1
00:00:01,330 --> 00:00:12,750
well in this video we are going to continue with the json that with the document that we are

2
00:00:12,750 --> 00:00:16,210
saving in our mongo database in the collection

3
00:00:20,289 --> 00:00:27,289
we have already passed the fields that we had configured in our scheme that

4
00:00:27,289 --> 00:00:34,850
then we had converted it to a model through mongoose we want to pass the username the

5
00:00:34,850 --> 00:00:41,090
username the email the password well and everything worked for us well it registered everything well

6
00:00:41,090 --> 00:00:54,170
then it showed us the json it is worth it we sent the json to the from and everything is

7
00:00:54,170 --> 00:01:02,030
working well so far it is worth from the front we received from the client we also received the

8
00:01:02,030 --> 00:01:09,069
json without problem remembering that we have to use the express point json so that it recognizes us

9
00:01:09,069 --> 00:01:18,829
is that data format that we use the network to send from the server from the backend to the

10
00:01:18,829 --> 00:01:26,989
the client to the front and the network is what we receive on the server from the client from the

11
00:01:26,989 --> 00:01:34,629
front is worth a little as a recap of what we have seen so far well now what I want is to

12
00:01:34,629 --> 00:01:42,950
encrypt the password, that is, we cannot have a password that we are also sending it by

13
00:01:42,950 --> 00:01:50,090
the json again to the front is worth then this video I am going to do it in two videos one is going to be

14
00:01:50,090 --> 00:02:02,909
create the password with b crip js a node module with that what we are going to do is encrypt it

15
00:02:02,909 --> 00:02:11,750
and with jason web token what we are going to do is create a touch that we are going to send it to the front and

16
00:02:11,750 --> 00:02:22,909
the front every time he wants to do an operation, he is going to send that touch to the backend to the server and

17
00:02:22,909 --> 00:02:31,729
in that way we are going to know that that client has logged in and it exists, it is worth it, it does not

18
00:02:31,729 --> 00:02:39,229
want to deceive us, it is good, the first video is how I do to encrypt it then to encrypt

19
00:02:39,229 --> 00:02:44,949
the password then what I tell you is worth it, we are going to work with

20
00:02:48,389 --> 00:02:56,979
with vip and crip js then what is the first thing I am going to do because as always we are going to

21
00:02:56,979 --> 00:03:22,129
a instalar a través de npm del nou como es del nou package manager vale vamos a enviar o vamos a

22
00:03:22,129 --> 00:03:40,590
load the module with the id bcryptjs, okay, it's already there and now we start working on this module, as

23
00:03:40,590 --> 00:03:46,370
always, which is the first thing we do, because in this case, as we are receiving the password

24
00:03:46,370 --> 00:03:52,669
that the user is writing from the from, we are receiving it in controller, in this case

25
00:03:52,669 --> 00:04:00,889
in the register arrow function, which is the one that we are developing right now, we had

26
00:04:00,889 --> 00:04:08,490
the fields on which we are going to work, which are the ones that they send us from the from, we used the

27
00:04:08,490 --> 00:04:14,490
try catch to control the errors, we used the wait, so we also put the function as

28
00:04:14,490 --> 00:04:20,990
asynchronous ok and from here the first thing I do is import

29
00:04:20,990 --> 00:04:30,189
import and here we are going to put the clip

30
00:04:30,189 --> 00:04:34,550
import of crime

31
00:04:34,550 --> 00:04:37,610
js

32
00:04:37,610 --> 00:04:57,839
let's see it's weird that I'm not filling it by the clip we're going to put these other people like this

33
00:04:59,639 --> 00:05:08,800
and we're going to put the back here, there you are, okay, the first thing we do is import it, well

34
00:05:08,800 --> 00:05:19,180
as always the technical documentation is valid from npm with the bike rips js then if you open it

35
00:05:20,560 --> 00:05:31,199
you will find this ok here you have everything you see how important it is first that the installation of

36
00:05:31,199 --> 00:05:41,100
by clip js that what we have done matters in this way with the require the over the variable

