Saltar navegación

Activa JavaScript para disfrutar de los vídeos de la Mediateca.

Back end vs Front end - Vídeo 13 - Contenido educativo

Ajuste de pantalla

El ajuste de pantalla se aprecia al ver el vídeo en pantalla completa. Elige la presentación que más te guste:

Subido el 13 de julio de 2024 por Mario S.

33 visualizaciones

bcrypt.compare(), function register, function logout.

Más información Transcripción

Descargar la transcripción

well in this video we are going to start to develop the login function that is very similar to the one 00:00:00
we have been doing so far of register ok in the login one we are going to think a little 00:00:10
about how it is going to work the front is going to send us a json in that json what is usually 00:00:16
always send is the email and the password is worth the email and the password we are going to say 00:00:25
then we are going to receive instead of these three fields because the username we would not need it 00:00:33
is worth once we have the email and the password what is done is first we check that the email 00:00:41
exists in our database so we are going to launch a selection consultation of a single 00:00:47
field that this email is looking for if this email does not find it then it will give us an error if it 00:00:54
finds it the second step would be to check that the password that they send us from the front is correct 00:01:02
ok if it is not correct it is assumed that the email yes but the password not so there we would send another 00:01:10
another error code is valid if the email and the password are fine then what do we have to 00:01:19
do and create our touch is worth the same as we have done when we have registered it then we are going 00:01:30
to pass the value load that is the idea will create the access to that in with the function that we have done 00:01:37
in the previous video, and once the token has been created, we are going to create the cookie and 00:01:46
we send the json to the from, if any type of error occurs, then we put the 500 or the state 00:02:00
o el código de estado que nosotros queramos entonces un poco los pasos a seguir son esos 00:02:10
pero me voy a basar en la función que hemos hecho del register así que esto voy a ir colocándolo 00:02:17
todo un poco dejándolo ya todo bien vale este aquí este bien esto no lo queremos fuera 00:02:25
then we are going to start with all this I am going to upload it to have it all that we have 00:02:42
everything visible or we are going to download this so it is worth then the function is good this I am going to 00:02:55
erase it entirely, it is not worth it, I write it again, there is no problem, it is because with 00:03:05
login the same as synchronous, it is all the same, 00:03:14
we are going to receive the parameters, the network and the network is worth the request and the response 00:03:22
and we do our arrow function and we start the first thing we want to receive is the e-mail field 00:03:30
ok the field email and the field password that we are going to pick up from rec dot 00:03:48
ok then here we are already taking the password and the email that the from the client is sending us 00:04:10
once we have done that we follow the same steps ok then as we are going to do an operation 00:04:19
on the mongo database we are going to use the track at to control those errors ok so 00:04:27
we put the track at ok and here we have said that the first thing we want to do is to check that 00:04:35
that email that they are passing us from the front exists then to see this 00:04:46
because we are going to launch a consultation ok then this consultation I am going to put it in two 00:04:58
ways one which is the way it gets older not for a little longer 00:05:04
time that also works but you are going to see that if you go to the technical documentation and that is why 00:05:11
I insist and I am very heavy that you always work with the technical documentation, it is worth because 00:05:17
if you do not get used to doing things but you do not update them at the same time that they 00:05:24
are updated by the development teams of the different technologies that you are using, 00:05:32
ok then this before we could put something like cons 00:05:38
well I am going to explain it to you ok it is a when we have made the connection with our database 00:05:45
we have used mongoose that you already have to have it clear ok with the mongoose connect we made the 00:05:53
connection then we have made the mongoose point is scheme that is the scheme that we have made and 00:06:00
and from there we have taken out a model that is user and user we have imported it up here because 00:06:06
we have worked with it when registering a user, it is worth then we have that user 00:06:13
if I put here user point that model is the one that allows me as it belongs as it is created 00:06:18
from the model of mongoose it allows us to launch the queries it is worth then if I put the user here 00:06:28
and I put the fine one here we have types of queries is worth in this case of search selection 00:06:35
search that will return me all the records search for there and search for update delete 00:06:44
search and delete good for there it is worth all these to me what interests me now is to look for one we know 00:06:51
que el esquema que hemos hecho de los datos cuando registramos a un usuario pusimos que 00:07:00
