the thing is the way you make us understand the concept are so good. In previous video you thought how to implement cookies but i never got time to watch the whole video but i created a logic by myself to delete the cookie id when a user clicks logout such that it redirects me to the login page again. Thank you so much and keep up the good work!!
10:38 you changed the token. the email was changed, the new token contains Tcf90 at last but at 10:39 (HXfCY at last) there is a cut in video where you changed it, i was getting the glitch and sure you too but you not explained that in video and directly changed something.
Hey! Great explanation! I have a couple of queries: 1. How stateful approach is taking memory on server? In the end, we used DB instead of map, right? And anyhow, we do store createdBy anyways. So mainly is logout the issue? 2. Also, in stateful, why does logout happen even after persisting createdBy to DB?
There is no login if you changed the email using secret password also. at 10:38 to 10:39 even he can't login. there is a cut in the video from 10:38 to 10:39 where somehow he got loggedIn,the funny thing is at 10:38 the token he copied frow jwt is different from 10:39 (where there is a cutshot in the video) and he got login.
Brother! as we are storing tokens with cookies. Someone can copy that token and log in, as you already demonstrated. Is it a secure way? कृपया मार्गदर्शन करें..
Sir I really like your videos but there are 2 problems which I am facing: 1. Your authentication videos are dependent on URLGeneration videos. 2. If someone face any error in the URL at any point he wont be able to continue until that error gets resolved. 3. Solution : if you could provide the source code then it would be easier for us to resolve our errors. 4. Solution : If you could make such videos which are not dependent on each other then it would be easier for us to understand each concept from the Scratch
sir i am getting error "jwt malformed" i tried matching codes, also searched on stackoverflow but just couldnt solve the error...please help if you know...i will update if i get the solutain
i got the same error just now, restart ur server then dont directly go to "/" route , firstly clear cookie from Browser then go to the login page , login as user , then everythng will work fine
I dont know why everytime its giving me error as jwt malformed but i am writing the same code as you have written .. I have seen your all videos upto authentication and everything is fine but i dont know why as soon as i am using jwt its not working . i am working on it to find error from past 2 hours but its not working please help
For that you need to know how jwt is verified. Header and payload part are taken and they are hashed with secret key to get a signature. First part of token is header, second is payload and third is the signature that i described how it comes. Verification(jwt.verify(token,secret): The header, payload and the secret are hashed and we get a new signature. If the new signature matches with the one we received from the third part of token(received signature) then the token is verified and user is authorized. Even if the email was changed, the newly generated token was valid. We extracted user id and So we logged in at 10:40
Very nicely explained Piyush. ! question though, in case of refresh token does the secret on the server changes since the payload information would remain the same ? Wonderful JWT explnation
Assalamo Alikum Sir Sir kiya asa office hai jo urdu mai interview ly our office waly urdu bholy muje typescript react javascript and node.js and exprees ati sirf language ka issues hai english ki samj ati par mai bol nhi sakti
let say you want to make this project open source, but in the backend itself you shared the secret key and using that anyone can get make fake token????
Separate video better hai warna bohot long ho jata woh video na itna tum ya koi bhi samaj kr digest kr pata atleast iska part 1 video khtm hua hoga tb logo ne practice krne ka try kra hoga Netflix pr binge watch krne nahi aaye ho sikhne aaye ho tum yaha pr 🙂
I have seen the playlist of million subscriptions of the channel. but your teaching style and explanation is great.
I can't understand what he's saying, and there aren't subtitles.
@@MakarnaDusmani-f3o I think video is sufficient , if you watch carefully in mute mode .
All of videos from this guy are very useful and amazing
the thing is the way you make us understand the concept are so good. In previous video you thought how to implement cookies but i never got time to watch the whole video but i created a logic by myself to delete the cookie id when a user clicks logout such that it redirects me to the login page again. Thank you so much and keep up the good work!!
Completed half of the playlist , thank for explaing things so easily ❤❤
Stateless vs Stateful understood because of you, thanks!
Maza a gaya your explanation is gazab , full samjh me a jata hai sab kuch.
thanku piyush you made my journey possible to project building
You are gem 🎉 You have very very deep knowledge of all things ❤🎉🎉
bahot badiya exaple de kar samajiya sir apne secret key bhot confush tha thankuu
finally understand sessions cookies and jwt...thank you sirji!!!!🙏🙏🙏🙏
wow excellent explaination..thank you brother for this playlist 😊
10:38 you changed the token. the email was changed, the new token contains Tcf90 at last but at 10:39 (HXfCY at last) there is a cut in video where you changed it, i was getting the glitch and sure you too but you not explained that in video and directly changed something.