37
00:05:41,100 --> 00:05:49,620
by clip the by clip js is good we have here to remember all the information that at a given moment

38
00:05:49,620 --> 00:05:53,879
we may need ok we return to the visual studio code

39
00:05:53,879 --> 00:06:05,439
and we are going to continue working, so what am I going to do once I have the

40
00:06:05,439 --> 00:06:11,939
username variable, the email and the password, because the first thing I am going to do will be to take this

41
00:06:11,939 --> 00:06:17,480
password, this is the value that is in this variable that we have received from the from and

42
00:06:17,480 --> 00:06:28,420
encrypt it is worth then to do that within the tricat it is worth or if there is an error we are going to put

43
00:06:35,220 --> 00:06:42,720
by click and this has a function that is hash

44
00:06:42,720 --> 00:06:57,180
ok and we are going to pass the chain of that we want to encode that we want to encrypt in this

45
00:06:57,180 --> 00:07:03,720
case it is the password so the first value that we pass will be password the password variable

46
00:07:03,720 --> 00:07:10,079
and the second or it says salt number is the number of times we want it to be processed

47
00:07:10,079 --> 00:07:19,579
that encryption, that is, an encryption that I put here a very small number

48
00:07:20,899 --> 00:07:27,100
because the encryption is weak if you put a very large number the encryption is stronger

49
00:07:27,100 --> 00:07:38,439
but it takes longer to do so, it is usually put a 10 an 8 is good with this

50
00:07:40,079 --> 00:07:50,459
I would already have my password encrypted, okay, we are going to print it by console and so we see how it is

51
00:07:50,459 --> 00:07:58,259
staying then we are going to take I am going to create a variable I am going to call it

52
00:07:58,259 --> 00:08:17,319
use no password has to be called so or as you want and here we are going to tell the console to see it

53
00:08:17,319 --> 00:08:28,199
it is worth it we pass the password hash point your stream here it is your stream

54
00:08:30,199 --> 00:08:36,820
ok then this is for me to teach it by the terminal to see if it is not encrypted well or not

55
00:08:36,820 --> 00:08:45,080
ok when we take and do this task of yours is to do it in a synchronous way especially

56
00:08:45,080 --> 00:08:55,580
if we put a very high value as salt, then here you already know that to do it,

57
00:08:55,580 --> 00:09:06,019
tell it to execute it in the background to white, okay, okay, and here it has written me to wait

58
00:09:06,019 --> 00:09:18,779
like this, then we are going to try this only done then encrypt it and show it to me

59
00:09:18,779 --> 00:09:30,940
by terminal so I'm going to come here I'm going to put jacinto 2 and jacinto 2 ok and I launch it

60
00:09:30,940 --> 00:09:44,340
we are going to first start all our backend, okay, we already have it, we also have the databases

61
00:09:44,340 --> 00:09:52,019
of the express and the mongo, it is worth and now if now I launch it we have all the fields that

62
00:09:52,019 --> 00:10:00,659
I no longer visualized from the previous video and down here if you see we have that password that is

63
00:10:00,659 --> 00:10:10,440
1 2 3 4 encoded ok it would be this string ok well then now what we have to do is

64
00:10:10,440 --> 00:10:18,039
this string is the one we want to save in the database then we are going to that string and we are

65
00:10:18,039 --> 00:10:28,220
going to save it or we are going to assign it to the new user before making the safe ok before the new user

66
00:10:28,220 --> 00:10:37,100
point 6 of course it is then to assign that value this I am going to leave it commented ok we already see

67
00:10:37,100 --> 00:10:41,279
that it does not work well so I am going to leave it commented and now here I am going to pass the

68
00:10:41,279 --> 00:10:52,120
password field just the password hash ok we are going to pass the password hash in this way when I

69
00:10:52,120 --> 00:10:58,840
do the new user point 6 the one that is going to save me is not the password that I have received it is the

70
00:10:58,840 --> 00:11:09,279
encryption that we have done in this line ok then let's see it again to see it

