NodeJS / Express / MongoDB – Build a Shopping Cart – #9 Sign In

00:00:01 welcome back great to see you again time
00:00:04 to handle the user sign-in so sign up
00:00:08 looks good but sign-in is missing I'm
00:00:10 closing all these folders here tabs here
00:00:13 and now back in my project I'll go to my
00:00:16 passport chess file to also implement a
00:00:19 strategy for signing the user in I'll do
00:00:22 this right below my sign up strategy and
00:00:25 of course I start by you again using
00:00:28 passport use I'll name it local sign in
00:00:31 and this will also be a new local
00:00:34 strategy where I first have some
00:00:39 configuration where I again basically
00:00:41 pass the same config as before setting
00:00:45 up username field and so on and then I
00:00:48 have my callback here where I again have
00:00:51 my request the past email and password
00:00:54 as well as the done callback function I
00:00:58 may execute whenever I am done now here
00:01:01 again I could validate but I don't
00:01:03 really have to because I'm just checking
00:01:05 if the entered data fits the user data
00:01:10 in the database so technically I don't
00:01:12 need to validate but I think it's nice
00:01:15 to give some error messages if the user
00:01:18 simply forget forgets to enter the
00:01:19 password or anything like that so in
00:01:22 order to do this I will copy the
00:01:24 validation logic from above all that
00:01:29 code here but I will get rid of the
00:01:34 minimum length because that really
00:01:35 doesn't matter I'm comparing passwords
00:01:37 anyway as well as of T is email or well
00:01:41 now I own leave T is signal I think
00:01:43 that's fine so with that I'm yeah doing
00:01:46 the validation again the code of you saw
00:01:49 above and of course you could refactor
00:01:52 this for example but I'll leave it like
00:01:54 this and next I will try to find the
00:01:57 user and I can also copy the code here
00:02:00 from my signup method because I'm
00:02:03 basically doing the same line once you
00:02:05 find a user I return done with the error
00:02:08 if we have an error however if I find
00:02:11 the user this is of course the good case
00:02:13 so here I will reverse this
00:02:14 to return an error if we don't find the
00:02:18 user then I will return a message say no
00:02:21 user found so if yeah if we try to find
00:02:28 a user with the email address which
00:02:29 isn't in the database and then I also
00:02:31 need an upper case where the password
00:02:34 might be invalid so to check this I will
00:02:38 run user and then valid password this SD
00:02:42 helper function or the method I defined
00:02:45 in my user model here if you remember
00:02:48 this this function here so now I'm
00:02:51 executing this function to verify the
00:02:53 password with the encrypted password in
00:02:57 the database and if this fails if the
00:03:01 password is not valid well then I will
00:03:03 also return done with n with defaults
00:03:07 case here so that it was not successful
00:03:09 and the message will be wrong password
00:03:13 in my case here if all of that is passed
00:03:17 successfully so no error user found and
00:03:19 password is correct well then I can
00:03:22 simply return done with no error and the
00:03:28 retrieved user and user of course is to
00:03:30 use ref found in D in database so this
00:03:35 is my sign-in strategy and now any index
00:03:39 chess file I have to create the routes
00:03:41 for that so I'll do this here where
00:03:43 again get my user sign-in route with
00:03:50 request/response next to show the
00:03:54 sign-in page first and all I will do
00:03:57 here is I will render the sign-in page
00:04:02 and I will copy the code from the
00:04:04 sign-up route here because I'm basically
00:04:08 doing the same and also want to display
00:04:10 error messages if there are any a also
00:04:12 want to pass token so that's all the
00:04:14 same and next I will add another route
00:04:19 the post route user sign in but here of
00:04:25 course I will not use my request for
00:04:27 once next function but instead I will
00:04:29 use passport authenticate and then my
00:04:33 local sign-in strategy HS set up with a
00:04:38 JavaScript object to configure it now
00:04:41 the configuration equals the one from my
00:04:44 post request here and with that I'm
00:04:48 making sure that I redirect it to the
00:04:51 profile if successful but to the sign-in
00:04:53 page not sign up if we fail so with that
00:04:58 all this is working I'll restart my
00:05:02 server and I'll go to the sign-in page
00:05:06 here and I'll try to log in with the
00:05:10 credentials I provided email already
00:05:13 news doesn't sound right and this of

00:05:16 course is the case because here well hmm
00:05:20 first I'm returning these sign up view
00:05:23 not design in view so that's wrong
00:05:26 but it was good because my sign-in views
00:05:28 totally empty so I should probably add
00:05:30 this here I just copied all the code
00:05:33 from the signup view but of course I
00:05:34 have to update my action here to
00:05:37 actually try to sign me in not sign up
00:05:39 and I'll replace the text here to also
00:05:43 be correct now if I reload so go to sign
00:05:49 in again this should not really be dis
00:05:50 sign in form and this looks good
00:05:53 I am for varlet to do user profile so DS
00:05:57 signing in works s nasty sign up let's
00:06:01 try what happens if I enter an email
00:06:06 address which is not valid or okay if I
00:06:08 enter this for example invalid email and
00:06:10 if I enter a wrong password for a valid
00:06:13 email address I get wrong password so
00:06:15 this works but that was not really what
00:06:18 I wanted to do here what I want to do
00:06:20 next is I want to protect my routes and
00:06:23 it would be nice to have some kind of
00:06:25 route grouping because if we have a look
00:06:28 here we got slash user slash user slash
00:06:32 user and it's totally unnecessary
00:06:34 because all these routes shared a slash
00:06:38 user I don't want to write it on
00:06:40 throughout here

You may also like