1
00:00:00,150 --> 00:00:03,630
All right, and once we're familiar with the overall idea.

2
00:00:04,640 --> 00:00:10,340
Now, let's actually set up our token in the create a JWT.

3
00:00:10,940 --> 00:00:14,090
And this is the IBM package that I'm going to use now.

4
00:00:14,150 --> 00:00:18,710
There's plenty of them out there, but this seems to be one of the most popular ones.

5
00:00:19,040 --> 00:00:20,690
The name is a JSON web token.

6
00:00:20,930 --> 00:00:24,140
If you want to find out more info, here is the URL.

7
00:00:24,530 --> 00:00:30,050
And as always, we want to start our journey by actually installing the package.

8
00:00:30,650 --> 00:00:32,840
So let me stop server.

9
00:00:32,930 --> 00:00:34,970
Spin it up as well.

10
00:00:35,450 --> 00:00:37,360
So let's go with and start.

11
00:00:37,760 --> 00:00:39,380
I'm not in the user model.

12
00:00:39,740 --> 00:00:41,300
We want to go with import.

13
00:00:41,600 --> 00:00:44,030
So in my case, I'm going to go with JWT.

14
00:00:44,510 --> 00:00:49,820
And then the method that we want to use in this case when we're creating is sign.

15
00:00:50,090 --> 00:00:57,800
So we go JWT or taco and burrito, whatever is the name for your variable and then dot sign.

16
00:00:58,220 --> 00:01:00,950
And that sign is looking for three things.

17
00:01:01,970 --> 00:01:05,209
Looking for the payload, essentially what we're going to be sending.

18
00:01:05,780 --> 00:01:12,730
And what's interesting in our case, we're only going to be sending the user I.D. and notice how are

19
00:01:12,770 --> 00:01:13,520
accessing this?

20
00:01:13,880 --> 00:01:15,110
I go with a West Dot.

21
00:01:15,610 --> 00:01:20,300
Again, that's why it was important to set it up as a function and then underscore it.

22
00:01:20,900 --> 00:01:26,990
So whatever you're going to be the I.D. from a user, I'll set it up here as a user already.

23
00:01:27,350 --> 00:01:35,690
Now, as a quick sign out, I just prefer using this user I.D. Job ID, product I.D. I mean, can also

24
00:01:35,690 --> 00:01:36,620
do something like this.

25
00:01:36,620 --> 00:01:40,250
You can just say I.D. is just in my experience.

26
00:01:40,250 --> 00:01:47,600
When you have a bunch of IDs and underscore I.D., it makes a little bit more sense if you're more explicit

27
00:01:47,600 --> 00:01:50,540
of what this I.D. actually represents.

28
00:01:50,810 --> 00:01:54,170
Just my preference if you rather prefer shake and bake.

29
00:01:54,440 --> 00:01:55,430
Who am I to judge?

30
00:01:55,790 --> 00:02:00,800
Now back to our main topic why we're just sending this idea.

31
00:02:01,370 --> 00:02:06,320
Well, because keep in mind that we'll only access this payload back on the server.

32
00:02:06,650 --> 00:02:09,020
So I really don't care about the email.

33
00:02:09,169 --> 00:02:10,699
I really don't care about the name.

34
00:02:10,940 --> 00:02:13,640
I really don't care about the city and whatnot.

35
00:02:13,670 --> 00:02:14,090
Why?

36
00:02:14,420 --> 00:02:20,060
Because I can get all of this data with my I.D. Anyway, so I'll take the 80.

37
00:02:20,360 --> 00:02:25,160
I'll set up my user ID in every controller where I want to get that user.

38
00:02:25,430 --> 00:02:31,070
I'll just say, Hey, look, get me that user with non-specific I.D. That's all we have to do.

39
00:02:31,310 --> 00:02:36,560
Hopefully, that is clear and the rest of the stuff will send from the controller anyway.

40
00:02:37,040 --> 00:02:39,770
So when we're talking about the names, emails and all that.

41
00:02:40,010 --> 00:02:47,420
Yes, that will be set up, but it will be set up right from the controller when we want to pass in

42
00:02:47,420 --> 00:02:48,140
the secret.

43
00:02:48,560 --> 00:02:52,340
So this is going to be the value that is used to sign our tokens.

44
00:02:52,790 --> 00:03:00,380
And therefore, in the next video, I'll show you where we can get more secure value and also serve

45
00:03:00,380 --> 00:03:02,630
this up as Darth Envy.

