Thank you for providing these latest MERN tutorials Brad, they came at a great time. I just finished the code along for this tutorial and the MERN stack tutorial you dropped a few days ago. I did manage to get everything working per the videos specs, but of course, the true learning happens when I'm able to take this code and apply to my own projects - breaking stuff along the way. Thanks again for providing friend. I look forward to the front end portion.
Just wanted to say how much I appreciate the effort you've put in to help fellow developers like myself grasp the concepts that you are covering. You have a way of methodically and calmly explaining something, that just make it make sense. Everything seems to clean and easy after following your tutorials. Keep up the amazing work! You truly are an inspiration to all of us, from where you came from to where you are now
Brad, Thanks for the MERN Stack series. You hide the complexity with the way you explain it. You're one of those few teachers that really know how to explain things. I'm eager and can't wait to see how/what you'll be explaining in the front-end. Wish you the best!
This series seems to be a very interesting one. I am already working Node. But I am hopeful to learn few advance features in upcoming videos. Thanks a lot Brad.
dude ive been following and learning form bad since 2018! HE NEVER CEASES TO AMAZE ME! Its legit because of him, as to why I'm even successful in this industry...
This Project is awesome, I love the way you explain things, I feel like I've been coding for years! Thank you so much for your dedication and hard work. Looking foward to become a MERN Stack Developer at the end of this Project.
Thanks for another great lesson. I'm adapting this to a postgreSQL backend using pg-promise instead of mongoose, and your instructions still help a lot!
*_In _**_26:13_* You don't always have to restart the server while changing anything in the .env file. Just add these two lines of code in your package.json script section where you are assigned your nodemon[ "dev": "nodemon -w . -w .env *Your file dir* " ] " *_-w ._* " = tells nodemon to watch the files in the current directory " *_-w .env_* " = tells nodemon to watch the .env file
What a phenomenal tutorial Brad. I was able to follow along and get the whole thing working. I learned so much. It was challenging from start to finish especially once it got to the authorization and authentication. I still have a lot to learn about these concepts. Thank you so much for this!
Since this tutorial is shows up, i just want to say thanks to your 4 years ago tutorial about nodejs api authentication with jwt. When you explain the schema behind how jwt works, and some other tutorial i followed along, i can write an article about how to create nodejs authentication mechanism as that is a test given by the recruiter. Regarding whether or not the test will pass, it's up to the recruiter. I just want to say thanks that i get helped a lot by your tutorial. God bless you with your passion for teach and help people through this journey.
Phenomenal video as always Brad. Your blend of building projects and explaining the concepts you are implementing makes learning so much easier. This whole video series so far has been great at teaching me Mongo/Mongoose and reviewing JWT. Thank you for all that you and your team do.
If you have issues with logging in a user. Make sure you are putting email/password in the body in postman and not params. I spent an hour struggling with this and now you don't have to 😅
Hello Sir, You are absolutely a gem to developers community. We for sure admire your work. Kindly make tutorial on MEAN stack as well. Bundle of thanks in advance.
At 40:20, you don't have to again find the details of the user from the database as the user details are already in the request, we can directly send the details in the response. res.json(req.user)
i've been using other techniques while making APIs and by following what you've done , it seemed like i've been overlooking some nice additions ! thank you
I'm trying to learn node and this series seems to be a top notch for learning MERN-STACK❣️❣️ Thanks Brad, for such an amazing content 😍 lots of love & respect❣️
@40:30 , since you already have access to req.user, do you need to call the database again.? It seems you dont have to... you can do res.json(req.user) Thoughts?
36:39 Question on the protect() middleware: should the code starting at line 27 be inside of an else block, and should it even bother doing the if (!token) check? It looks like you just want to catch the condition where there is no 'Bearer' value in header.authorization. Also, I'd think that if you're concerned whether token exists or not, that check should be made up on line 15.
@@aminblel5655 I agree, and I personally always prefer to add "return" before calling next() in middleware functions, so it's absolutely clear that code execution ends at that point. (I also add "return" before any res.send(), res.json(), res.status(), etc. etc. for the same reason.)
i'm a little new to this. Could you explain a little bit more? we are only setting the req.user inside the authMiddleware right? do middlewares automatically send a res object as well?
@@aldolhitlercondensation1363 nope it does not it only sends what you telll it to send. my point is that we have all the data in the rs object (loaded in the middleware if I remember correctly) and since it's in the res object, IT IS available throughout the request starting from where we initialise it (in this case the middleware)
Man this was very difficult for me , but I finally pulled out this half my application crashed like 50 million times, Its incredible how you memorize all of this by Heart Brad, You're Stand Up Guy for turning Gangsters into Scientists! Cheers! Thanks a Lot!
