React Login with Apollo Server, Context, JWT (Apollo Server Tutorial)

Подписаться 12 тыс.

Просмотров 21 тыс.

50% 1

Enjoying my videos? Sign up for more content here: www.coopercodes.com/
📩 Join codeLetter by Cooper Codes, the 3 minute tech newsletter: thecodeletter.com
Interested in a 1:1 mentorship with me? Jumpstart your career at www.rebrand.ly/coopercodesmen...
Link to backend user auth: • User Authentication wi...
In this video we create a full authentication system with a React frontend and an Apollo Server backend. We use React Context, Apollo Client, Apollo Client Hooks, and more to create the full system overall!
Want to support me? Purchase on Amazon with my link here: amzn.to/3Q4h3Pb
Enjoying my content? Feel free to support me on Patreon / coopercodes
Business inquiry? Email thecoopercodes@gmail.com

Наука

Опубликовано:

11 фев 2022

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 59

@Clawwind50 Год назад

Just wanted to say your tutorials are the absolute best and every single one ive followed i've been able to jump right in and add my own features thanks to your explanations of the tech stack and functions.. I feel like I have such a hard time starting from scratch but once i have simple examples of functionality its so much easier to port them over into other features!

@CooperCodes Год назад

Thanks for the comment! Glad to know that my explanations are helpful, I try to put an emphasis on understanding the thought process so it’s glad to see that’s helping you :)

@MrKnotte123 Год назад

Wow. Your channel is super underrated Cooper! The tutorials you make are extremely well made, and the way you teach are great! Keep up the great work, man!🤝

@CooperCodes Год назад

Thank you for the comment! Gonna keep going :) Appreciate the kind words

@uguryldrm9096 2 года назад

Dude, you have uploaded this just a day before my deadline... You are awesome, thank you for your efforts. (Both of your videos related to this content are great)

@CooperCodes 2 года назад

Glad to hear the content is helpful, best of luck with your project / deadline!

@aaronabuusama Год назад

i watch a shit ton of tech youtube, i must say i am super suprised that you only have 1K subs. I love the indepth content thats more on the advanced end of things. keep up the good work my man

@CooperCodes Год назад

Comments like this mean a bunch to me! I’ll keep goin! Thanks for watching my stuff and glad it’s valuable to you

@user-ym2il1ic2e Год назад

That's awesome. I wanna have teachers like you in my college. Thank you so much for your videos!

@CooperCodes Год назад

Hah that is a high compliment! Thanks for watching I appreciate it

@noymorgenshtein9191 2 года назад

man as im watching the video im like "damn who is this guy he probably has like 300k+ subs" and then i saw just under 500 and im like "whaaaaaaat?!" dude you're a natural, im watching ALOT of tutorials on youtube and i must say your code flow is exceptional. much appreciated!

@CooperCodes 2 года назад

This has to be one of the highest compliments that I have received on this channel, so thank you for that! Thanks for watching the video.

@birdappdotrip Год назад

Epic tutorial. Really saved my butt on a project where I got really stuck and lost in the weeds on auth

@CooperCodes Год назад

Glad it was helpful, thank you for watching :)

@AlejandzZ Год назад

It would be better if you can provide the source code. Sometimes, I can't find the error that I made. So source code would really help me with that problem.

@laurievilleton4044 Год назад

Great tutorial! It's been really helpful. Looking at the Apollo Client documentation, you can actually use the "onCompleted" callback (instead of the "update" function) for the "registerUser" and "loginUser" mutations.

@CooperCodes Год назад

Oh I see, I’ll look into onCompleted 👍 thanks for the comment and info

@afickredox4121 2 года назад

high quality explanation, thank u dude

@MrHtrlee 8 месяцев назад

This is awesome. Great tutorial

@armandosanchez8184 2 года назад

Hi Cooper. Great tutorial & explaniton, Could you share the repo of this part, cause Im getting this error "ReferenceError: localStorage is not defined " I can't figure out this problem.

@12Krypton 2 года назад

What about using Apollo Client instead of React Context API for storing user data?

@jccorman5848 Год назад

Can someone explain to me why the console.log that we added to the NavBar to see the user info in the local storage returns: username, email, token when loggin in, and user_id, email, iat and exp on reload of the page?

@XDER12 2 года назад

Hey Cooper, really a nice video! it was helpfull!, im having a strange behavior: everytime i login, i run a query, sending the token on the headers to the backend for get the data of the connected user.. the problem is when i logout and login again with other user, the home page still show me the data of the last user until i press f5 to refresh... do you have some idea of what could be happen? thank you very much!! (sorry for my english, i try my best)

@Thomas-no7ek Год назад

Would you recommend backend user auth video first or after this video? or wont it be necessary to complete the content of this video? Thank you !

@YourDoseOfLaughter Год назад

No github link?

@MrHtrlee 8 месяцев назад

The best. I have to login to hit the like and subscribe buttons

@richienabuk Год назад

Just what I needed. Thanks for making this video. @CooperCodes

@philliam111 Год назад

You are a legend

@user-pb4im8gn3p Год назад

Thank you very much for this tutorial! could you please do a tutorial about errorLink and how to refresh access token after expiration?

@afickredox4121 2 года назад

19:47 is that ok to store jwt in local storage ?, im scare if somewone see it and use it for auth

@MB-fc9nd 2 года назад

thank you this was very helpful and informative

@CooperCodes 2 года назад

You are most welcome! Thanks for supporting the channel

@rawrbearmedia1426 Год назад

I can't wait for the full projects. Would it be possible to go into way more detail when you explain these things though? I honestly don't care if a video is 4 hours long as long as I understand the details. I have watched your video a few times, and I've coded along with you, but I don't feel like I fully understand all of the moving parts here. If you could slow down and really explain how each part fits to the others, maybe do smaller videos breaking each part down, that would be super helpful. Either way, thank you so much for your content!

