was AWESOME! Thank you very much ❤️❤️
You're very welcome!
Great as always, please keep on uploading, I love your content !
Thank you! I'll keep going! 💯🙏
you saved my life!! I love your tutorial!!!! Can't be better :D
Glad I could help! 🚀
Thank you very much! This is exactly what I've been looking for.
Glad I could help!
7:40 whats the purpose of using the Layout and Outlet component?
Thank you, Dave. Very useful and well structured course
Glad it was helpful!
great content, you teach like Tim Buchalka from Australia :) keep up nice work and thank you
You're welcome! 🙏
Dave this tutorial is amazing complete your node tutorial and now doing this. JWT and authorization was daunting but your tutorials made them very easy to grasp cant wait to incorporate this into my full stack projects! do you have a discord or anything like that?
Glad it helped! Yes, my Discord: discord.gg/neKghyefqh
Hi Dave, I have a question.
You specified separating concerns between routing and authorization, but what about navigation links that utilize rrd's Link component?
I was thinking of conditionally rendering navigation Links based on the user's role. I wasn't sure if this was still against the convention you speak of. I would hope not, but wanted to see!
Thanks Dave. This video cleared all my doubts. 😊
Great to hear! 💯
Awesome stuff Dave!
Glad you enjoyed it!
Hi, I want to say a very big THANK YOU for this video and your channel.
You're welcome, Adeyemi! 🙏🙏
mind blowing tutorial. Hatsoff to you. You are a Superhero for me..
Thank you for the kind words, Balaguru! 🙏🙏
This channel is GOLD
Thank you! 💯🚀🚀
Thank you, Dave. Very useful.
I discovered my new favourite channel
Glad to hear that, Fernando! 💯
Awesome just what I was looking for
Glad to hear!
great tutorial a complete life saver👍👍
Glad it helped!
Very good Lesson and clear Many thanks Dave !
Glad you liked it! 💯
Great video! A HOC like withRole() which handles all the authorisation logic would be handy.
Thank you!
I absolutely love your tutorials! They are so insightful and correctly paced. The only thing I was wondering is if you could do this same website without axios? Or is that not a good idea? I am currently building a react app for my capstone project in college, and I am not using axios.
You can just use fetch. It doesn't have all of the nice features built-in that axios does though. Axios is a lightweight dependency that will not bog down your project. Given the choice, I would use axios.
Very detailed and informative content. Thank You
You're welcome!
Thanks Dave for you valuable knowledge sharing it' very helpful to me
Thank you so much
ive been looking on how to stop redirecting to home page every time login check for goddam so long and im so thankful to you
You're welcome!
Hello, I'm newbie, just a question, i just want to make a page for the owner of the website and customer shouldn't access that page, even if they try to write the in address bar and it re-directs them to website. how is that possible? is it done the way u explained and showed in the video?
Hi Dave, your video is amazing, but i have ad doubt, i am creating an app which has front end with react and backend on express with apis, now , for authorization of the API i have JWT implemented correctly with passport jwt, but how can i implement stateful session with passport local strategy for the front end? i am very blurry there.
Example: when the JWT expires the API requests are unauthorised, but the application doesn't logs the user out as JWT is stateless, therefore the use can still access the protected routes with no data(as the data is fetched from the API).
Can you help?
exactly what I need it, thank you very much!
You're welcome! 💯
Somehow my auth would not change update after setAuth is called. However, it updates if I browse through my app 1~2 times.
After hours of searching on google, I solved this with useEffect, put useNavigate inside there and made auth as dependency. So when auth is updated by setAuth, useEffect navigated the user.
It works perfectly fine now but I wonder why yours worked. I went to your source code and copied the code almost exactly but it did not work as intended.
The "almost exactly" might be it - hard to compare if not exact. React Router has had some updates. Check my source package.json to see if you were using the same version or maybe an update is the difference.
Suberb! 😊
Thank you for the support! 💯🙏
Im enjoying the video man. Thanks
Glad to hear it! 🙏💯
Wonderful as usual.
I’m a bit confused, I have a login form that connects to sql db then response is 200 if user exists. Why would I need a token if validation is already achieved? Is this a silly question?
Hey Dave, Great playlist btw. I just completed both NodeJS and React Auth playlists. I had a doubt lingering in my mind. Please answer that whenever you can. It seems we can access protected routes which do not require to fetch data from the backend even after the access token get expired. If so, is this something to be concerned about? Should I make it this way that I ask the backend for a new access token every time I open any protected route? or is this overkill?
