The thing I love about this playlist is using simple language, very easy to understand and please always give the scenario of how things work at enterprise level in your future video.😌

Excellent Videos Piyush... Explaining it in such a simple way.. makes it so easy

i can't set cookie by res.cookie

I thought the same even though I used to do the same in my MERN stack projects what shubham has asked But Thanks Piyush for getting us more clear on it also I found that OAuth and NextAuth use the same technique while authenticating users on each request they utilize tokens stored in the cookies and get users' data from it! Very very useful topic you have covered

Thanks sir taking my doubts..it's clear now

This tutorial of nodejs is more useful to any other paid tut . Thank you so much sir such a amazing series ❤️ 🙌 👏

Bro you are explaining very deep things in practical superb bro 🎉🎉

Bro just don’t stop posting videos u r just amazing tutor❤

No words, how you explain deep fully, at each word meaning fully explain😊 Thank you, Create An KZbin channel and share your knowledge📚

22:28 -->changes happen

Great work, it has compelled me to like and subscribe.

If you encounter this error: Cannot read properties of undefined (reading 'split'), Follow the given steps: 1. first make changes only to handleLogin controller and send token as json instead of setting a cookie. 2. Now in postman, make POST req to /user/login and generate a token. 3. Now make change to our middleware functions i.e to checkAuth and restrictLogin middlewares. 4. And now finally make GET req to homepage and set the authorization header in postman. Reason: If you make changes to the middlewares first and then try to generate the token it will result in error because we don't have authorization header during initial token generation and the checkAuth middleware is still executed. Hence generate the token first and then make necesarry changes in the middlewares. Hope it helps!

Thank You Sir, It was one of the Best explanation of cookies on youtube.

literally no words for uh bro !...excellent explaination 😃😃

The authorization header is not present by default in the POST request in postman and hence you can get the error: Cannot read properties of undefined (reading 'split') as there's no authorization header present, you have to set the header in the Headers tab manually as "Authorization" and set its value to null so that it can be used further in the middleware functions.

Got to know many things this video thank you for the lecture😇😇

16:10 what are you trying to do 🤔 According to mdn Fir domain value - "Only the current domain can be set as the value, or a domain of a higher order" "A cookie for a domain that does not include the server that set it should be rejected by the user agent."

From where you learn all this so well??

Thanks for the video 🔥✨

that was so useful and deep knowledge for newbie. awesome bro ❤.

Thank You Piyush For this great video!!! ; )

21:06 but token match karne ke liye database access chahiye hoga na har bar request aane par!!..........to problem to same hi rahi jo aapne video ke starting me kaha tha

can you explain refresh token and access token?

Thank you so much for sharing this. Very good explanation :)

superb bhai...

Thanks bhaiya for the video tutorials. 🥳🥳🔥🔥🤘🤘

@priyam, In Postman, we manually send the token via headers without using local storage or cookies. How can we receive this token in our backend middleware to authenticate the request?

excellent explanation brother

Amazing explaination bro ❤👏🏻

Sir i have a doubt because 11:04 you have directly providing user from jwt token but if the user is deleted from database but the user can still access logged in content.

Good explanation👍

Thanks bro..excellent video .really helpful

Agr hum Map or database ko combined use kry tu excess database request ka issue ni hoga, first time jab user login hoga tu map ma bhi or database ma bhi store hoga or getuser ma hum check laga day ka agr user exist krta ha map ma tu database sa query na kry or agr map sa ma ni ha tu database sa query kr kay usko map store krdy for further request verification

Thank you for this tutorial - you have make an overview video about architecture of SSO (single sign on) authentication - if possible, can you make a full coding tutorial of SSO (basic only will do).

Hi Piyush, maine ek website banai hai jiska server or client different domain pe hai but jab mai sever me cookies ke option me domain ko apne client ke domain pe set karta hu, tab bhi cookie send nahi ho rahi. I've also used cors for cross platform sharing. kya browser ka kuch default behavior hota ki third party client par cookie send nahi karna? meanwhile maine localstorage me token send kar diya, but mai cookies me token send karna chahta hu..

U got one subscriber ❤

2:00 what about storing user with their session id in redis instead of db

Really good video but It would be good if you compare localstorage vs cookies which is better, limitations like that.

you should set the headers in ejs files only ,whats the use of creating them if we have to use postman only

Sir please tell us about new react JS series any idea when it's starting?

Too good brother

But jwt be to scrent check krna ka liya br br new page reload phr datbase wala sa match krta ha?

Another potential concern might arise when dealing with stateful authentication in the context of load balancing.

Bro you are great>>>

im facing problem regarding non existing authorization header in server side gives Cannot read properties of undefined (reading 'split'), though using res.set('Authorization', `Bearer ${token}`); inside handleUserLogin async function to set the valus, help me to debug it any one...

Thank you so much bro

I didn't get authorization in req.headers, where am I wrong?

Sir I am sending cookie by res.cookie and 'm able to see that cookie in network but not in application-->Cookies

kaise ho pankaj sir ham bhi yhi se padh rhe😁

sir in my code it is showing can't read the properties of undefined after i switched to response section after cookie section, i copied exactly your code but it is not working, if someone know please help

Bhaiya please make a video on cross site in which authorization header is sent to the backend my malicious website and produce hacking in the backend :)

if one user logs in, but second user comes and copy your Authorization Bearer token or Cookie..... and that 2nd person then requests in the backend from his own laptop via the copied token/cookie. In this case, how to make it more secure ???? Can you please walk through this scenario ?

how to get this code

how we can take user information from tokens Piyush Garg

but first time in mobile device we have to login how can we send token in request in first time does it not required?

bhaia do you have short notes of this lecture

in browser based applications, in industry standard for authentication tokens are sent through cookies or response?

In last, we use header base authentication, Will it work for browser? Because, it is not working for browser in my case.

I am not getting authorization in the headers. Why?

why it showing this? C:\Users\toshiba\Desktop\codes ode js\URL shortcut project\index.js:50 res.redirect(entry.redirectURL) ^ TypeError: Cannot read properties of null (reading 'redirectURL') at C:\Users\toshiba\Desktop\codes ode js\URL shortcut project\index.js:50:21 at process.processTicksAndRejections (node:internal/process/task_queues:95:5) Node.js v21.7.3 [nodemon] app crashed - waiting for file changes before starting...

Thanks

How can I get a token set in cookies in browser

19:35 reponse

Thanks for the video sir

I am looking for the content on CSRF and CSP Headers in JAVA Filter. If you could provid it that would be really helpful.

ye Manish Paul bhai hai kya ??

Very useful video Piyush, but it could be helpul if you are teaching in English

Hi.. Need your help.. My req.headers does not contain authorization property

Thank's man

What is the need to send bearer, as it is getting split

excellent

Tenks😊 gruudev

still I got One error TypeError: Cannot read properties of undefined (reading 'split') if Anyone have solution for this...

Adhyapak Diwas ki Shubhkamnaein! 🙏😇

what are http only cookie ?

this authorization thing got me confused like cookies, tokens, headers and all.

bhai mene "split" ki jaga "spilt" likh diya aur uss error ko dund ne ke chakkar me mujhe 1/2 ghand lag gaya🥲🥲

Bhaiya ji esse he videos aati rehye gii ?

please share the code

Pls provide the source code always

bade bahiya m soch kyo nahi pa rha hun😟

ddd

@piyushgarg sir