Just wanted to say how much I appreciate the effort you've put in to help fellow developers like myself grasp the concepts that you are covering. You have a way of methodically and calmly explaining something, that just make it make sense. Everything seems to clean and easy after following your tutorials. Keep up the amazing work! You truly are an inspiration to all of us, from where you came from to where you are now
Brad, Thanks for the MERN Stack series. You hide the complexity with the way you explain it. You're one of those few teachers that really know how to explain things. I'm eager and can't wait to see how/what you'll be explaining in the front-end. Wish you the best!
Thank you for providing these latest MERN tutorials Brad, they came at a great time. I just finished the code along for this tutorial and the MERN stack tutorial you dropped a few days ago. I did manage to get everything working per the videos specs, but of course, the true learning happens when I'm able to take this code and apply to my own projects - breaking stuff along the way. Thanks again for providing friend. I look forward to the front end portion.
If you have issues with logging in a user. Make sure you are putting email/password in the body in postman and not params. I spent an hour struggling with this and now you don't have to 😅
This series seems to be a very interesting one. I am already working Node. But I am hopeful to learn few advance features in upcoming videos. Thanks a lot Brad.
dude ive been following and learning form bad since 2018! HE NEVER CEASES TO AMAZE ME! Its legit because of him, as to why I'm even successful in this industry...
This Project is awesome, I love the way you explain things, I feel like I've been coding for years! Thank you so much for your dedication and hard work. Looking foward to become a MERN Stack Developer at the end of this Project.
Thanks for another great lesson. I'm adapting this to a postgreSQL backend using pg-promise instead of mongoose, and your instructions still help a lot!
Hello Sir, You are absolutely a gem to developers community. We for sure admire your work. Kindly make tutorial on MEAN stack as well. Bundle of thanks in advance.
Since this tutorial is shows up, i just want to say thanks to your 4 years ago tutorial about nodejs api authentication with jwt. When you explain the schema behind how jwt works, and some other tutorial i followed along, i can write an article about how to create nodejs authentication mechanism as that is a test given by the recruiter. Regarding whether or not the test will pass, it's up to the recruiter. I just want to say thanks that i get helped a lot by your tutorial. God bless you with your passion for teach and help people through this journey.
*_In _**_26:13_* You don't always have to restart the server while changing anything in the .env file. Just add these two lines of code in your package.json script section where you are assigned your nodemon[ "dev": "nodemon -w . -w .env *Your file dir* " ] " *_-w ._* " = tells nodemon to watch the files in the current directory " *_-w .env_* " = tells nodemon to watch the .env file
What a phenomenal tutorial Brad. I was able to follow along and get the whole thing working. I learned so much. It was challenging from start to finish especially once it got to the authorization and authentication. I still have a lot to learn about these concepts. Thank you so much for this!
I'm trying to learn node and this series seems to be a top notch for learning MERN-STACK❣️❣️ Thanks Brad, for such an amazing content 😍 lots of love & respect❣️
How different is it to implement type script in this? I've only messed with it once on a small side project that I never really finished/got started on
i've been using other techniques while making APIs and by following what you've done , it seemed like i've been overlooking some nice additions ! thank you
I initailly had some problems with export modules. This is no longer working as shown, but "export default..." / "export..." is so it's an easy fix. Thanks for helping me include new functionality in my project! :)
Thank you very much Brad! One small optimization: since the protect middleware is fetching the user's data from the db then you don't need to refetch it again from the db in the user controller, you could just destructure req.user...
See i was thinking the same thing through the update and delete controllers for the goals. Couldnt you just use the req.user.id instead of searching for the user with req.user.id then using the return users id to compare to the req.user.id. Seems like a duplicate process. The auth middle ware would just kick out no authorization before getting to the controller anyways if the user didn't exist that you are trying to update or delete. Or am I wrong and there is a reason for doing it like this?
Man this was very difficult for me , but I finally pulled out this half my application crashed like 50 million times, Its incredible how you memorize all of this by Heart Brad, You're Stand Up Guy for turning Gangsters into Scientists! Cheers! Thanks a Lot!