el email tiene que ser único vale si me vengo a modelos user models tenemos que el email es 00:07:08
requerido que sí y que es único lo cual le hacía la clave vale que es único vale entonces 00:07:18
here what I am going to put is user find one and that he looks for us is that email then what 00:07:25
we pass is that json that is the email two points I do not need here with passing the email it is already 00:07:37
me va a servir entonces yo ser fan one este email vale que me busque este email vale ese 00:07:50
email o esa búsqueda tiene que ser asíncrona así que el agua vale por eso le hemos metido 00:08:00
up here also the async is worth this error is worth it and we are going to collect the result of this operation 00:08:09
in a variable because we are going to call it user ok then here we have in 00:08:27
user found we are going to launch the consultation so that it looks for the first document that it finds with 00:08:38
an email value that accompanies the email key and that it is the one that we are passing between keys 00:08:47
that is the one that we have passed from the front ok well this would be a way to put it and it is 00:08:56
how it has been put for a long time, it is worth and it is this line and that's it now if we come to the 00:09:03
technical documentation it is worth here we have within mongoose of the documentation of the mongoose document 00:09:11
it is worth of the doc in queries I have the one of query prototype the fine one is worth then the parameters 00:09:20
que retorna que es la query bueno tenemos aquí un ejemplo qué es el que me interesa 00:09:32
vale entonces aquí te declara una variable que es query en la que te dice el modelo que usa en este 00:09:43
ejemplo que es kit en punto web donde vale el color sea igual a blanco vale es como escribir 00:09:49
the criterion the condition now I create another variable that would be here the call remove also 00:09:56
we are going to make a pause forgive 00:10:06
ok we continue we are seeing ok the example ok then we launched the consultation that we have 00:10:12
created in the web and this will return a json with all the information that we have in that 00:10:20
document saved in the mongo ok if it finds it then we are going to write it as it is 00:10:29
then we return to our code and I write it as it is in the documentation and that is constant 00:10:37
query this is equal to user that in our model where it is worth where the field and mail 00:10:49
is equal and between and the string well here there is no string here it is and mail also 00:11:11
ok it seems that I am putting the same thing but it is not the same this email is the key of the jason 00:11:23
that I am sending within the web ok and this other email is the one I am collecting from the 00:11:31
reg body ok I do not know if in the video you can see that here is a lighter blue and here a 00:11:37
darker ok they are not the same ok this point and comma ok and what I am going to have is the second line 00:11:43
that it was with use is the same as a white is worth because 00:11:54
white 00:12:03
query point fine parenthesis parenthesis point 00:12:07
ok well this according to the technical documentation is the way it is 00:12:17
put today is from here is the way it has been put for a long time, okay, then 00:12:24
nothing, we are going to comment this way and we are left with the new one, okay, what is the next thing I am going to 00:12:31
do once I have launched the consultation and I am going to have a result in users found that or it may 00:12:40
be that there is nothing or it may be that there is a json with the information of its user ok if there is 00:12:47
nothing it means that that email is wrong so here we are going to put a yes 00:12:55
we are going to put it if there is nothing in you are found it is null that you are going to do a return and we are going to 00:13:07
send a network is in status and we can send a code because it can be 00:13:16
204, it is worth that there is no point and comma content, well if we go back to 00:13:31
our web here I have the state codes that are divided into 00:13:42
informativa respuesta satisfactoria de redirecciones errores del cliente este 00:13:47
es el mdn web docs vale entonces aquí tenéis todos los códigos de error y así 00:13:52
los podéis usar de una forma coherente vale vale 00:13:59
volvemos a nuestro código y seguimos vale qué pasa 00:14:05
00:14:11
the email is correct, it is fine, then we continue working, it is worth what we do if the email is correct, it is to compare, 00:14:14
if the email is correct, we have said that in UserForms it returns a JSON with all the information of its user, 00:14:29
user so one of that part of that information is a key value field that is the password and the 00:14:34
password that we have registered in the database then we can make that comparison 00:14:41
is worth that comparison we are going to use it we are going to create it with or we are going to do it with by 00:14:46
click and it is worth what is the one we have used up here where here the bike is worth 00:14:52
to do the hash to do to encrypt that password is worth then here we are importing it 00:15:06
by Crip, the by Crip.js to by Crip and here I am going to use it again, okay, then we are going to put 00:15:17
this would be something like by Crip, this is, I am writing more like this, .compare and in compare to that function 00:15:24
