1 00:00:00,710 --> 00:00:07,100 So this time around, what we want to do is to change this menu so that when a user is logged in, this 2 00:00:07,100 --> 00:00:13,340 shows a log out and we want to create the necessary root and handler to actually log a user out of the 3 00:00:13,360 --> 00:00:13,870 system. 4 00:00:13,880 --> 00:00:15,260 And none of that is too difficult. 5 00:00:15,860 --> 00:00:20,870 Now, last lecture, I said I probably use the middleware to accomplish this, and that was wrong. 6 00:00:21,200 --> 00:00:24,050 I'm not going to use the middle where there's a much simpler way to do this. 7 00:00:24,320 --> 00:00:27,260 I'm looking right now at the template data go file. 8 00:00:27,260 --> 00:00:33,680 And if you recall, this struct holds information that is available to every single page of our Web 9 00:00:33,680 --> 00:00:34,040 site. 10 00:00:34,340 --> 00:00:37,700 And all I'm going to do is add a new new member to this or a new field to this. 11 00:00:37,700 --> 00:00:40,970 I'm going to call it is authenticated. 12 00:00:44,900 --> 00:00:47,360 Which I hope I spelled right, it will just be an. 13 00:00:48,830 --> 00:00:53,360 So if this value is greater than zero, then the user will be logged in. 14 00:00:53,630 --> 00:00:56,240 If it's equal to zero, then the user is not logged in. 15 00:00:56,240 --> 00:00:57,880 And that's the simple logic. 16 00:00:58,310 --> 00:01:04,510 So the only thing I need to do is to ensure that I populate that field every request. 17 00:01:04,520 --> 00:01:09,360 And where do I do that while I do that in the render package here, the add default data. 18 00:01:09,980 --> 00:01:13,280 So I need to make a decision here as to whether or not a user is logged in. 19 00:01:13,280 --> 00:01:20,930 And if you recall, when the user is logged in, we set a sessional variable called User Underscore 20 00:01:20,930 --> 00:01:21,350 ID. 21 00:01:21,500 --> 00:01:25,520 So here in our default data, I have access to the request. 22 00:01:25,790 --> 00:01:27,430 That means I can use the session. 23 00:01:27,560 --> 00:01:29,720 So all I have to do is to say something like this. 24 00:01:30,110 --> 00:01:39,800 If app session dot exists and give it the context, are context and look for the key user ID. 25 00:01:39,980 --> 00:01:45,200 If that exists, then populated what is authenticated with one. 26 00:01:45,950 --> 00:01:46,580 And that's it. 27 00:01:46,760 --> 00:01:50,510 Because if it's not there, then the default value for it is authenticate. 28 00:01:50,510 --> 00:01:52,850 It is the default value for an event and that's zero. 29 00:01:53,030 --> 00:01:57,680 So that should give me enough to determine whether or not someone is logged in. 30 00:01:58,910 --> 00:02:04,110 Now, of course, I need to still change this login to log out, and that's not that hard. 31 00:02:04,130 --> 00:02:07,850 Let's go to our base layout and find the log in. 32 00:02:07,850 --> 00:02:08,540 It's right here. 33 00:02:08,720 --> 00:02:10,490 This is the menu item for a login. 34 00:02:10,520 --> 00:02:11,660 I'll just put an if statement here. 35 00:02:12,200 --> 00:02:21,140 So I'll say if equals is authenticated one, then show log out. 36 00:02:21,440 --> 00:02:23,360 So we'll put a space for that. 37 00:02:25,040 --> 00:02:27,010 Else show log in. 38 00:02:28,810 --> 00:02:34,240 And put an end there and format this and then I'll copy this log in. 39 00:02:36,480 --> 00:02:44,400 And paste it up here and change that to user log out a route that doesn't exist yet, but it will momentarily 40 00:02:44,820 --> 00:02:47,310 and change this to log out. 41 00:02:52,140 --> 00:02:57,850 And I guess I didn't get the pointy bracket, so there that should work, so let's try that out. 42 00:02:58,320 --> 00:02:59,220 Let's run this. 43 00:03:01,900 --> 00:03:07,690 Go back to her application, reload this page, log in, shows up like it should, let's put in a valid 44 00:03:07,690 --> 00:03:15,150 login admin at admin dot com password and hopefully when I log in, that will change to log out. 45 00:03:16,750 --> 00:03:17,470 And it does. 46 00:03:18,460 --> 00:03:19,240 So it's log out. 47 00:03:19,240 --> 00:03:23,350 Now, if I click on this, of course, nothing happens because that route doesn't exist yet. 48 00:03:23,350 --> 00:03:26,260 So let's go create the log route, which is really, really easy. 49 00:03:27,070 --> 00:03:28,540 So go back to my reads file. 50 00:03:29,210 --> 00:03:33,940 I'll find the part where I've logged in and right underneath that I'll say mux dot get and I'll make 51 00:03:33,940 --> 00:03:42,460 it a get request user log out and that will go to Handler's repo dot logo, which doesn't exist. 52 00:03:42,790 --> 00:03:44,060 So let's go create that. 53 00:03:44,740 --> 00:03:49,180 So over to our handlers file and at the very bottom, which is where I am right now, I'll create a 54 00:03:49,180 --> 00:03:49,810 new function. 