Phenomenal video as always Brad. Your blend of building projects and explaining the concepts you are implementing makes learning so much easier. This whole video series so far has been great at teaching me Mongo/Mongoose and reviewing JWT. Thank you for all that you and your team do.
For delete operation, Goal.remove() function should be replaced by Goal.deleteOne({_id: req.params.id)} because if you have two goals, Goal.remove() will delete all goals but should not as we are giving goal id in params.
At 40:20, you don't have to again find the details of the user from the database as the user details are already in the request, we can directly send the details in the response. res.json(req.user)
It would be nice if other tutorial masters would take this backend and do tutorials building front ends with other techs like Vue etc. (If it would be cool with Brad). Me, I'm going to move on to the next video on this awesome channel.
Dude.... That one part has ME CRACKING UP FOR SOME REASON! Like dont get me wrong! Love Brad 100% and it was more so HOW he said it, but the part where he searches the goals for brad, "welp brads a loser" as its an empty array! LOL!!
Thank you very much Brad! One small optimization: since the protect middleware is fetching the user's data from the db then you don't need to refetch it again from the db in the user controller ? We can do this: "const { _id, name, email } = req.user;" ??
i'm a little new to this. Could you explain a little bit more? we are only setting the req.user inside the authMiddleware right? do middlewares automatically send a res object as well?
@@aldolhitlercondensation1363 nope it does not it only sends what you telll it to send. my point is that we have all the data in the rs object (loaded in the middleware if I remember correctly) and since it's in the res object, IT IS available throughout the request starting from where we initialise it (in this case the middleware)
when you wrote the if statement you used or meaning that if any of the values are true it should run but why is it now requiring all values to be true like an and statement
I really appreciate it, Thank you for all these amazing stuff, could you please try to complete this journey with Frontend via React Js and then deploy this project to any host website
@40:30 , since you already have access to req.user, do you need to call the database again.? It seems you dont have to... you can do res.json(req.user) Thoughts?
hey brad. well done so far with the series. I would appreciate it however if you could add the video number in the series in the title, and not just in the thumbnail? Thanks! 😊
I think there are a lot of people teaching the same thing but no one is teaching microservices in NodeJS or creating APIs in Golang using GoGin or some framework with auth and all Can you please cover up those I think that can attract even more audience
Hey Jainam! Are you a self-taught programmer and build projects to learn? If yes, please reach out to me so that we can discuss some interesting software development roles in latest technologies!
36:39 Question on the protect() middleware: should the code starting at line 27 be inside of an else block, and should it even bother doing the if (!token) check? It looks like you just want to catch the condition where there is no 'Bearer' value in header.authorization. Also, I'd think that if you're concerned whether token exists or not, that check should be made up on line 15.
@@aminblel5655 I agree, and I personally always prefer to add "return" before calling next() in middleware functions, so it's absolutely clear that code execution ends at that point. (I also add "return" before any res.send(), res.json(), res.status(), etc. etc. for the same reason.)
Just wanted to say how much I appreciate the effort you've put in to help fellow developers like myself grasp the concepts that you are covering. You have a way of methodically and calmly explaining something, that just make it make sense. Everything seems to clean and easy after following your tutorials. Keep up the amazing work! You truly are an inspiration to all of us, from where you came from to where you are now
Brad,
Thanks for the MERN Stack series. You hide the complexity with the way you explain it. You're one of those few teachers that really know how to explain things. I'm eager and can't wait to see how/what you'll be explaining in the front-end. Wish you the best!
Thank you for providing these latest MERN tutorials Brad, they came at a great time. I just finished the code along for this tutorial and the MERN stack tutorial you dropped a few days ago. I did manage to get everything working per the videos specs, but of course, the true learning happens when I'm able to take this code and apply to my own projects - breaking stuff along the way. Thanks again for providing friend. I look forward to the front end portion.