Awesome explanation bhai 👌
Hey! Great explanation!
I have a couple of queries:
1. How stateful approach is taking memory on server? In the end, we used DB instead of map, right? And anyhow, we do store createdBy anyways. So mainly is logout the issue?
2. Also, in stateful, why does logout happen even after persisting createdBy to DB?
i like the way you explain by giving examples and your explanations are very user friendly
this is the best on internet
Great video sir👍
There is no login if you changed the email using secret password also. at 10:38 to 10:39 even he can't login. there is a cut in the video from 10:38 to 10:39 where somehow he got loggedIn,the funny thing is at 10:38 the token he copied frow jwt is different from 10:39 (where there is a cutshot in the video) and he got login.
Thank you bhai...... ❤🧡💛💚
Brother! as we are storing tokens with cookies. Someone can copy that token and log in, as you already demonstrated. Is it a secure way?
कृपया मार्गदर्शन करें..
Good Point, I'll surely clear your doubt in next video ✨
Sir I really like your videos but there are 2 problems which I am facing:
1. Your authentication videos are dependent on URLGeneration videos.
2. If someone face any error in the URL at any point he wont be able to continue until that error gets resolved.
3. Solution : if you could provide the source code then it would be easier for us to resolve our errors.
4. Solution : If you could make such videos which are not dependent on each other then it would be easier for us to understand each concept from the Scratch
source code are in the description
@@OTTStar334 where is it ?
❤ sir your lectures are blessings for me... plz cover advanced nodejs caching, threading, etc...
Sure, Thanks :)
i'm getting
return done(new JsonWebTokenError('jwt malformed'));
JsonWebTokenError: jwt malformed@@piyushgargdev
this error
Great explanation! 👌
I really like his vs code theme , did anyone know the name of it ?
wow, awesome bro
Keep Going Bro. You Doing Well
But if we store sessions in database tab to problem ni hogi na in statefull
He solved your doubt in the next video!!!
4:30 difference between this token and the UID
sir i am getting error "jwt malformed" i tried matching codes, also searched on stackoverflow but just couldnt solve the error...please help if you know...i will update if i get the solutain
i got the same error just now, restart ur server then dont directly go to "/" route , firstly clear cookie from Browser then go to the login page , login as user , then everythng will work fine
i got the same error thank you brother @@dishantsingh5790
it's not working bro @@dishantsingh5790
I am still getting error @@dishantsingh5790
How you resolve this error?? @shi-nee7966
this is only video in which i saw that the use secret key in jwt ♥ thanks ♥
I dont know why everytime its giving me error as jwt malformed but i am writing the same code as you have written .. I have seen your all videos upto authentication and everything is fine but i dont know why as soon as i am using jwt its not working . i am working on it to find error from past 2 hours but its not working please help
same problem aari hai bhai mujhe bhi solve hui kya???
Same bro
From 2days
Great video bhaiya there is something csrf is jwt secure with that hack ?
Added to my list, will surely make a video on it
Bhaiya jab tokens ko cookies me store kiya ho to react js ke routes ko kaise protect kare based on presence of token in cookie?
Sir when you are starting a complete react JS course basic to advance any idea sir?
Thx sir❤❤
how on changing payload with wrong email and right secret key, we logged in at 10:40
Did you got the answer??
I think maybe because we have already entered the correct email and password in the beginning...
For that you need to know how jwt is verified. Header and payload part are taken and they are hashed with secret key to get a signature. First part of token is header, second is payload and third is the signature that i described how it comes.
Verification(jwt.verify(token,secret):
The header, payload and the secret are hashed and we get a new signature. If the new signature matches with the one we received from the third part of token(received signature) then the token is verified and user is authorized.
Even if the email was changed, the newly generated token was valid. We extracted user id and So we logged in at 10:40
hello big brother what is the difference between jwt token vs express-session ?
