1
00:00:01,240 --> 00:00:03,250
Hello and welcome to the next reader in this project.

2
00:00:03,880 --> 00:00:10,270
So long a previous video we have saw or we have seen what what is authentication, security and also

3
00:00:10,270 --> 00:00:13,210
the level one implementation of authentication security.

4
00:00:13,840 --> 00:00:17,740
That is Dash to register the users with usernames and passwords in the database.

5
00:00:18,190 --> 00:00:21,190
Now the Level two will be database encryption.

6
00:00:21,580 --> 00:00:27,760
That means not only storing the username and password of the users in the database, but also we encrypt

7
00:00:27,760 --> 00:00:32,080
them so that now if anyone sees them, they don't understand what is the actual password.

8
00:00:32,380 --> 00:00:34,360
They need to decrypt it for decryption.

9
00:00:34,360 --> 00:00:35,650
They need to have the secret key.

10
00:00:36,490 --> 00:00:37,930
So basically, we see how to do that.

11
00:00:38,320 --> 00:00:39,850
For that will follow some procedure.

12
00:00:40,120 --> 00:00:42,190
So let me write down the procedure step by step.

13
00:00:42,730 --> 00:00:46,660
The first one we are going to use is Mongoose encryption in a package.

14
00:00:47,200 --> 00:00:52,030
So if you go to Google and search for Mongoose encryption.

15
00:00:55,260 --> 00:01:00,150
You'll be getting the yeah, you'll be getting a and B back, isn't it?

16
00:01:01,720 --> 00:01:06,010
This is Angus feel encryption between search for Mongoose encryption.

17
00:01:10,980 --> 00:01:11,370
This one.

18
00:01:12,900 --> 00:01:15,000
So this one is the package that we are going to use.

19
00:01:16,280 --> 00:01:20,330
So as you can see, encryption and multiplication for longer mungo's documents.

20
00:01:20,580 --> 00:01:21,830
OK, it uses crypto modern.

21
00:01:21,830 --> 00:01:22,910
That means cryptography.

22
00:01:23,120 --> 00:01:27,250
Cryptography is a technique, so it's a whole different module itself, OK?

23
00:01:27,890 --> 00:01:30,140
It is a whole different subject if you want to study.

24
00:01:30,530 --> 00:01:36,710
So cryptography has many, many things and many, you know, many different technology, many different

25
00:01:36,710 --> 00:01:39,830
techniques to this encryption decryption of data.

26
00:01:40,340 --> 00:01:44,630
So how it works if you want to know how it works, you can go through this.

27
00:01:46,850 --> 00:01:52,180
So now before we get started, until this is this is how you have to use that first thing, you have

28
00:01:52,190 --> 00:01:57,860
been install npm, install mongoose encryption, the second one using it, how to use it.

29
00:01:58,160 --> 00:02:00,360
So there is a whole different documentation given here.

30
00:02:00,390 --> 00:02:05,300
You can see an understanding how to use it and how to implement it.

31
00:02:05,300 --> 00:02:05,750
Everything.

32
00:02:05,990 --> 00:02:09,020
But we'll see a short way of implementing it.

33
00:02:09,830 --> 00:02:12,890
So after completing this, so basically.

34
00:02:14,060 --> 00:02:17,840
Here in this Mongoose encryption, it can do both encryption and decryption.

35
00:02:18,110 --> 00:02:18,500
OK.

36
00:02:18,950 --> 00:02:22,940
But now will all this will only concentrate on encryption?

37
00:02:23,150 --> 00:02:27,350
That is how to encrypt a given username and password and then started in the database.

38
00:02:27,920 --> 00:02:32,120
Then the first thing is installing required the package install and.

39
00:02:33,300 --> 00:02:34,680
Require the package.

40
00:02:36,280 --> 00:02:39,520
So this is the first thing of this Mongoose encryption.

41
00:02:40,240 --> 00:02:41,050
What is the second thing?

42
00:02:42,620 --> 00:02:47,870
We define a secret, which is a long string, and we use that secret to encrypt our database.

43
00:02:48,480 --> 00:02:50,390
The second one will be defining.

44
00:02:52,600 --> 00:02:53,260
A secret.

45
00:02:58,290 --> 00:03:00,940
The third one, you can check the documentation for the court.

46
00:03:01,500 --> 00:03:07,800
We have to change the court so that only certain things are getting encrypted, so just password because

47
00:03:07,800 --> 00:03:12,530
we don't want the username to be encrypted because using them if the like in, for example, if we take

48
00:03:12,540 --> 00:03:18,600
some social networking app username is something that you just have to see so that they can contact

49
00:03:18,600 --> 00:03:23,010
you, they can see what you're sharing your posts on the social media.