Me : Searching youtube for JWT authentication, 7 minutes ago.
Brad : Hold my payload.
Honestly, superb timing!
If you have issues with logging in a user. Make sure you are putting email/password in the body in postman and not params. I spent an hour struggling with this and now you don't have to 😅
OMG, thank you sooo much for this comment! 🤗☺
As always Brad, you're one of the best teach out there, and Brad has a goal! To educate entire humanity 😇 51:20
These tutorials have made so many things more clear to me!! You're an excellent teacher, thanks so much.
Best Teacher EVER!
Simply the level of details in this tutorial is insane!
Thank you Brad!
Insane quality on this series so far. Very happy about it.
sending love brad. its 4:46 am, and i will sleep with a thought in mind that im better than yesterday all beacuse of you. learnt alot!!
This series seems to be a very interesting one. I am already working Node. But I am hopeful to learn few advance features in upcoming videos. Thanks a lot Brad.
dude ive been following and learning form bad since 2018! HE NEVER CEASES TO AMAZE ME! Its legit because of him, as to why I'm even successful in this industry...
less than 1 hour and a lot of well-organized info, thank you for your efforts!
Brad is the 👑King of explaining Authentication in Node.js Express !
This Project is awesome, I love the way you explain things, I feel like I've been coding for years! Thank you so much for your dedication and hard work. Looking foward to become a MERN Stack Developer at the end of this Project.
Thanks for another great lesson.
I'm adapting this to a postgreSQL backend using pg-promise instead of mongoose, and your instructions still help a lot!
Hello Sir,
You are absolutely a gem to developers community.
We for sure admire your work.
Kindly make tutorial on MEAN stack as well.
Bundle of thanks in advance.
watched so many videos on youtube related to the MERN stack and confused
This one is best to completely understand the whole MERN stack
Since this tutorial is shows up, i just want to say thanks to your 4 years ago tutorial about nodejs api authentication with jwt. When you explain the schema behind how jwt works, and some other tutorial i followed along, i can write an article about how to create nodejs authentication mechanism as that is a test given by the recruiter. Regarding whether or not the test will pass, it's up to the recruiter. I just want to say thanks that i get helped a lot by your tutorial. God bless you with your passion for teach and help people through this journey.
*_In _**_26:13_*
You don't always have to restart the server while changing anything in the .env file. Just add these two lines of code in your package.json script section where you are assigned your nodemon[ "dev": "nodemon -w . -w .env *Your file dir* " ]
" *_-w ._* " = tells nodemon to watch the files in the current directory
" *_-w .env_* " = tells nodemon to watch the .env file
Very usefull! Thanks
Thank you so much for this sir! I commend your dedication and hard work for giving us a wonderful content!
Learning a ton from this by coding along, but pausing when I don't understand a piece of code and taking time to ponder on it
What a phenomenal tutorial Brad. I was able to follow along and get the whole thing working. I learned so much. It was challenging from start to finish especially once it got to the authorization and authentication. I still have a lot to learn about these concepts. Thank you so much for this!
BRAD WHAT A LEGEND, YOU LITERALLY MADE ME THE DEV I AM TODAY! thank you for every course you made 🔥🔥🔥🔥🔥
Amazing tutorial! This cleared a lot of doubts for me regarding JWT and protecting routes. Cant wait for the frontend part.
I'm trying to learn node and this series seems to be a top notch for learning MERN-STACK❣️❣️ Thanks Brad, for such an amazing content 😍 lots of love & respect❣️
Sadly not in TS, but when I was finding all the correct types and ways to actually use this, I learned a lot, so no problem :)
It's the best way to learn it!
How different is it to implement type script in this? I've only messed with it once on a small side project that I never really finished/got started on
i've been using other techniques while making APIs and by following what you've done , it seemed like i've been overlooking some nice additions ! thank you
I initailly had some problems with export modules. This is no longer working as shown, but "export default..." / "export..." is so it's an easy fix.