what we are going to pass is on the one hand the password that we have, okay, the one that has passed us 00:15:38
the from and the one that we are collecting in this variable from up here is worth 00:15:44
and for another the one that I am going to pass on is the one that we have found when we have compared when we have 00:15:53
launched the consultation on the email then I am going to put it here the user found point password is worth this 00:16:04
is this instruction this bike.com for what is going to return us is a true or a false 00:16:12
ok and it is an operation on the database so we do it asynchronous and with we are going to say and smart 00:16:21
for example, it is equal to a variable that is coincident, because yes or no, false or no, this is the same 00:16:33
if we go to the help we go to the help to the technical documentation because we also have 00:16:50
here the different examples ok you see the sea the residence such good because a little you read it 00:16:57
you see you see that it is going to compare a little the same thing that I am doing ok although here it is 00:17:04
comparing the hash this we have to prove now because when we saved in the 00:17:10
database we are saving it already configured encrypted ok then that has to be checked ok I think 00:17:15
that it compares directly, it decrypts it and it does it for us well, but let's see it, 00:17:23
we are going to continue in our code in our visual studio code, 00:17:30
okay, so what am I going to do? ask if 00:17:39
is not worth if there is no coincidence that is, the passwords are not the same, so what am I going to 00:17:44
tell you, because you send a retun again, we send it back now or we send it a res in status 00:18:00
and in this case 00:18:09
because I am going to send a I do not know the error 401 the error 401 is worth the error 401 is the one of 00:18:10
that you are not authorized, okay, okay, then if the email is fine, we have found it 00:18:33
in our database and the passwords are the same, so what do we have to do 00:18:47
all the part of creating the touch this one of the 6 is not valid but this one is valid then here we are going 00:18:56
to put a little bit because the same constant touch is equal to weight is valid to create 00:19:09
access to touch with and here I do not put the user 6 because it is within the login function I do not have it 00:19:17
ok then there what we are going to put is that you believe me the touch passing the value load that is the 00:19:27
the id and this is going to be you have to put in that key the user found ok dot under there 00:19:36
ok now we are working with the user found ok I have already created that touch in principle 00:19:47
we are going to create the cookie ok and in the cookie we first pass the name of the cookie which is 00:19:58
touch and then the value that is going to be all worth this already because it does not change anything that more we pass the 00:20:06
3.j are 00:20:16
parentheses and keys ok we are passing the id 00:20:21
is equal to the user fan point there the username 00:20:28
two points and use a point and use name and we are missing the email 00:20:37
two points and use 00:20:50
point and 00:20:59
and here 00:21:07
ok, here it would be to close the keys, close the parenthesis, ok, and if there is no error, then what 00:21:11
, that is, sorry, sorry, if any error has occurred in all these operations, we can 00:21:28
pass the error 500 the error 500 then we are going to pass the res status 00:21:34
500 ok and if you want here we can pass the json 00:21:51
an error has occurred in the server 00:22:05
or we can pass the same json error, we could also do that, well, in this case I'm going to leave it like that and that's it, okay, let's see how it works for us, 00:22:14
the point works well then we are going to see the records that 00:22:34
we have this 00:22:48
the one of carmen is worth the one of carmen we are going to delete it and we are going to work 00:22:55
on it 00:22:59
we are going to come and this out 00:23:02
and out and we are going to be in berkley and we are going to delete these and then we are going to do 00:23:07
everything so that we do not forget how it is done then new request ok we remember that it is the post 00:23:15
we remember that to register it was the local host register that I go to the body ok and here we are going to 00:23:24
put the values ​​then that the username is the same 00:23:37
that the email the points is the same as 00:23:49
carmen arroba dan 2.com and that the password this is equal to 00:23:59
1 2 3 4 because you want this I give it to send this creates it for us we have not done this 00:24:15
register we have not touched it ok we are going to check it here I have it Carmen with her password 00:24:23
encrypted everything, everything is fine, now let's go to create another consultation, then we are going to close this 00:24:31
and this and this and this I leave another consultation ok then we are going to put the post we are going to put 00:24:41
localhost 2 points 4000 barra dan 2 in this case it is worth it I go to the body and now we are going to 00:24:50
start checking the different errors that we have been controlling the first was that the email 00:25:00
did not exist ok then we are going to put it well and we know that we only pass two fields and 00:25:06
email and the password is worth then email that will be the one that is worth comma and the password 00:25:11