How different is it to implement type script in this? I've only messed with it once on a small side project that I never really finished/got started on
I initailly had some problems with export modules. This is no longer working as shown, but "export default..." / "export..." is so it's an easy fix. Thanks for helping me include new functionality in my project! :)
Thank you very much Brad! One small optimization: since the protect middleware is fetching the user's data from the db then you don't need to refetch it again from the db in the user controller, you could just destructure req.user...
See i was thinking the same thing through the update and delete controllers for the goals. Couldnt you just use the req.user.id instead of searching for the user with req.user.id then using the return users id to compare to the req.user.id. Seems like a duplicate process. The auth middle ware would just kick out no authorization before getting to the controller anyways if the user didn't exist that you are trying to update or delete. Or am I wrong and there is a reason for doing it like this?
17:51 I am unable to parse the password inside the userRegister function while the name and email are okay. For the password it's giving me undefined, HELP PLEASE??
For delete operation, Goal.remove() function should be replaced by Goal.deleteOne({_id: req.params.id)} because if you have two goals, Goal.remove() will delete all goals but should not as we are giving goal id in params.
At 40:45, at line 75, you are making a query on the User collection, even though you have the user already stored as req.user, created by the middleware "protect". So there is no point in doing this again, correct?
27:55 When I add the token as well I get a render error. engine not specified or whatever. Returning the user data without the token works but I'll try and get back when I figure out this roadblock.
Dude.... That one part has ME CRACKING UP FOR SOME REASON! Like dont get me wrong! Love Brad 100% and it was more so HOW he said it, but the part where he searches the goals for brad, "welp brads a loser" as its an empty array! LOL!!
when you wrote the if statement you used or meaning that if any of the values are true it should run but why is it now requiring all values to be true like an and statement
Thank you very much Brad! One small optimization: since the protect middleware is fetching the user's data from the db then you don't need to refetch it again from the db in the user controller ? We can do this: "const { _id, name, email } = req.user;" ??
Thank you for providing these latest MERN tutorials Brad, they came at a great time. I just finished the code along for this tutorial and the MERN stack tutorial you dropped a few days ago. I did manage to get everything working per the videos specs, but of course, the true learning happens when I'm able to take this code and apply to my own projects - breaking stuff along the way. Thanks again for providing friend. I look forward to the front end portion.
Just wanted to say how much I appreciate the effort you've put in to help fellow developers like myself grasp the concepts that you are covering. You have a way of methodically and calmly explaining something, that just make it make sense. Everything seems to clean and easy after following your tutorials. Keep up the amazing work! You truly are an inspiration to all of us, from where you came from to where you are now
Brad,
Thanks for the MERN Stack series. You hide the complexity with the way you explain it. You're one of those few teachers that really know how to explain things. I'm eager and can't wait to see how/what you'll be explaining in the front-end. Wish you the best!
As always Brad, you're one of the best teach out there, and Brad has a goal! To educate entire humanity 😇 51:20
Me : Searching youtube for JWT authentication, 7 minutes ago.
Brad : Hold my payload.
Honestly, superb timing!
These tutorials have made so many things more clear to me!! You're an excellent teacher, thanks so much.
Best Teacher EVER!
Simply the level of details in this tutorial is insane!
Thank you Brad!
This series seems to be a very interesting one. I am already working Node. But I am hopeful to learn few advance features in upcoming videos. Thanks a lot Brad.
dude ive been following and learning form bad since 2018! HE NEVER CEASES TO AMAZE ME! Its legit because of him, as to why I'm even successful in this industry...
less than 1 hour and a lot of well-organized info, thank you for your efforts!
Insane quality on this series so far. Very happy about it.
sending love brad. its 4:46 am, and i will sleep with a thought in mind that im better than yesterday all beacuse of you. learnt alot!!
This Project is awesome, I love the way you explain things, I feel like I've been coding for years! Thank you so much for your dedication and hard work. Looking foward to become a MERN Stack Developer at the end of this Project.
Thanks for another great lesson.
I'm adapting this to a postgreSQL backend using pg-promise instead of mongoose, and your instructions still help a lot!
*_In _**_26:13_*
You don't always have to restart the server while changing anything in the .env file. Just add these two lines of code in your package.json script section where you are assigned your nodemon[ "dev": "nodemon -w . -w .env *Your file dir* " ]
" *_-w ._* " = tells nodemon to watch the files in the current directory
" *_-w .env_* " = tells nodemon to watch the .env file
Very usefull! Thanks
Thank you so much for this sir! I commend your dedication and hard work for giving us a wonderful content!
What a phenomenal tutorial Brad. I was able to follow along and get the whole thing working. I learned so much. It was challenging from start to finish especially once it got to the authorization and authentication. I still have a lot to learn about these concepts. Thank you so much for this!
Amazing tutorial! This cleared a lot of doubts for me regarding JWT and protecting routes. Cant wait for the frontend part.