Very nicely explained Piyush. ! question though, in case of refresh token does the secret on the server changes since the payload information would remain the same ? Wonderful JWT explnation
Assalamo Alikum Sir
Sir kiya asa office hai jo urdu mai interview ly our office waly urdu bholy muje typescript react javascript and node.js and exprees ati sirf language ka issues hai english ki samj ati par mai bol nhi sakti
sir getting the below error :
C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\jsonwebtoken\verify.js:70
return done(new JsonWebTokenError('jwt malformed'));
^
JsonWebTokenError: jwt malformed
at module.exports [as verify] (C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\jsonwebtoken\verify.js:70:17)
at getUser (C:\Users\palla\Downloads\short-url-node\short-url-node\service\auth.js:13:16)
at checkAuth (C:\Users\palla\Downloads\short-url-node\short-url-node\middlewares\auth.js:15:18)
at Layer.handle [as handle_request] (C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\express\lib
outer\layer.js:95:5)
at trim_prefix (C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\express\lib
outer\index.js:328:13)
at C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\express\lib
outer\index.js:286:9
at Function.process_params (C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\express\lib
outer\index.js:346:12)
at next (C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\express\lib
outer\index.js:280:10)
at cookieParser (C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\cookie-parser\index.js:71:5)
at Layer.handle [as handle_request] (C:\Users\palla\Downloads\short-url-node\short-url-node
ode_modules\express\lib
outer\layer.js:95:5)
Node.js v20.6.1
[nodemon] app crashed - waiting for file changes before starting...
function getUser(token){
if(!token) return null;
try {
return jwt.verify(token ,secret);
} catch (error) {
return null;
}
}
use this function instead of what you've written
@@pratyushpragyey7002 yes sir , i have done the same thing , thank you.
@@pratyushpragyey7002 thanks mannn
Nice video
when i replace my token with wrong one the app remain run
Where we are calling getUser function?
nodejs\urlshortener\service\auth.js:8
_id: user._id,
^
TypeError: Cannot read properties of undefined (reading '_id')
Thanks bro
Hmne Information (Object) ko JWT ki madad se bina Secret key bhi generate kar diya to ye secret key kiss kam ki? Plz Reply Sir...
kaha pe?
I don't know if you got the soln or no, but Secret key token me changes krne ke liye h n ki use read krne ke liye
@@varunchakraborty6020 Yes, Got it 👍🏻
Thanks
@@varunchakraborty6020 matlab ki dekhne k liye ki ye token meri secret key se bana hai ki nai?
@@utube6044 hn mtlb agr kisi aur ne changes krdiya token me, to mai verify krskta hu, ki final token mere secret key se bni h ya nhi
Thanks
JWT Authentication basic to Advance full cover karado sir.
yes plz
Okay sure
then why the heck IRCTC uses session😂
it loggs you out at the last second of your attempt to book tatkal ticket💩
bhai ham agar hot to ham khud hi acche khase website bana lete yarr inko kon bataye abb saste saste developers use kiye hai inhone
bro u teaching backend or hacking?
but somewone steal the cookie and try to login in their system can we stop this
That's why it is not a good way
jwt malformed how to solve
Great
Too Good
thanks
jwt itma hi hota he ya aur bhi kuch he
bro where is the code
Please mention it's Hindi in title.
let say you want to make this project open source, but in the backend itself you shared the secret key and using that anyone can get make fake token????
I think we will store the secret key in the .env file
helpfull
someone has its source code
hey I am here on 1st jan anybody else?
explaination is top-notch
but appke voice tone like a little child is speaks
👌
Sir ji ek hi video me pura samjha diya karo na bar bar ja ke dusri video pehle dekho
Ek hi video me bana diya Karo na warna bataya hi mat karo pahle ye dekho tab wo dekho aadmi yaha sikhne aata hai ki tumlog ka views badhane
Bhai, have some patience. it is not a paid course.
same bro
mujhe bhi bhout gussa aata hai
Bhai mat aaya kar ehsaan na kar us par, ek to free main pada ra upar se tu attitude dikha ra, scroll kar aur dusare ko dekh na
Bhai bahut badiya padha raha hai banda free mai... Pura videos dekho nahi to kuch mat dekho
Separate video better hai warna bohot long ho jata woh video na itna tum ya koi bhi samaj kr digest kr pata atleast iska part 1 video khtm hua hoga tb logo ne practice krne ka try kra hoga
Netflix pr binge watch krne nahi aaye ho sikhne aaye ho tum yaha pr 🙂
What next?????
We will cover advance concepts while building projects, No video for today!
@@piyushgargdev matlab ab projects hi projects ayenge
One more request react ke sath integrate karle bhi ek project, fir chain se jinda rahenge
@@piyushgargdev aur haa videos ki continuity yahi rakhiyega sir