@vladyslav_developer 2 года назад

That's bad idea to check token expires because we can paste in localStorage any not expired token. We can check token expired error from server

@digiartpassion8513 2 года назад

How to implement forgot password and getting a link in email and resetting it ? Please create a video on that....

@RahulNadargi07 Год назад

best explained

@LucasSantos-uw7uc 2 года назад

Thanks for these tutorials Cooper, awesome job! So essentially you're replacing Redux with the "useContext" and "useReducer" hooks in order to manage your state right.

@CooperCodes 2 года назад

Yep you're 100% correct! I mainly opted for the useContext and useReducer as the scope of this project was specifically authentication (and we just need to remove / add token based on certain requests). It is a pretty simple system, if you have a project with a more complicated state it may be worth weighing the options of my solution vs something like Redux. Thanks for the comment :)

@cristianpaez7292 6 месяцев назад

Muchas Gracias

@Victor-wh9bs 2 года назад

Super... Thnku so much 🔥

@CooperCodes 2 года назад

No problem! Thank you for your consistent support it means a bunch 😁

@chriswilliams5677 Год назад

I really like your videos and have subscribed! I applied this to an existing project I have and keep getting a 431 Header fields to large error. Do you have any content on that?

@CooperCodes Год назад

Two thoughts come to mind: You’re storing things in headers that could just be in the body of the request instead, so see if anything could be changed there. My second thought is that maybe you have a bunch of cookies stored locally being sent in the request, so clearing cookies may help. I can only really recommend that basic advice but hopefully that helps :)

@rezade5960 2 года назад

Hey Cooper! it will be great if you can help, I'm having problem with context, I want to show the user details for which I made a query and to show the logged in user details I'm using jwt token and context but, everytime I go to the details page and console.log it returns null user although my login and register is working fine. Any feedback will be helpful, Thanks!

@rezade5960 2 года назад

I have token and I can render email and other info but, how can I use mutations and show full user details from the db

@CooperCodes 2 года назад

I need to figure out a solid system to do this myself, but I would recommend creating some type of "Get user data from email or userID" in your backend. Then cache this data in your frontend. You could have some global state that holds the users info, and if that object is empty and you have a JWT then you grab the data of that specific user. I recommend this because the JWT on the client just stores the users ID, so you need a way to get info from your backend based off the validated user ID. I also believe that Apollo Client uses the InMemoryCache so if you make the same query with the same inputted JWT it should not even cause your backend to get called again, and would instead just be like "yo, we already called GetUserData( ID: "User_id_here"), just grab it from the cache"

@rezade5960 2 года назад

@@CooperCodes Thank you very much Cooper!

@JamieOhakwe 4 дня назад

@@rezade5960 Just specify what you need back

@merone351 2 года назад

Hey Cooper, Great tutorial! I've been working on something similar on my own and wanted to use Accountjs for authentication, but seeing this video and your previous I'm thinking of doing the authentication from scratch. The question I only have is: how would you handle certain mutations/queries that can only be accessed by certain users, like changing the name of an user is only permitted if that user does it, and not any logged in user. My idea would be by passing the token as some kind of header (or maybe even in the query) and then doing the permission part in the resolver on the server. I however have a funny feeling that this might not be the best solution, so I'm kind of wondering how to go about this.

@CooperCodes 2 года назад

Full transparency I'm doing some research currently on the best way to make requests based on a certain user. I am planning to release a longer form video soon (2-3 hours) of creating a full website where users can publish articles. My current understanding is that if your context shows User: "Cooper Codes", that User: "Cooper Codes" was set because a validated JWT came from your backend auth server. So I would say that you can trust the context as its information came from a JWT that you "unpacked" and saved. I would just pass along the data in the query for now, but I am looking into it myself as that seems messy. My point though is that if your context is showing User: "Cooper Codes", then that person can do the actions such as create an article as Cooper Codes or like a comment as Cooper Codes. It is tough having an audience! I am not exactly a security expert but want to make sure I am creating tutorials where viewers can create scalable / secure projects as a result :). Trying my best

@merone351 2 года назад

@@CooperCodes No worries man, I think I figured out a way to do it today (at least it seems to work). What I do now is use GraphQL-shield, there you can make certain rules based on the arguments and context. I for example use the rule const IsAuthenticated = async (root, args, context) { return !!context.currentUser } (wrote it by recollection so might be wrong) and then add that rule to a certain Query/Mutation or Field It might help you out too :) Thanks for the answer

@CooperCodes 2 года назад

GraphQL shield actually looks pretty great! I may do a video on the basics of GraphQL shield after I get up to speed myself here. Thanks for bringing this to my attention :)

@jamalashraf7957 Год назад

@@CooperCodes did you make video on "how would you handle certain mutations/queries that can only be accessed by certain users/ how to make certain routes secure or access of some users to certain route? I am waiting for your video ?

@nicolassandoz3107 2 года назад

Be careful, localstorage should no longer be used because of XSS attacks and too bad you didn't talk about the protected route available since v6 of react-router. Otherwise the rest of the tutorial is fine ;)

@CooperCodes 2 года назад

Ah I forgot about the XSS attacks stuff, I am a dummy. I am creating a full stack project tutorial soon where I will create everything from scratch again and will make sure to incorporate protected routes and a localstorage alternative. Thanks for this info :)

@stephanpaul8954 Год назад

what would an alternative be?

@levius_631 Год назад

@@stephanpaul8954inMemoryCache is practically same with minor devPreferred based application (smll/big data siz and or the complexities those data handlers