Thanks for helping me include new functionality in my project! :)
Thank you very much Brad! One small optimization: since the protect middleware is fetching the user's data from the db then you don't need to refetch it again from the db in the user controller, you could just destructure req.user...
See i was thinking the same thing through the update and delete controllers for the goals. Couldnt you just use the req.user.id instead of searching for the user with req.user.id then using the return users id to compare to the req.user.id. Seems like a duplicate process. The auth middle ware would just kick out no authorization before getting to the controller anyways if the user didn't exist that you are trying to update or delete. Or am I wrong and there is a reason for doing it like this?
Man this was very difficult for me , but I finally pulled out this half my application crashed like 50 million times, Its incredible how you memorize all of this by Heart Brad, You're Stand Up Guy for turning Gangsters into Scientists! Cheers! Thanks a Lot!
Actually he has more on his screen. He must have some map as to how to go about his project
@@piyushaggarwal5207 i thought the same , there is so much information
Phenomenal video as always Brad. Your blend of building projects and explaining the concepts you are implementing makes learning so much easier. This whole video series so far has been great at teaching me Mongo/Mongoose and reviewing JWT. Thank you for all that you and your team do.
I love this kind of series....seriously love it. Very long time never see brad doing this kind of series....
Thanks for you effort Brod. I am a beginner. From your videos I learned best techniques. I am a fan of your channel.
Top video about the topic! You are a gem to the community, Brad!
Thanks brad. Love your work. Simple request, Could you please add typescript with react in the upcoming frontend app?
Thank you for awesome video Brad! I love your quiet and slow voice 😍
Great tutorial. I couldn't get my frontend work though. The backend works perfectly. I know I am missing something
Just finished this tutorial! I want to make a simple website with users and this tutorial series is perfect!
Can't wait for the whole project, thanks brad appreciate your efforts. You're awesome❤️
Holy grail, second amazing video tutorial which I completed to my project. My head exploded, but totaly worth it, thank you Brad!
This channel is just pure gold
Awesome work Brad🙂. You have taught me how to make a basic authentication and protect routes.
For delete operation, Goal.remove() function should be replaced by Goal.deleteOne({_id: req.params.id)} because if you have two goals, Goal.remove() will delete all goals but should not as we are giving goal id in params.
Quality explanation ❤
At 40:01 it was no longer important to look up the user again in the database since he was already in the Token. Thanks Brad
Learned a lot! Thanks for the content Brad. Great pace and thorough
you can use curl or wget if you are on linux to send http requests from the terminal, you can set the method and the form data to send
Thank you for sharing, Brad! You made JWT so simple to learn that looks easy!!!!
Thank you, I have learnt a lot can't wait for the frontend part 🇳🇬🇳🇬🇳🇬
thank you very much Brad! These are very helpful series. Waiting for front end part.
Here to juice the algo. These videos are fantastic. Thank you for all you do señior.
really comprehensive explanation bro, thank you for new upcoming videos, keep strong as always
At 40:20, you don't have to again find the details of the user from the database as the user details are already in the request, we can directly send the details in the response. res.json(req.user)
Looks pretty easy.
Probably I something missed, but I didn't find anything about Auth strategy in current video.
Thanks Brad for the free content, always appreciated !
26:45
in the generateToken function pass the id as { _id } ... don't forget to put underscore
What if _ is forgotten?
This is SOOOO awesome, love it, thank you so much for the detailed videos!!!
It would be nice if other tutorial masters would take this backend and do tutorials building front ends with other techs like Vue etc. (If it would be cool with Brad). Me, I'm going to move on to the next video on this awesome channel.
Excellent video on Authentication. Thanks man❤️
thanks Brad. Got through to the end. Nice work & much appreciated.
Dude.... That one part has ME CRACKING UP FOR SOME REASON! Like dont get me wrong! Love Brad 100% and it was more so HOW he said it, but the part where he searches the goals for brad, "welp brads a loser" as its an empty array! LOL!!
Thanks for the great content,
self talking is just awesome.