26:45
in the generateToken function pass the id as { _id } ... don't forget to put underscore
What if _ is forgotten?
Since this tutorial is shows up, i just want to say thanks to your 4 years ago tutorial about nodejs api authentication with jwt. When you explain the schema behind how jwt works, and some other tutorial i followed along, i can write an article about how to create nodejs authentication mechanism as that is a test given by the recruiter. Regarding whether or not the test will pass, it's up to the recruiter. I just want to say thanks that i get helped a lot by your tutorial. God bless you with your passion for teach and help people through this journey.
watched so many videos on youtube related to the MERN stack and confused
This one is best to completely understand the whole MERN stack
I love this kind of series....seriously love it. Very long time never see brad doing this kind of series....
Phenomenal video as always Brad. Your blend of building projects and explaining the concepts you are implementing makes learning so much easier. This whole video series so far has been great at teaching me Mongo/Mongoose and reviewing JWT. Thank you for all that you and your team do.
42:42 Since you want to protect all of the endpoints here, could you just do router.use(protect) before all of the router.route(...) calls?
Yes I also thought that.
how?
If you have issues with logging in a user. Make sure you are putting email/password in the body in postman and not params. I spent an hour struggling with this and now you don't have to 😅
OMG, thank you sooo much for this comment! 🤗☺
Learned a lot! Thanks for the content Brad. Great pace and thorough
Hello Sir,
You are absolutely a gem to developers community.
We for sure admire your work.
Kindly make tutorial on MEAN stack as well.
Bundle of thanks in advance.
Top video about the topic! You are a gem to the community, Brad!
At 40:20, you don't have to again find the details of the user from the database as the user details are already in the request, we can directly send the details in the response. res.json(req.user)
i've been using other techniques while making APIs and by following what you've done , it seemed like i've been overlooking some nice additions ! thank you
I'm trying to learn node and this series seems to be a top notch for learning MERN-STACK❣️❣️ Thanks Brad, for such an amazing content 😍 lots of love & respect❣️
Brad is the 👑King of explaining Authentication in Node.js Express !
Thanks for you effort Brod. I am a beginner. From your videos I learned best techniques. I am a fan of your channel.
@40:30 , since you already have access to req.user, do you need to call the database again.? It seems you dont have to... you can do res.json(req.user) Thoughts?
Thank you for awesome video Brad! I love your quiet and slow voice 😍
Just finished this tutorial! I want to make a simple website with users and this tutorial series is perfect!
This channel is just pure gold
really comprehensive explanation bro, thank you for new upcoming videos, keep strong as always
36:39 Question on the protect() middleware: should the code starting at line 27 be inside of an else block, and should it even bother doing the if (!token) check? It looks like you just want to catch the condition where there is no 'Bearer' value in header.authorization. Also, I'd think that if you're concerned whether token exists or not, that check should be made up on line 15.
I think you're right, we do not even need the else I think if we use "return next()"
@@aminblel5655 I agree, and I personally always prefer to add "return" before calling next() in middleware functions, so it's absolutely clear that code execution ends at that point. (I also add "return" before any res.send(), res.json(), res.status(), etc. etc. for the same reason.)
@@mykalimba exactly, I always use return too to guarantee that it stops there
Thank you for sharing, Brad! You made JWT so simple to learn that looks easy!!!!
Holy grail, second amazing video tutorial which I completed to my project. My head exploded, but totaly worth it, thank you Brad!
thank you very much Brad! These are very helpful series. Waiting for front end part.
Hey Brad, I think we should not repeat the code that finds the user at 47:00 , since all user data is in the res object (set in the middleweare)
i'm a little new to this. Could you explain a little bit more? we are only setting the req.user inside the authMiddleware right?
do middlewares automatically send a res object as well?
@@aldolhitlercondensation1363 nope it does not it only sends what you telll it to send. my point is that we have all the data in the rs object (loaded in the middleware if I remember correctly) and since it's in the res object, IT IS available throughout the request starting from where we initialise it (in this case the middleware)
41:19 i still hav Not authorized even that i enter same token as loged in user.. pls help
Can't wait for the whole project, thanks brad appreciate your efforts. You're awesome❤️
Thanks Brad for the free content, always appreciated !
This is SOOOO awesome, love it, thank you so much for the detailed videos!!!
BRAD WHAT A LEGEND, YOU LITERALLY MADE ME THE DEV I AM TODAY! thank you for every course you made 🔥🔥🔥🔥🔥
Learning a ton from this by coding along, but pausing when I don't understand a piece of code and taking time to ponder on it
Thanks brad. Love your work. Simple request, Could you please add typescript with react in the upcoming frontend app?
Awesome work Brad🙂. You have taught me how to make a basic authentication and protect routes.
Quality explanation ❤
Man this was very difficult for me , but I finally pulled out this half my application crashed like 50 million times, Its incredible how you memorize all of this by Heart Brad, You're Stand Up Guy for turning Gangsters into Scientists! Cheers! Thanks a Lot!
