WEBVTT

00:01.480 --> 00:06.900
So far, the only thing we're doing in this check, authentication handler, is send back invalid credentials.

00:06.940 --> 00:10.520
It doesn't matter what we receive from the end user, we're always sending back.

00:10.540 --> 00:12.980
No, you're not allowed to be here in the form of Jason.

00:13.000 --> 00:15.490
And clearly, that's not sufficient for our purposes.

00:16.420 --> 00:19.850
So let's read a few comments determining what exactly we want to do here.

00:20.380 --> 00:26.220
The first thing we want to do is to validate the token and get associated user.

00:28.240 --> 00:31.810
So we're going to take the information we receive from the end user.

00:31.810 --> 00:35.190
And that comes from based logo HTML.

00:35.230 --> 00:41.800
This line right here, the header authorization, and that consists of the text Beera, followed by

00:41.800 --> 00:48.100
a space followed by whatever token we've received at some point, and we're sending that token back

00:48.100 --> 00:52.120
to the server to say, am I look at my token and see if I'm actually mean.

00:52.600 --> 00:54.370
So we get that information from the header.

00:54.970 --> 01:00.700
So back here, what we want to do is to call some function and I'll create a stub function right here

01:00.700 --> 01:09.430
just above this one func app with a pointer to application and I'll call it just to authenticate Toker

01:09.910 --> 01:11.800
authenticate token.

01:12.130 --> 01:18.940
And it will take as a parameter just the request R, which is a pointer to HDP to request and it will

01:18.940 --> 01:20.950
return to things potentially.

01:21.070 --> 01:27.910
The first one is going to be a pointer to models, dot user and potentially in error.

01:28.510 --> 01:36.940
OK, now just to make this compile, I'll just create a variable called U of type models dot user and

01:36.940 --> 01:40.750
I'll return a reference to that and nil for the error.

01:40.990 --> 01:45.100
OK, so we're going to validate this token and get the associated user.

01:45.730 --> 01:51.630
And if we call this function authenticate user or authenticate token and get any kind of error at all,

01:51.820 --> 01:54.400
that's when we send back invalid credentials.

01:55.540 --> 01:57.280
So let's actually write that logic.

01:57.670 --> 02:03.460
So I'll create a variable, which I'll call, say, user, and I'll check for an error and I'll call

02:03.460 --> 02:06.280
Apte, authenticate tokens and just hand at my request.

02:06.460 --> 02:08.680
And the request has everything that we need.

02:09.430 --> 02:11.590
And at this point we can check to see if there's an error.

02:11.770 --> 02:17.080
If error is not equal to nil, then we send back our invalid credentials.

02:17.110 --> 02:18.190
So let's move that up here.

02:19.300 --> 02:21.610
And at that point we want to stop so that returning.

02:22.720 --> 02:27.130
But once we get past that, at this point, valid user.

02:27.610 --> 02:30.120
OK, so let's write that logic.

02:30.130 --> 02:32.710
When I put in here is a variable.

02:32.930 --> 02:39.760
Same as you always payload and it's just a struct and it consists of error, which is a boolean.

02:40.630 --> 02:44.260
And in JSON I call the error

02:47.230 --> 02:50.500
and it also has a message which is a string.

02:51.220 --> 02:56.920
And in JSON, I'll call that message in a populated.

02:56.980 --> 03:00.580
So payload error equals false.

03:00.580 --> 03:04.180
There is no error and payload message.

03:04.630 --> 03:06.550
And here's where I'll use the user information.

03:06.790 --> 03:09.970
OK is equal to format at this print f

03:13.140 --> 03:20.590
and authenticated user percent s and in there I'll just put user dot email and I would just send that

03:20.590 --> 03:21.430
information back.

03:21.700 --> 03:22.260
App dot.

03:22.270 --> 03:22.950
Right Jason.

03:24.370 --> 03:30.910
And that requires the response rate and it requires the status and I'll just use hdb dot status.

03:30.910 --> 03:33.100
OK, and the payload.

03:36.580 --> 03:42.760
So this becomes our new version of check authentication, and this is all exactly correct, this is

03:42.760 --> 03:44.060
all that we need here, OK?

03:44.560 --> 03:50.260
But what we need to do up here and authenticate token is actually get that header, the one that comes

03:50.260 --> 03:53.380
from base layout, the one that's called authorization.

03:53.800 --> 03:58.160
Grab the token from that and do some actual validation on the token.

03:58.600 --> 04:03.520
And of course, if that token is valid, then we have to go to the database and get the user, which

04:03.520 --> 04:08.860
means we're going to have to go to tokens to go and write a new database method here that actually looks

04:08.860 --> 04:13.820
up the user based upon the content that we received in that header, the token.

04:13.960 --> 04:15.640
And if you look at the database, we can do that.

04:15.850 --> 04:19.930
So here's our database and one user in the database, in the tokens table.

04:20.650 --> 04:25.410
And that user is associated with user I.D. One has the last name of user.

04:25.450 --> 04:26.560
There's the email address.

04:26.560 --> 04:30.330
And this is the part we're going to use to find the appropriate user.

04:30.340 --> 04:31.390
And that's the token hash.

04:32.140 --> 04:36.460
So we'll get started on those two things, writing the database function and over.

04:36.460 --> 04:43.660
And handlers thought API actually turning this authenticate tokens stub into a useful function that

04:43.660 --> 04:45.160
allows us to validate tokens.

04:45.310 --> 04:47.980
And we'll get started on that in the next lecture.