Thanks a lot Dave! You helped me a lot!
Glad to hear that, Carlos!
Very informative tutorial 👏👏
Glad it was helpful!
Loved the video❤
thank you dave need more react video
Currently, 55 React videos in my playlist: th-cam.com/play/PL0Zuz27SZ-6PrE9srvEn8nbhOOyxnWXfp.html
"src/context/AuthProvider.js
Line 5:32: 'children' is missing in props validation react/prop-types"
I am getting this error. Can someone please help me to resolve this
Compare your code to my source code that is available at the link in the description. Your error says you are missing something.
@@DaveGrayTeachesCode I copied the same code from git repo. Still getting the error. I had to add this block AuthProvider.propTypes = {
children: PropTypes.any.isRequired,
}
You are the GOAT!
Loved it, thank you very much.
You're welcome!
how would you handle auth now with RouterProvider and loaders?
Thanks Dave very good tutorial!! 1984 and 5150? are you a Van Halen fan? 🤘🤘
Of course! 🤘🎸And you're welcome!
can I know the reason why you added from instead of writing '/' directly sir on minutes 17:00?
on 17:00
This is a value to let React Router know where the user is coming from. We provide an || (or) which does default to "/"... but the user may be coming from somewhere else and from will hold that value if that is the case.
This is what i exactly needed. Thank you so much!
Glad it helped! 🚀
@@DaveGrayTeachesCode Can you do like this but with firestore and reactjs
@@johnpaulpineda2476 I'm sure it is possible. Adding to the list!
@@DaveGrayTeachesCode Im waiting. :)
thanks dave for that great tutorial
You're welcome! 💯
Hi Dave, this is exactly what I needed! Thanks a lot!. I just noticed that if I create a user that is not authorized for certain page and I look for that page directly in the browser search bar instead of using a button like you do, I get redirected to the home page, instead of the unauthorized one. Do you know why is this happening and how could I change it?
Once again, thanks a lot for the help!!
Can the client not manipulate allowedRoles in components? How can we resolve those potential issues?
Thanks for the last tip!
You're welcome!
Amazing again 😱😱👍👍
Thanks again!
This video helps me a lot. ThankU so much.
Glad to hear that!
@DaveGrayTeachesCode im not seeing this issue anywhere, feels like im the only one with it? it says setAuth is not a function? everything is set up the same i have no idea why this error is popping, doesn't seem to make anysense. it pops on the login handleSubmit function...any fixes for this?
Hi Dave, I watched few times these series and learn already a lot but I have got a question - you are passing the data from the server to the context. After reloading the page I got a new state which is an empty state and thats a reason that I have to log in again through the login component. What is the best idea to keep state after the login and do not loose it when the page is reloaded ? Also in the network payload I can see the password wich has been written during the sign in the application - is any chance to hide it? To be honest I learn front end dev and I am a beginner with node but literally I just want to know more what is going on on the backend side :D Thank you so much for your tutorials. BDW do you have a slack community or discord etc? I would join to that kind of group under your mentoring :D
Great questions! 1) If you continue in this series, there is a "Persist Login" tutorial that handles the reloading and reauthorization. You will always lose app state when you reload, but that video shows how to maintain a user login. 2) You could possibly encrypt client side, but this isn't common - if there is a major concern here about your network traffic being hacked, you should use a secure connection - say a VPN if available. Also, https is a must. ...You're welcome and yes, I just opened up a Discord community here: discord.gg/neKghyefqh
dave I think you should get some helpers that will devote themselves to answering the questions of your students. I would love to be one and Id do it for free. I came up with this since sometimes there are things which you dont explain, that I want to know
...u awesome Dave. thanks so very much
when i'm in admin panel index page that is allowed only to admin role and go to another protected route under admin protection and refresh the page it sends me back to admin index page...how to solve that?
thanks for the advice.
Amazing stuff! Thanks!
You're welcome! 🙏💯
Hello Dave,
Everything is working fine in my code but after I login and refresh the browser, it redirects me to the login page and the useAuth object is being reset.
Can you help me please ?
Thanks.
Excellent tutorial as always, Dave. Unfortunately react router doesn’t work well with Nextjs which I built my frontend on.
Thank you! I'd like to do some work with NextJS later this year 💯
Thanks a lot 🥰