Actually he has more on his screen. He must have some map as to how to go about his project
@@piyushaggarwal5207 i thought the same , there is so much information
At 40:01 it was no longer important to look up the user again in the database since he was already in the Token. Thanks Brad
waiting for this video great work Brad
thanks Brad. Got through to the end. Nice work & much appreciated.
Legendary video from a legendary person. Thanks for the video, it helped me a lot.
Sadly not in TS, but when I was finding all the correct types and ways to actually use this, I learned a lot, so no problem :)
It's the best way to learn it!
How different is it to implement type script in this? I've only messed with it once on a small side project that I never really finished/got started on
So usefull, thanks very much. I really needed these video to build my full stack projects
Thank you, I have learnt a lot can't wait for the frontend part 🇳🇬🇳🇬🇳🇬
I initailly had some problems with export modules. This is no longer working as shown, but "export default..." / "export..." is so it's an easy fix.
Thanks for helping me include new functionality in my project! :)
Yes. The second part 🏋️🏋️
very nice video, as someone new to webdev, this video was truly enjoyable and easy to follow :D
EPIC tutorial as usual Brad!
Thank you very much Brad! One small optimization: since the protect middleware is fetching the user's data from the db then you don't need to refetch it again from the db in the user controller, you could just destructure req.user...
See i was thinking the same thing through the update and delete controllers for the goals. Couldnt you just use the req.user.id instead of searching for the user with req.user.id then using the return users id to compare to the req.user.id. Seems like a duplicate process. The auth middle ware would just kick out no authorization before getting to the controller anyways if the user didn't exist that you are trying to update or delete. Or am I wrong and there is a reason for doing it like this?
17:51 I am unable to parse the password inside the userRegister function while the name and email are okay. For the password it's giving me undefined, HELP PLEASE??
For delete operation, Goal.remove() function should be replaced by Goal.deleteOne({_id: req.params.id)} because if you have two goals, Goal.remove() will delete all goals but should not as we are giving goal id in params.
Here to juice the algo. These videos are fantastic. Thank you for all you do señior.
Thank you so much sir! your tutorials are awesome and really helped me along the way!
much love Brad! thanks for your work !
took me so long but finally finished backend thanks so much
At 40:45, at line 75, you are making a query on the User collection, even though you have the user already stored as req.user, created by the middleware "protect". So there is no point in doing this again, correct?
Excellent video on Authentication. Thanks man❤️
42:56 if an entire route needs auth protection you can just put router.use(protect)
Brad! You're amazing man, thanks a lot for everything literally
Great Video, got new learnings about proper and practical ways.
Thanks for the great content,
self talking is just awesome.
Great tutorial. I couldn't get my frontend work though. The backend works perfectly. I know I am missing something
Exactly what I needed. Thank you.
27:55 When I add the token as well I get a render error. engine not specified or whatever. Returning the user data without the token works but I'll try and get back when I figure out this roadblock.
just wanna say this is fabulous one thanks a lot thanks @brad
49:28 why are you feching user here in line no 43, as it is already fetched by the middleware and available as req.user ??
Can sombody explain
Dude.... That one part has ME CRACKING UP FOR SOME REASON! Like dont get me wrong! Love Brad 100% and it was more so HOW he said it, but the part where he searches the goals for brad, "welp brads a loser" as its an empty array! LOL!!
you can use curl or wget if you are on linux to send http requests from the terminal, you can set the method and the form data to send
when you wrote the if statement you used or meaning that if any of the values are true it should run but why is it now requiring all values to be true like an and statement
Great tutorial - well worth looking at. Cheers !
This tutorial is awesome, thank a lot Brad.
Amazing work, congrats !!!
51:09 I don't get it, why does the json token affect the delete operation at the end? shouldn't it be just the comparison of the IDs of goal and user?
the user's ID comes from the token in the initial request
43:58 not authorized pls send help
amazing tutorial brad !!! thanks you
Once again thanks for this valuable video!
51:20 😂😂😂 The joke really caught me off guard
Thank you very much Brad! One small optimization: since the protect middleware is fetching the user's data from the db then you don't need to refetch it again from the db in the user controller ?
We can do this: "const { _id, name, email } = req.user;" ??
Thank you for sharing this awesome content! helped a lot!!
هذا أفضل فيديو على الإطلاق
No homo my friend but I love you , certainly yesterday I completed the previous course and today I found this , thanks!!!
Can someone explain a little bit more about 6:51 , that mongoose.Schema.Types.ObjectId thing ?
Brad, we already fetched user from protected middleware. Why we need to do the same again from controller. We can always refer req.user
Looks pretty easy.
Probably I something missed, but I didn't find anything about Auth strategy in current video.
thank u sir that was very helpfull for my studying