1
00:00:00,150 --> 00:00:00,760
Awesome.

2
00:00:00,870 --> 00:00:06,210
So now that we have flash set up correctly we have the bootstrap alerts displaying or not displaying

3
00:00:06,300 --> 00:00:07,750
when they're supposed to be hidden.

4
00:00:07,980 --> 00:00:13,470
But we have things set up now we can just go in and fill in the error or success messages wherever we

5
00:00:13,470 --> 00:00:15,220
see fit.

6
00:00:15,240 --> 00:00:18,090
So let's just take it one route at a time.

7
00:00:18,090 --> 00:00:21,840
So let's start with our campground wraps.

8
00:00:22,470 --> 00:00:25,920
So anyone should be able to go to slash.

9
00:00:25,920 --> 00:00:30,960
There shouldn't be any error messages or success messages if you go to just slash campgrounds the index

10
00:00:30,960 --> 00:00:32,160
.

11
00:00:32,160 --> 00:00:39,210
If you do try and send a post request to slash campground which is create you do have to be logged in

12
00:00:39,250 --> 00:00:39,530
.

13
00:00:39,780 --> 00:00:46,270
So if you're not logged in let's go find the middleware which is instead of middleware index Yes.

14
00:00:46,470 --> 00:00:48,070
And we find is logged in.

15
00:00:48,150 --> 00:00:49,680
We already have this set up.

16
00:00:49,680 --> 00:00:51,230
So rather than Please log in first.

17
00:00:51,260 --> 00:00:56,470
Let's say you need to be logged in to do that.

18
00:00:57,210 --> 00:00:58,700
We'll save that.

19
00:00:58,890 --> 00:01:00,440
Go back to campgrounds.

20
00:01:00,480 --> 00:01:03,960
So that takes care of create.

21
00:01:04,140 --> 00:01:06,290
Same thing to see the form.

22
00:01:06,290 --> 00:01:09,110
The new form you have to be logged in.

23
00:01:09,150 --> 00:01:15,570
We have the same flash that we have here say middleware further down.

24
00:01:15,570 --> 00:01:19,960
Anyone can go to the show page at it.

25
00:01:20,070 --> 00:01:23,200
We have check campground ownership.

26
00:01:23,280 --> 00:01:29,610
So this is going to check if the user who is trying to access the edit form for a campground actually

27
00:01:29,610 --> 00:01:30,880
owns that campground.

28
00:01:31,140 --> 00:01:38,430
So instead of our middleware if we go to check campground ownership which is right here we have a few

29
00:01:38,430 --> 00:01:40,380
things that we can do.

30
00:01:40,560 --> 00:01:43,990
First we're checking is a user logged in.

31
00:01:44,340 --> 00:01:55,100
So if not before we redirect let's do a request dot flash ups error and we'll just do.

32
00:01:55,310 --> 00:02:00,050
You need to be logged in to do that.

33
00:02:00,490 --> 00:02:09,630
OK but this is most likely not going to happen very often that someone even gets to that page because

34
00:02:09,630 --> 00:02:14,540
remember you can't even see the link unless you own something.

35
00:02:14,550 --> 00:02:19,710
So to actually go to the edit page you have to manually enter that you are real.

36
00:02:19,770 --> 00:02:25,340
So it's it's you know really more for testing purposes and to be as secure as possible.

37
00:02:25,350 --> 00:02:30,420
But most users aren't going to be trying to edit you know typing out these long you or else by hand

38
00:02:30,420 --> 00:02:30,990
.

39
00:02:30,990 --> 00:02:31,650
All right.

40
00:02:32,160 --> 00:02:38,010
So the more important part though is once we find the campground if the user is logged in find the campground

41
00:02:38,020 --> 00:02:38,260
.

42
00:02:38,640 --> 00:02:45,330
And then if there's an error we could add something here so this would refer to an error from a database

43
00:02:45,330 --> 00:02:46,810
if it couldn't find that.

44
00:02:46,830 --> 00:02:57,810
So we could do a request dump flash error and just do something like let's just say campground not found

45
00:02:57,810 --> 00:02:58,930
or something like that.

46
00:02:59,220 --> 00:03:05,050
We probably won't see that ever but we can put it there and I'll copy this line.

47
00:03:05,250 --> 00:03:07,060
Now this is the important part.

48
00:03:07,620 --> 00:03:13,360
So if the found campground author ID is equal to the logged in user ID move on.

49
00:03:13,590 --> 00:03:15,340
So no flash there.

50
00:03:15,480 --> 00:03:18,000
If it's not you can say something like.

51
00:03:18,000 --> 00:03:19,330
Permission denied.

52
00:03:19,630 --> 00:03:20,820
But let's just do.

