1
00:00:00,900 --> 00:00:01,733
Narrator: In the last section

2
00:00:01,733 --> 00:00:04,470
we implemented our compare password functionality,

3
00:00:04,470 --> 00:00:08,340
which made use of bcryt to compare our stored password

4
00:00:08,340 --> 00:00:10,023
and our candidate password.

5
00:00:11,640 --> 00:00:14,580
Let's go back and finish up our local strategy now.

6
00:00:14,580 --> 00:00:15,660
So we're at the point here

7
00:00:15,660 --> 00:00:17,580
where we can compare our password.

8
00:00:17,580 --> 00:00:20,640
We can compare is the password that was supplied

9
00:00:20,640 --> 00:00:24,510
by the request equal to our saved password.

10
00:00:24,510 --> 00:00:27,960
So to do so, we can say user,

11
00:00:27,960 --> 00:00:30,750
user here is the user that we found in our database

12
00:00:30,750 --> 00:00:32,940
with a corresponding email.

13
00:00:32,940 --> 00:00:35,043
User dot compare password.

14
00:00:36,180 --> 00:00:39,780
Password, this is the password from the request.

15
00:00:39,780 --> 00:00:41,780
And then we'll pass our callback in here

16
00:00:44,280 --> 00:00:47,323
and it's gonna have arguments, err and isMatch.

17
00:00:48,840 --> 00:00:50,943
So if there was an err,

18
00:00:52,050 --> 00:00:53,650
we're going to return early

19
00:00:54,600 --> 00:00:56,823
and we're gonna call done with this err.

20
00:00:58,440 --> 00:01:00,300
If it is not a match,

21
00:01:00,300 --> 00:01:03,870
so if not isMatch return,

22
00:01:03,870 --> 00:01:05,519
done.

23
00:01:05,519 --> 00:01:06,900
And there was not a err in this case,

24
00:01:06,900 --> 00:01:09,660
so we'll pass in null, but we are going to say false.

25
00:01:09,660 --> 00:01:11,730
We did not find a user.

26
00:01:11,730 --> 00:01:14,040
Otherwise return,

27
00:01:14,040 --> 00:01:14,880
done,

28
00:01:14,880 --> 00:01:15,713
null,

29
00:01:15,713 --> 00:01:16,546
with user.

30
00:01:17,670 --> 00:01:18,570
And that's pretty much it.

31
00:01:18,570 --> 00:01:22,290
So this is going to find an existing user in the database.

32
00:01:22,290 --> 00:01:24,630
It's gonna compare the password that was supplied

33
00:01:24,630 --> 00:01:27,900
by the request with the user's saved password.

34
00:01:27,900 --> 00:01:29,040
If they are the same,

35
00:01:29,040 --> 00:01:32,790
it's gonna call the passport callback with the user model.

36
00:01:32,790 --> 00:01:34,410
Otherwise it calls it with false,

37
00:01:34,410 --> 00:01:36,870
meaning, no, we didn't find a user, sorry

38
00:01:36,870 --> 00:01:38,913
but you know, didn't match up.

39
00:01:40,860 --> 00:01:43,020
All right, so recall that these locals

40
00:01:43,020 --> 00:01:45,540
or these strategies that we're creating right here

41
00:01:45,540 --> 00:01:47,670
we have to actually tell Passport to make use

42
00:01:47,670 --> 00:01:48,503
of these strategies.

43
00:01:48,503 --> 00:01:51,120
So down at the bottom of this file,

44
00:01:51,120 --> 00:01:53,790
well really quick, we created the local strategy

45
00:01:53,790 --> 00:01:56,640
and then we saved it as local login right here.

46
00:01:56,640 --> 00:01:58,800
So down at the bottom of our file

47
00:01:58,800 --> 00:02:01,620
we need to tell Passport to use this strategy.

48
00:02:01,620 --> 00:02:06,063
So we'll say passport dot use local login.

49
00:02:07,350 --> 00:02:08,970
All right, so this is really now ready

50
00:02:08,970 --> 00:02:11,340
for a little bit of use inside of our router.

51
00:02:11,340 --> 00:02:12,420
So here's what we're gonna do.

52
00:02:12,420 --> 00:02:14,020
Let's go back over to our router

53
00:02:16,710 --> 00:02:17,543
and we're going to say

54
00:02:17,543 --> 00:02:20,400
that we're going to add another route,

55
00:02:20,400 --> 00:02:23,970
a post request to sign in.

56
00:02:23,970 --> 00:02:24,803
Okay?

57
00:02:25,710 --> 00:02:27,750
Now, before a user goes here,

58
00:02:27,750 --> 00:02:28,583
which is, you know,

59
00:02:28,583 --> 00:02:32,133
this is gonna sit inside of our authentication controller.

60
00:02:33,600 --> 00:02:36,420
We want them to, we wanna verify first

61
00:02:36,420 --> 00:02:39,450
that before they go to this essentially protected route,

62
00:02:39,450 --> 00:02:42,000
we wanna verify that they supplied the correct username

63
00:02:42,000 --> 00:02:45,870
and password using the strategy that we just created.

64
00:02:45,870 --> 00:02:49,140
So we will create another helper like this requireAuth.

65
00:02:49,140 --> 00:02:49,973
That's basically put in

66
00:02:49,973 --> 00:02:53,250
to intercept the request ahead of time.

67
00:02:53,250 --> 00:02:54,990
So we'll make another helper.

68
00:02:54,990 --> 00:02:56,850
We'll say const

69
00:02:56,850 --> 00:02:58,743
require sign in,

70
00:03:01,050 --> 00:03:03,300
passport dot authenticate,

71
00:03:03,300 --> 00:03:05,130
this time with local.

72
00:03:05,130 --> 00:03:06,880
And again, we don't want a session.

73
00:03:09,720 --> 00:03:12,030
So now before a user can go

74
00:03:12,030 --> 00:03:14,190
to the sign in route handler,

75
00:03:14,190 --> 00:03:15,700
we're going to require

76
00:03:16,890 --> 00:03:17,723
sign in.

77
00:03:19,003 --> 00:03:20,010
Okay?

78
00:03:20,010 --> 00:03:22,260
So this is kind of a interesting approach we've taken here.

79
00:03:22,260 --> 00:03:24,840
We've put this require sign in into a middleware.

80
00:03:24,840 --> 00:03:27,720
So it's going to attempt to authenticate the user

81
00:03:27,720 --> 00:03:29,793
before they hit this route handler.

82
00:03:30,660 --> 00:03:32,790
Let's go ahead and create the route handler

83
00:03:32,790 --> 00:03:35,100
and then we will probably take a break

84
00:03:35,100 --> 00:03:37,200
and continue in the next section.

85
00:03:37,200 --> 00:03:40,110
So inside of our authentication controller

86
00:03:40,110 --> 00:03:41,970
we'll create a new helper.

87
00:03:41,970 --> 00:03:45,008
So exports sign in.

88
00:03:45,008 --> 00:03:48,993
So we have function with request, response, and next.

89
00:03:49,860 --> 00:03:53,310
Okay, so in here, at this point in time

90
00:03:53,310 --> 00:03:58,310
user has already had their email and password auth'd.

91
00:04:00,240 --> 00:04:02,320
We just need to give them

92
00:04:03,810 --> 00:04:04,643
a token.

93
00:04:05,640 --> 00:04:06,473
Token.

94
00:04:06,473 --> 00:04:07,306
There we go.

95
00:04:08,550 --> 00:04:09,870
All right, so let's save this

96
00:04:09,870 --> 00:04:12,183
and let's wrap this up in the next section.