ok then we are going to put the password now now well but the email I am going to put it wrong ok 00:25:20
then the email I am going to put the carmen 2 carmen 2 00:25:31
gmail eradan 2.com ok then I have this this in quotes doubles is his thing ok I give it to sense 00:25:39
and it does not return me anything or if it returns me the error the set is the same status 204 it is worth that it is the one 00:25:59
that we have told it to happen to us if there is a password problem it is worth that it is not authentic 00:26:16
that the authentication is not correct ok that is not working well it takes us ok it has 00:26:22
checked that the email does not exist, it has launched the firewall, okay, that has done it for us well, 00:26:27
so now we are going to take it, we are going to put it well and clean it, okay, but I am going to dance these two numbers 00:26:34
of the password, then we are going to put instead of 1 2 3 4 1 3 2 4 ok and I give it to be ok and here 00:26:40
gives me the error 401 which is the one that we have told him here 00:26:48
ok then it is before the error 204 was that 00:26:55
I did not find the data of 401 is the one of the authentication is worth a 00:27:01
authorized ok then he tells you here ok 00:27:06
it has also worked for us now we are going to see if I put it all right 1 2 3 4 carmen 00:27:14
if it works for us and if you have found 00:27:22
this json it is worth if you have found this user yes that he has compared the two passwords although 00:27:28
he does not pass it is encrypted now we decrypt it already decrypt it alone and then as he has done everything 00:27:35
well, it has created us, it returns the data that we have told it, the user found, sorry, the ID, the username 00:27:40
and the email, okay, and also the header has been made for us, okay, and the token has been returned to us, which is what 00:27:51
we need if here we are giving as you see that it always gives us 200 that is fine that there is no 00:28:00
problem that the operation has done it well and the touch is changing ok every time we give it to 00:28:08
send it always updates it so that login function would already be ok and it is 00:28:14
working correctly for us now we are going to do since we are in the out function 00:28:23
ok then for the out function we are going to lower this ok we are going to create sport 00:28:32
with the out this is going to be the same an entry of a network and a network we already use them or not it gives us the 00:28:45
same is worth exactly the same as so far an arrow function is worth the first thing we have to 00:28:56
do is create this route because we did not have it then let's go to our routes 00:29:05
routes here you are to routes then here we go to 00:29:13
router post 00:29:19
logout and we want the logout to be executed and here the functions that we want to take is register 00:29:21
login and the logout one cannot be forgotten, it is worth if we cannot do things well, we already 00:29:42
we already have it in route we already export route we have here it is worth this I am going to 00:29:52
and we already have that route so that it does not recognize it, it is worth what I have to do here 00:30:02
when we execute this function in the out, because it is that this touch disappears, it is worth 00:30:09
then for the token to disappear we can this is easy this is the network is worth what 00:30:16
we are going to send it is a cookie but it is empty we are going to send it with the same name then it is going to 00:30:24
crush the previous one but in this case it is sent empty in quotes and I am going to pass a 00:30:31
third option to the res cookie, which are the options, then here what I am going to 00:30:42
happen is when I want you to expire, so if you look here it says options 00:30:49
convert them to write when you want it to expire basically a signature of the cookie 00:30:57
a good pad, what I want to happen to him is this the expiration time of that copy that I want it to be 00:31:07
right now, then we are going to put the spa and we are going to tell him 00:31:13
and my date to do it is worth with this I am telling him to expire at this very moment 00:31:25
so I'm going to put this here and what I'm going to do is to see that everything is fine, 00:31:37
return resens status 200 is worth 200 and I would already have my function that the only thing I do, the only thing 00:31:43
que necesito es ponerla la la cookie toque en hacer entonces si ahora me vengo creamos una 00:32:00
nueva vamos a ponerle post vamos a decirle aquí le hemos puesto si he puesto pues vamos a decirle 00:32:10
localhost 4000 dan 2 y ahora le metemos el logout vale si enviamos vemos que el toque 00:32:22
ya se nos ha quedado en blanco vemos que el response ser cookie esto ya no hay ya no hay 00:32:36
cookie ok and it responds to me one that is worth everything is ok ok well these would be the functions to 00:32:45
register log in and leave the lobby ok well a greeting see you later 00:32:57
Idioma/s:
es
Idioma/s subtítulos:
en
Autor/es:
Mario S.
Subido por:
Mario S.
Licencia:
Dominio público
Visualizaciones:
33
Fecha:
13 de julio de 2024 - 21:40
Visibilidad:
Público
Centro:
IES VILLABLANCA
Duración:
00′ 12″
Relación de aspecto:
1.78:1
Resolución:
1920x1080 píxeles
Tamaño:
86.39 MBytes

Del mismo autor…

Ver más del mismo autor

EducaMadrid, Plataforma Educativa de la Comunidad de Madrid

Plataforma Educativa EducaMadrid