71
00:11:09,279 --> 00:11:20,220
I'm going to come I'm going to delete this last record that I've put in and I'll launch this one again

72
00:11:22,120 --> 00:11:31,899
we give it to send you see and then now the password that is saving us in our database

73
00:11:31,899 --> 00:11:40,220
is this one, it is worth if we come to mongo db to remember that this is an extension that we put the other

74
00:11:40,220 --> 00:11:45,679
day that we could go to mongo express that we are going to go now I am also going to open it and we are going

75
00:11:45,679 --> 00:12:16,720
3 from here we can see from mongo db we can see that he has saved the document with the encrypted password

76
00:12:17,860 --> 00:12:24,639
is worth in addition to all the fields that we had already told him we already have to do all and if we come to

77
00:12:24,639 --> 00:12:41,559
the mongo express and we have here it is worth jacinto 2 and here we would have that

78
00:12:41,559 --> 00:12:49,899
that password encoded ok this is information because we have it

79
00:12:49,899 --> 00:13:03,230
saved in our database I am going to delete it to use it here now it is a information that we

80
00:13:03,230 --> 00:13:17,230
have in our backend but that we do not want the client to have it at all, the client is worth

81
00:13:17,230 --> 00:13:27,370
if the from then instead of printing all the users 6 with all the fields what we are going to

82
00:13:27,370 --> 00:13:34,029
do is only view some fields it is worth only sending a json with some of the

83
00:13:34,029 --> 00:13:42,169
fields value key then we are going to put the red dot json here and I am going to tell him well what

84
00:13:42,169 --> 00:13:50,230
fields I want you to send me because I want you to send me, for example, the pide

85
00:13:52,409 --> 00:13:59,690
of this register of this user that we are doing well and that we are going to use to take that

86
00:13:59,690 --> 00:14:09,590
value or the user safe or the new user, be careful because there is good, for example, if I was

87
00:14:09,590 --> 00:14:15,490
taking the username it would be worth any of the two is worth in this case it is clear we take the

88
00:14:15,490 --> 00:14:22,909
user 6 which is the values ​​that we have put in the database and they are the ones that we want the

89
00:14:22,909 --> 00:14:31,529
client to also have in the front then here we pass the user 6 point and here we

90
00:14:31,529 --> 00:14:39,169
appears the field that we are looking for that another field we can want because the user name

91
00:14:41,029 --> 00:14:51,750
is worth then 6 point and another more because the email email

92
00:14:51,750 --> 00:14:56,529
and use 6 points

93
00:15:00,149 --> 00:15:10,789
and with these fields because in theory in our client our from would have more ok then

94
00:15:10,789 --> 00:15:16,250
we are going to try it now we are sending it through the network so we are not doing a

95
00:15:16,250 --> 00:15:26,870
console.log will not show them to us in the body, it will not show them to us here, it is worth and not here

96
00:15:26,870 --> 00:15:34,509
then we have to do all we have the information when we send you see it puts us the id it puts us

97
00:15:34,509 --> 00:15:45,169
jacinto 2 and shows us it sends us to the front the email is worth and as here we have deactivated it or we have

98
00:15:45,169 --> 00:15:52,610
commented on the console because it does not show us the encrypted key but we already have it in our

99
00:15:52,610 --> 00:16:01,990
database if we update here I am going to have my key updated ok in theory it is assumed

100
00:16:03,250 --> 00:16:11,929
because they are that it works well ok but if you look at it it has vulnerabilities for example

101
00:16:11,929 --> 00:16:18,169
after this dollar of the second dollar it always tells me the number of times that I want that I have

102
00:16:18,169 --> 00:16:27,350
put as a jump, it is worth as a number of times that the depth of security of the key

103
00:16:28,350 --> 00:16:37,669
is worth then well everything has a vulnerability well then so it would be our

104
00:16:37,669 --> 00:16:45,549
register arrow function, it is worth already with the password encrypted now in the next

105
00:16:45,549 --> 00:16:54,610
video what we are going to do is create this touch with jw tx jason web touch