So usefull, thanks very much. I really needed these video to build my full stack projects
42:42 Since you want to protect all of the endpoints here, could you just do router.use(protect) before all of the router.route(...) calls?
Yes I also thought that.
how?
very nice video, as someone new to webdev, this video was truly enjoyable and easy to follow :D
Legendary video from a legendary person. Thanks for the video, it helped me a lot.
took me so long but finally finished backend thanks so much
Yes. The second part 🏋️🏋️
Great Video, got new learnings about proper and practical ways.
EPIC tutorial as usual Brad!
just wanna say this is fabulous one thanks a lot thanks @brad
Thank you so much sir! your tutorials are awesome and really helped me along the way!
I really want to know how to secure the mern stack, this should help. Thank you for the mern stack stuff! 👍🤗❤
much love Brad! thanks for your work !
Brad! You're amazing man, thanks a lot for everything literally
Thank you very much Brad! One small optimization: since the protect middleware is fetching the user's data from the db then you don't need to refetch it again from the db in the user controller ?
We can do this: "const { _id, name, email } = req.user;" ??
waiting for this video great work Brad
42:56 if an entire route needs auth protection you can just put router.use(protect)
Hey Brad, I think we should not repeat the code that finds the user at 47:00 , since all user data is in the res object (set in the middleweare)
i'm a little new to this. Could you explain a little bit more? we are only setting the req.user inside the authMiddleware right?
do middlewares automatically send a res object as well?
@@aldolhitlercondensation1363 nope it does not it only sends what you telll it to send. my point is that we have all the data in the rs object (loaded in the middleware if I remember correctly) and since it's in the res object, IT IS available throughout the request starting from where we initialise it (in this case the middleware)
Exactly what I needed. Thank you.
This tutorial is awesome, thank a lot Brad.
video tutorial 2 DONE! thank you!
هذا أفضل فيديو على الإطلاق
when you wrote the if statement you used or meaning that if any of the values are true it should run but why is it now requiring all values to be true like an and statement
I really appreciate it, Thank you for all these amazing stuff,
could you please try to complete this journey with Frontend via React Js and then deploy this project to any host website
Once again thanks for this valuable video!
Great tutorial - well worth looking at. Cheers !
Amazing work, congrats !!!
amazing tutorial brad !!! thanks you
No homo my friend but I love you , certainly yesterday I completed the previous course and today I found this , thanks!!!
Thank you for sharing this awesome content! helped a lot!!
This MERN project is my first and it is going mostly over my head 😂😂 But we will get through this
I like this tutorial, it just resolved my problem.😆
@40:30 , since you already have access to req.user, do you need to call the database again.? It seems you dont have to... you can do res.json(req.user) Thoughts?
hey brad. well done so far with the series. I would appreciate it however if you could add the video number in the series in the title, and not just in the thumbnail? Thanks! 😊
thank u sir that was very helpfull for my studying
Brad, we already fetched user from protected middleware. Why we need to do the same again from controller. We can always refer req.user
I think there are a lot of people teaching the same thing but no one is teaching microservices in NodeJS or creating APIs in Golang using GoGin or some framework with auth and all
Can you please cover up those I think that can attract even more audience
Hey Jainam! Are you a self-taught programmer and build projects to learn? If yes, please reach out to me so that we can discuss some interesting software development roles in latest technologies!
36:39 Question on the protect() middleware: should the code starting at line 27 be inside of an else block, and should it even bother doing the if (!token) check? It looks like you just want to catch the condition where there is no 'Bearer' value in header.authorization. Also, I'd think that if you're concerned whether token exists or not, that check should be made up on line 15.
I think you're right, we do not even need the else I think if we use "return next()"
@@aminblel5655 I agree, and I personally always prefer to add "return" before calling next() in middleware functions, so it's absolutely clear that code execution ends at that point. (I also add "return" before any res.send(), res.json(), res.status(), etc. etc. for the same reason.)
@@mykalimba exactly, I always use return too to guarantee that it stops there
Great video. Well communicated information!