55 00:03:53,390 --> 00:03:57,680 Which I will call funk, and it'll have to have the repository receiver. 56 00:03:59,350 --> 00:04:04,390 And I'll call it logout, and because it's a handler requires a response writer. 57 00:04:06,590 --> 00:04:08,150 And a pointer to a request. 58 00:04:10,830 --> 00:04:12,960 And I just love the user, OK, now how do you do that? 59 00:04:13,150 --> 00:04:18,840 Well, all I really need to do is to make sure that that sessional variable user ID doesn't exist. 60 00:04:19,260 --> 00:04:24,140 But as this application grows, I might be putting more things in the session. 61 00:04:24,150 --> 00:04:27,720 So the simplest thing to do is just to destroy the session. 62 00:04:27,990 --> 00:04:31,950 And we can do that by calling our our session at UT. 63 00:04:32,610 --> 00:04:40,920 So I am dot app, dot session destroyed and all that requires is the context which we can get from our 64 00:04:40,920 --> 00:04:41,580 request. 65 00:04:45,580 --> 00:04:48,440 And then, as I said before, there should be an equal sign there. 66 00:04:48,490 --> 00:04:52,810 This throws an error that I'm not bothering to check for because destroying a session just works. 67 00:04:54,070 --> 00:04:58,030 We also want to regenerate our session Tolkan or renew our session tokens. 68 00:04:58,030 --> 00:04:58,940 So let's do that, too. 69 00:04:58,960 --> 00:05:00,550 It's always good practice to do that. 70 00:05:00,880 --> 00:05:05,740 M dot app, dot session, dot renew, Tolkan. 71 00:05:05,740 --> 00:05:07,450 And that just requires the context. 72 00:05:09,610 --> 00:05:13,090 And then of course we have to take them somewhere, otherwise they're just going to see a white screen. 73 00:05:13,090 --> 00:05:14,650 So we'll take them back to the login screen. 74 00:05:15,610 --> 00:05:27,400 Each redirect w r slash user slash login and some status code, HDTV, the status, the other and that 75 00:05:27,400 --> 00:05:27,930 should work. 76 00:05:27,940 --> 00:05:30,460 But let's give this its comment as we're supposed to do. 77 00:05:32,770 --> 00:05:37,720 Logs a user out, so let's stop our application, start our application. 78 00:05:40,120 --> 00:05:47,440 Go back to this screen, to our application, and let's reload the page, good, so we're not logged 79 00:05:47,440 --> 00:05:56,160 in, so let's log in admin at admin dot com password submit. 80 00:05:56,800 --> 00:05:57,840 I'm now logged in. 81 00:05:58,600 --> 00:05:59,590 Let's try logging out. 82 00:06:00,730 --> 00:06:01,510 And it worked. 83 00:06:01,510 --> 00:06:02,080 Perfect. 84 00:06:02,290 --> 00:06:05,080 Now, one thing you should be aware of, you may have noticed this already. 85 00:06:05,410 --> 00:06:10,000 If I log in admin, admin, dot com password. 86 00:06:12,280 --> 00:06:20,340 I'm logged in right now if I go back and stop my application and start it back up and reload this page, 87 00:06:20,560 --> 00:06:25,570 I will be logged out every time you stop the application because we're just using cookies to store this 88 00:06:25,570 --> 00:06:28,000 information, the login information and track our sessions. 89 00:06:28,630 --> 00:06:33,790 If you stop your application and restart at the sessions are gone, you've lost your session. 90 00:06:33,790 --> 00:06:35,380 And that's that's not a big deal. 91 00:06:35,380 --> 00:06:42,040 When we're working, as we are right now on a local server in production, you may not want to use simple 92 00:06:42,040 --> 00:06:43,480 cookies to store your session. 93 00:06:43,480 --> 00:06:48,370 You may want to use something like Retests or one of the other stores that are available to us. 94 00:06:48,730 --> 00:06:51,880 But that's beyond the scope of what I'm trying to teach you right now. 95 00:06:51,880 --> 00:06:52,870 It's not difficult. 96 00:06:52,870 --> 00:06:59,230 You can read the documentation on Alex Edwards, excession manager, and use retests or some other means 97 00:06:59,230 --> 00:07:00,910 of storing your sessional information. 98 00:07:00,910 --> 00:07:02,830 You can even start in the database if you want to. 99 00:07:03,100 --> 00:07:07,510 And then that sort of thing won't happen because the cookies are not ephemeral. 100 00:07:07,510 --> 00:07:10,990 They don't disappear between restarts of the application. 101 00:07:11,170 --> 00:07:14,110 But for our purposes, this is sufficient for what we're trying to do. 102 00:07:14,560 --> 00:07:18,790 So now we have a means of actually logging a user in and logging user out. 103 00:07:19,030 --> 00:07:25,000 The next step is to actually create some new routes that are only available to users who are logged 104 00:07:25,000 --> 00:07:25,360 in. 105 00:07:25,360 --> 00:07:27,820 And we'll do that in the next lecture.