Thank so much for your effort, your courses are awesome.. Can you please add video for Redis cache on this video or another built project. Thanks

Man I love you already!

@@francisabonyi7115 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

you are amazing dude, thanks a lot

​@@stevechude3730 my videos are not for beginners. If you don't know hwo to set up Mongo locally, this video is not for you. Please consider how rude you're being to people that spend hours making videos for free.

This advice will land you a job, guaranteed

yah 2 years ago but still gold. I'm not going to intern yet but through this tutorial, my skills have improved. I decide to watch the tutorial and then redo it by myself :D

Great. But how do users login as there no route for login

This is not to take anything away from Tom and his wonderful tutorials, the one thing I have began to observe is that lesser the subscriber count the better is the quality of the tutorial. Definitely not every time but generally

Great to hear!

Thanks Adrian, I am working on the UI part. I'm going to keep the library use to a minimum because it could get confusing for anyone that doesn't know how that library works.

I'm working on testing with Jets now, it will be out nest week, Prometheus should be quick so I will do that too :)

I also have a video about caddy + docker here: kzbin.info/www/bejne/aKCxpJ2vlqh8qKs

Thank you for the feedback. It's difficult to tell what pace the video should be because it really depends on how much experience the viewer has I think.

@@TomDoesTech Yeah I know what you mean. "Advanced" or "Beginner" is always subjective of course and a question what kind of audience you'd like to serve with your videos. More beginners or more advanced devs that might get bored out. But nonetheless, your content stays on a high quality! Thanks for your efforts, Tom.

I thought about that joke for way too long.

Never heard of Neovim, I'm going to download it and have a play around with it. let me know if you have any questions :)

Glad it was helpful!

So glad you like it :)

@@TomDoesTech when i hit the healthcheck route I get an error that says "unable to connect to remote server". but the console shows app is running on the designated port

@@christopherugochukwu3517 are you using Mongo Atlas or something? What is the "remote server"?

Thank you for the feedback, that's really helpful! When I make those mistakes, I stop talking while I try figure it out so I need to learn to keep talking and explain the issue.

I agree, this is great tutorial, but you need to make sure to let us know when you’ve made a correction that been edited out. 🙏🏾 Otherwise excellent work👍🏾

Me as well

Thanks! I am working on the testing video now :)

Thank you so much :)

@@TomDoesTech ur welcome =) Just one little question. When you call the createUserSessionHandler you are using the same private key for the accessToken and refreshToken. Isn't that a problem? Or are you changing that later. Cant't wait to watch the next videos of that series =D

Yeah, I really like TypeGraphQL and have used it a fair bit so I think I will make a tutorial on it.

Oh wow, thank you

I did that video kzbin.info/www/bejne/pYTdY2amhaejfLs&ab_channel=TomDoesTech

I'm so glad you liked it! I think your approach is the best way to get the most out of the video. I try not to be too prescriptive in my videos. there are often better ways to do it. My goal is usually to give a suggestion and hope that the viewer pauses it and considers if they could improve on it. Thanks again for your kind words, I really appreciate it.

Thanks, who's Tim?

@@TomDoesTech ohh sorry i mispelled tom as tim 😅

Zod has better TS support and I'm more familiar with it

Firstly, I'm not a security expert, I'm just demonstrating concepts here so if you're working with a lot of user data, make sure you have someone who understands security in-depth look at your code. Yeah, you should be worried about someone stealing the refresh token because if they have that, they can get an access token and then have access to the system. I would spend my effort trying to prevent the token from being stolen before I spend time reducing the blast radius in the event it does get stolen. So, what I mean by that is make sure you figure out how your application could be vulnerable to XSS attacks and reduce those threats. As for rotating refresh tokens. The issue is that you have no way to invalidate the refresh token without changing the public and private key pair. A lot of large companies will rotate their keys, but getting this to work without impacting the user experience would be challenging.

I did something very similar to this but I used Fastify instead of Express.

@@TomDoesTech Awesone,, could you share the link pls

@@sreekumarmenon kzbin.info/www/bejne/gn7SfnuGaZlgrq8

@@TomDoesTech Thanks I like the folder structuree in that video better, controller,service,schema all in same folder grouped by feauture! question why pick zod over yup ?

@@sreekumarmenon Zod has better TS support than Yup

These 2 things aren't mutely exclusive. The con fig file has defaults which can be overwritten by env vars

Sorry but longer videos do much better. I've done a few videos where they are in parts and they do significantly worse

Yup, good call!

There is a UI part in this series if you want to check that out

@@TomDoesTech ok, thanks so much. Meanwhile, i'll like to point out that, both your terminal & your file EXPLORER cover more than half of the screen in this video, it would be nice if you minimize your terminal when not in use that way, the viewers can have a clear view of the code on the screen. Thank you, you are the best.

Yeah if options is undefined and you try spread it, essentially your're saying ...undefined which isn't valid and it will throw. You can default options to an empty object and it will work, but I use the ...(options && options) syntax because it works for all data types

You can use the same or different keys, up to you. Probably better to use different keys but it's not that big of a deal

THANKS BUDDY for this solution

It's just the way I'm used to doing it. I've used the express.Router() in another video

same here, please did you get a way around this?

That's awesome! Thanks for the tip.

awesome. @TomDoesTech you should pin that comment. Thank you for the great tutorial

@@acdev972 It doesn't work, or at least I can see it causing issues. If you do select false, it won't show up in the validation function.

@@TomDoesTech export async function validatePassword({ email, password }: { email: string; password: string }) { const user = await UserModel.findOne({ email }).populate("password"); if (!user) return false; const isValid = await user.comparePassword(password); if (!isValid) return false; return user.depopulate("password"); }

@@TomDoesTech the problem is that you need to "populate" the password in the findOne method from "mongoose" or it's undefined in the comparePassword instance method. see the fix above.

I don't know if it's standard or now and I don't think it's useful to think about it like that. I think the question you should be asking is: "Does this make sense for my application and does it fit with the way I like to work?"

@@TomDoesTech thanks !

Man, me too. I found a comment that say that we can replace "return omit(user.toJSON(), 'password');" to "return omit(user.toObject(), 'password');" at user service