50
00:03:23,580 --> 00:03:32,070
So Tony, the password for logging into that account to be encrypted, so we have to encrypt only.

51
00:03:33,200 --> 00:03:36,140
Certain things that.

52
00:03:37,520 --> 00:03:39,380
So once you're done this.

53
00:03:40,570 --> 00:03:43,300
Now we have our apologies, right?

54
00:03:44,200 --> 00:03:47,770
So we have our user schema, user schema.

55
00:03:48,130 --> 00:03:48,970
We want to.

56
00:03:49,360 --> 00:03:53,260
The secret is a string, this password is extremely vulnerable and this password string.

57
00:03:53,830 --> 00:03:54,690
So how to encrypt?

58
00:03:54,700 --> 00:04:01,270
By using this Mongoose encryption model, we have imported the Mongoose encryption model and then we

59
00:04:01,270 --> 00:04:04,690
are initially using it for the plugin you want to see.

60
00:04:04,720 --> 00:04:06,820
So this is basically the code for database encryption.

61
00:04:07,390 --> 00:04:12,100
First, we are defining a constant secret key that is, you can give any key here I'm giving.

62
00:04:12,100 --> 00:04:14,350
This is my secret key, but you can do anything.

63
00:04:14,740 --> 00:04:21,550
And once getting that, you have to give this plugin to the user schema, so you this command plugin.

64
00:04:21,820 --> 00:04:28,060
Here we are mentioning the method that is anchored and then secret will be the secret key and what feels

65
00:04:28,060 --> 00:04:28,780
to be encrypted.

66
00:04:28,790 --> 00:04:31,420
So here we want only the password field to be encrypted.

67
00:04:31,420 --> 00:04:31,660
OK?

68
00:04:32,020 --> 00:04:34,540
So these are all there will be two parameters one parameters.

69
00:04:34,540 --> 00:04:38,470
And if you decrypt and the second parameter details about this schema and the secret key.

70
00:04:39,460 --> 00:04:41,220
So once we do this, that's.

71
00:04:41,530 --> 00:04:42,130
Nothing changed.

72
00:04:42,140 --> 00:04:43,440
No changes, trapdoors.

73
00:04:43,810 --> 00:04:48,820
So what it will do, it will just save the day, save the data in the database in encrypted form.

74
00:04:48,820 --> 00:04:49,240
That's it.

75
00:04:49,600 --> 00:04:50,970
Then it will not change in the posture.

76
00:04:51,320 --> 00:04:51,560
OK.

77
00:04:51,950 --> 00:04:59,560
This is database encryption, and this is how the second level of authentication security is done before.

78
00:04:59,560 --> 00:05:02,170
And in this video, we'll discuss what is plugins.

79
00:05:02,620 --> 00:05:08,770
So basically, plugins are just extra bits of package code that you can add to the Mongo schemas to

80
00:05:08,770 --> 00:05:11,970
extend the functionality or give them more powers, essentially.

81
00:05:12,010 --> 00:05:12,340
OK.

82
00:05:13,510 --> 00:05:19,060
So one more thing is during see if the documents are encrypted and during find the documents are decrypted.

83
00:05:19,690 --> 00:05:25,600
So what it will do is whenever you give this plug into this, you schema, it will automatically encrypt

84
00:05:25,750 --> 00:05:30,880
during setup and automatically be capable of finding the like when searching some data.

85
00:05:32,440 --> 00:05:34,240
So what is the pain point here means?

86
00:05:34,240 --> 00:05:35,230
What is the disadvantage?

87
00:05:35,770 --> 00:05:39,610
So if anyone have access to dogs, can see this user.

88
00:05:40,210 --> 00:05:45,250
For example, this is the code I'm writing, Man Burgess, since here it is not.

89
00:05:45,250 --> 00:05:45,940
I am commenting.

90
00:05:45,940 --> 00:05:50,590
Everything we're concerned about is if you are implementing database encryption by using the Bongo's

91
00:05:50,590 --> 00:05:52,420
encryption meter, basically have this code.

92
00:05:52,840 --> 00:05:58,360
That means anyone who can have this access to this file, they can have access to this secret can the

93
00:05:58,360 --> 00:05:59,170
whole database.

94
00:05:59,650 --> 00:06:00,790
So this is the pain point.

95
00:06:01,120 --> 00:06:02,260
So how can I why this?

96
00:06:02,590 --> 00:06:08,290
That is by using environment variables so that see in the next shooter that is the level three of security?

97
00:06:08,290 --> 00:06:09,070
Not indication?

98
00:06:09,250 --> 00:06:09,670
Thank you.