Welcome aboard! Happy to hear you are liking it!

Great to hear!

Hahaha Hope you like the video!

Same...🤣😂

kkkkkkk fico feliz que vc gostou!

Glad you think so!

I feel like this one is more complete!

@@PedroTechnologies thank you so much for the response! Have a good day!

stucked in "Please install mysql2 package manually" issue. might go back and use your old auth tutorial :(

Glad you liked it!

I have videos on how to use React Router Dom! You can use the component! I should make more videos on this soon!

@@PedroTechnologies yes please i am waiting for that and thanks :)

Thank you! I plan on making a video on refresh tokens and maybe include a logout functionality in it as well! With what we wrote in the video you can make requests that only belong to certain users, but that is authorization and not authentication.

Edit: You have backend as localhost:3001. But how to send cookie to diff url?

The cookie is set to the frontend! When you write res.cookie() it sets to the client side!

​@@PedroTechnologies Figured it out. I use axios in the front end so needed to add "withCredentials = true". I believe it works like cors does for the backend.

Yeah, after you make the request in the frontend you can just check to set a global states to be logged in!

I have a video on it: kzbin.info/www/bejne/gZi7hWlprLWAhsU

@@PedroTechnologies thanks ! but how can you retrieve user data and display it in your page ?

Thank you! I've been showing how to do this in my new series about full stack development!

This makes me happy! Hope you like the videos!

I plan to make a video on my vscode extensions

Obrigado mano!

Thanks and welcome

@@PedroTechnologies can you please make a vidoe on how to automatically logout the first device when second device gets connected 😊😊

Hey, there are many ways of doing this! You can save it in your sessionStorage, in a global state, and many different places. This won't be insecure because even if they change the state to logged in (which wouldn't work because you cant change a state through the browsers js), you should be validating every api request through the tokens!

@@PedroTechnologies Hey, thanks for the prompt reply. So I would set a global state in sessionStorage to true if they are logged in. Then would check the value of the global state before rendering the new page. If it is set to true, then render the new page. If I did it this way, then someone could still set their sessionStorage state to true and bypass the api request and end up rendering the new page? I know you said that changing a state through browser js isn't possible, but if someone managed to somehow set it true, wouldn't the new page end up rendering? Thanks so much bro!

@@PedroTechnologies Maybe a video on this might be a good idea! I couldn't find anything online which explained how to render a new page in React once a user has been authenticated (using JWT and a HTTP cookie)... Thanks bro!

@@FrostGhost were you able to find any online resources?

@@edoardopavan6128 Hey, I realised much later after doing many projects using React that Pedro's original answer to my question is correct. The state cannot be easily changed and even if it is, any request to the back-end should have authentication (using sessions). If the authentication fails, the request will fail meaning the front-end won't display the data. So the way shown in this video is secure, providing your backend is secure..

I can definitely do one!

Boa Marcelo, obrigado! Após o login vc pode redirecionar dependendo de como seu frontend é. Você esta usando react? Ou somente html?

@@PedroTechnologies Eu estou estudando o seu código mesmo, deste vídeo. Imaginei que após o login o usuário seria direcionado automaticamente para uma página principal, por exemplo. Eu estou usando o ReactJS

@@mbfreitas0 Apos o logi, vc tem que redirecionar através do React. Eu fiz um video falando sobre os diferentes metodos que vc pode usar pra redirecionar: kzbin.info/www/bejne/qpqknYamrrx8etU

Legal Pedro vou assistir agora !!! Muito Obrigado pela Atenção \0/ ...Estou aprendendo muito com suas aulas !!! Valeu !!!

Thank you :) Well, you can store the access token in somewhere accessible when someone logs in (Ex. cookies, session/local storage (although not recommended)) and just verify them to get the information!

@@PedroTechnologies Yes...I did...I verified n got back the data which I stored into the jwt... Thank You So Much for this tutorial...This cleared my mind about jwt auth... seriously...thanks a lot... This Tutorial is quite helpful...😊

@@PedroTechnologies And make a video or videos on Admin Bro... please...😊...They way you teach, it clears every doubt...Thanks Again...Jwt video helped me out from JWT AUTH infinite loop of not understanding of the concept...😂😂

On the front using use navigation from react router from library

Thanks!!

Desteği takdir ediyorum!

Interesting, this might be a typo. Are you using typescript or js? Can you paste your code here for the token?

@@PedroTechnologies Thank you Pedro for your response, I have rectified my error, I got the error because I'm sending a request to the backend without including a token in the headers. I have changed a little bit code from yours, you used "req.cookies["token']" to get the token from front-end, I used "req.headers["cookie"]", this is because I'm sending it as "cookie : ", through the headers, from the front-end.

Interesting, can you paste ur code here so i can take a look?

@@PedroTechnologies /// React Axios handleSubmit = async (event) => { event.preventDefault(); const formData = new FormData(); formData.append('username', this.state.username); formData.append('password', this.state.password); const res = await axios.post('localhost:3001/api/login', formData).then( response => { this.setState({resMessage: response.data.message}); this.setState({resStatus: response.data.status}); if(response.data.status === 'good'){ alert(response.data.status); } else{ alert(response.data.status); } }); } /********** Express index.js ***********/ const express = require('express'); const app = express(); // Cookie Parser const cookieParser = require('cookie-parser') // Cors const cors = require('cors'); // Body Parser const bodyParser = require('body-parser'); app.use(express.json()); app.use(cors()); app.use(bodyParser.urlencoded({extended: true})); app.use(cookieParser()); // > // const userRouter = require('./routes/User'); app.use('/api', userRouter) // Listen app.listen(3001, () => { console.log(`Running on port 3001`) }) //*********** USER ROUTER **********/ const express = require("express") const router = express.Router() // Database Connection const db = require("./../connection/conn") // Login Route router.post('/login', async (req, res) => { const username = req.body.username; const password = req.body.password; const fecthUsersQuery = "SELECT id, username, password FROM users"; db.query(fecthUsersQuery, (err, results) => { if(err){ return res.json({ status: 'bad', message: "Something went wrong" }); } for(let user of results){ if(username === user.username && password === user.password){ const accessToken = createTokens(user); res.cookie("access-token", accessToken, { maxAge: 60 * 60 * 24 * 30 * 1000 }) console.log(req.cookies["access-token"]); return res.json({ status: 'good', message: "Test" }) } else{ return res.json({ status: 'bad', message: "Username or password does not exist" }); } } }) })

hi, did you mange to figure out how to login / verify from client

hello , i am encountering the same error when trying to connect with frontend if you got the solution for it can you please comment it down

Glad you liked it!

Thank you!

Validating with sessions is a different type of authentication. In this case you can indeed use a protected route which is defined in the frontend. You can make a request to your server to check if you have a valid token in your http only cookie, then if so, you set some global state to allow you to login.

Yeah, after months of studying interview questions I got an internship at Twitch hahaha

@@PedroTechnologies That's so cool

@@PedroTechnologies so cool. I am haapy for you. Keep hacking!

Thank you! Really appreciate it!

Thank you so much! The support you guys give me is unimaginable!