46
00:03:02,780 --> 00:03:06,530
And as a result, we'll have way more secure value here.

47
00:03:07,340 --> 00:03:14,390
And second, we're not going to expose it when we push our code up to the game because the last thing

48
00:03:14,390 --> 00:03:19,130
you want is for somebody else, start creating tokens on your behalf.

49
00:03:19,280 --> 00:03:21,700
That's definitely not a place that you want to be in.

50
00:03:22,070 --> 00:03:28,040
And then lastly, we have options and in the options object, we're just going to set up expires.

51
00:03:28,670 --> 00:03:29,630
So that's the property.

52
00:03:29,900 --> 00:03:32,420
And in my case, I'm going to go one day.

53
00:03:32,900 --> 00:03:40,160
Now, if you want to find out more info, you can utilize the box because again, my assumption is that

54
00:03:40,500 --> 00:03:42,230
this is a refresher for you.

55
00:03:42,440 --> 00:03:45,980
Not the first time you see the JWT.

56
00:03:46,700 --> 00:03:51,440
So once we have installed everything now, let's navigate to a user one.

57
00:03:51,750 --> 00:03:57,140
Let's grab our JWT where I'm going to go with import JWT from.

58
00:03:57,500 --> 00:04:00,500
I'm on the package name is JSON web token.

59
00:04:01,040 --> 00:04:06,590
Let's scroll back down and that where we have the create a JWT.

60
00:04:06,920 --> 00:04:16,010
What I want to do from this function is to return that JSON web token with payload secret for timing

61
00:04:16,010 --> 00:04:16,760
just hardcoded.

62
00:04:17,089 --> 00:04:23,920
Eventually, we'll set it up in the data entry and also the options where we'll set up expires then.

63
00:04:23,930 --> 00:04:28,190
So let's go here with the turn JWT, then sign.

64
00:04:28,640 --> 00:04:35,840
And like I said, we're going to go with User ID and then this will be equal to what this dot and underscore

65
00:04:36,050 --> 00:04:36,320
it.

66
00:04:36,740 --> 00:04:42,740
And just to make it clear, yes, we cannot see this idea here when we're creating schema, but we do

67
00:04:42,740 --> 00:04:44,720
know that it exists, correct?

68
00:04:45,000 --> 00:04:50,000
Notice the response and all the properties and what do you know all the way on the bottom?

69
00:04:50,210 --> 00:04:51,380
I have underscore.

70
00:04:51,920 --> 00:04:54,710
So that's going to be the party for the genre user.

71
00:04:54,950 --> 00:05:00,770
And that's exactly what I'm going to set up here in my payload when we want to go with that secret again

72
00:05:01,160 --> 00:05:05,150
for time being just a dummy value before we set up data entry.

73
00:05:05,420 --> 00:05:13,400
And then lastly, let's go with the payload, let's say expires in and we're going to go with a one

74
00:05:13,580 --> 00:05:15,110
day what service?

75
00:05:15,560 --> 00:05:17,270
And here's what I want to do right now.

76
00:05:17,570 --> 00:05:19,910
I want to go to auth controller.

77
00:05:20,870 --> 00:05:27,050
And then instead of just invoking it like it is, I'm going to assign it to a variable in this case

78
00:05:27,060 --> 00:05:31,880
token and then I want to set up one more property in this object.

79
00:05:32,360 --> 00:05:38,510
So essentially, when it comes to this user, that is going to represent our user document.

80
00:05:38,960 --> 00:05:39,380
Correct.

81
00:05:39,860 --> 00:05:42,490
But just so it's easier on a frontend.

82
00:05:42,800 --> 00:05:47,000
Just so I don't have to do some nested structuring and all that.

83
00:05:47,330 --> 00:05:51,380
What I'm going to do, I'm going to add two more properties now.

84
00:05:51,620 --> 00:05:55,670
The location will make sense later, and we're not going to add it.

85
00:05:55,670 --> 00:06:00,290
Therefore, right now, part time being, I just want to add this token again.

86
00:06:00,620 --> 00:06:06,290
In between the videos, I did remove the John, so sure and have no problems if I go back.

87
00:06:06,680 --> 00:06:12,500
And what do you know, not only I have my user, but I also have my token.

88
00:06:13,180 --> 00:06:19,400
And that's the one that we'll use in the communication between the frontend and the server.

89
00:06:19,700 --> 00:06:27,250
So every time John is going to make some kind of request from the front end, the request will have,

90
00:06:27,300 --> 00:06:31,840
unless otherwise server is going to send back the error response.