53
00:03:20,820 --> 00:03:26,640
You don't have permission to do that.

54
00:03:26,640 --> 00:03:27,760
There we go.

55
00:03:28,410 --> 00:03:33,530
So if we go back to camp grounds we also have update which is using the same thing.

56
00:03:33,520 --> 00:03:39,220
Check campground ownership and we have destroyed which is also using the same thing.

57
00:03:39,780 --> 00:03:45,950
And we could go in and fill these in so I won't spend time on the video but we could go.

58
00:03:45,960 --> 00:03:52,800
And when we're trying to find a campground by id and update if that campground doesn't exist.

59
00:03:52,800 --> 00:03:55,830
So actually rather than this one let's do it for it.

60
00:03:55,830 --> 00:04:01,200
So if you're trying to edit a campground that doesn't exist we could add in something here.

61
00:04:01,290 --> 00:04:05,540
So we'd check for error and I won't spend time doing that again.

62
00:04:05,730 --> 00:04:12,330
But I do want you to know you can add these in wherever you want so you can add in this request up flash

63
00:04:12,690 --> 00:04:15,580
and add in any message error or success.

64
00:04:15,600 --> 00:04:20,850
So if you wanted to send a congratulations message basically for everything that the user ever did you

65
00:04:20,850 --> 00:04:22,550
could easily do that if you wanted to.

66
00:04:22,740 --> 00:04:24,670
And in fact let's do that.

67
00:04:24,800 --> 00:04:26,530
We'll wait until we get to comments.

68
00:04:26,550 --> 00:04:31,810
So anyway we have destroy again using the same middleware there.

69
00:04:31,860 --> 00:04:35,810
So now let's move on to comments.

70
00:04:36,360 --> 00:04:37,920
So you try and make a new comment.

71
00:04:37,920 --> 00:04:39,110
You have to be logged in.

72
00:04:39,120 --> 00:04:40,110
We already have that done

73
00:04:42,880 --> 00:04:47,320
and the comments create route rather than new you still have to be logged in.

74
00:04:47,330 --> 00:04:48,650
Same thing.

75
00:04:48,650 --> 00:04:50,780
And we could do something like this.

76
00:04:50,780 --> 00:04:58,130
So once you create that comment if there's an error we can do right or request a flash error and just

77
00:04:58,130 --> 00:05:00,800
say something went wrong.

78
00:05:01,730 --> 00:05:07,010
And again and you probably would never see this but if the database was somehow screwed up if something

79
00:05:07,010 --> 00:05:13,700
went wrong with the data then there might be an error when we try to create that comment.

80
00:05:13,700 --> 00:05:16,790
Otherwise though we create the comment and then we redirect.

81
00:05:16,790 --> 00:05:27,430
So right here we could add a message request dot success and we'll just add an Access fully added comment

82
00:05:29,500 --> 00:05:37,580
that's you added or created comment and then we redirect back to the show page then we have added.

83
00:05:38,060 --> 00:05:41,780
And this is checking check comment ownership.

84
00:05:41,780 --> 00:05:48,660
So if we go to our middleware we have check comment ownership rate here so we can do the same thing

85
00:05:49,850 --> 00:05:53,890
if the user is not Lyddon or display one thing here.

86
00:05:54,650 --> 00:05:58,150
You need to be logged in to do that.

87
00:05:59,090 --> 00:06:04,430
If they are logged in if they don't own it will also display an error.

88
00:06:04,550 --> 00:06:06,110
You don't have permission

89
00:06:08,750 --> 00:06:09,990
to do that.

90
00:06:10,460 --> 00:06:11,200
OK.

91
00:06:11,900 --> 00:06:16,520
And there are other places we could add thing to it of course but I just want to keep it simple and

92
00:06:16,520 --> 00:06:19,580
the most important places which are really just errors.

93
00:06:19,580 --> 00:06:22,720
So I don't want to do it for every single thing that you create or edit.

94
00:06:22,820 --> 00:06:28,490
But we could easily you know when you edit something when you delete something which actually destroying

95
00:06:28,490 --> 00:06:30,320
is more common to show a message.

96
00:06:30,470 --> 00:06:38,930
So I can we can do that so let's say when you delete a comment which is at the bottom here right here

97
00:06:39,740 --> 00:06:42,680
we'll add in a success.

98
00:06:43,550 --> 00:06:46,820
Comments deleted.

99
00:06:46,970 --> 00:06:49,310
So this is once it's been removed.

100
00:06:49,640 --> 00:06:54,000
If there's an error we could add something else but I won't if there's not an error.

101
00:06:54,230 --> 00:06:56,660
Flash this message then redirect.

102
00:06:56,660 --> 00:07:02,590
All right a last bit of routes we have are the authentication routes.

103
00:07:02,630 --> 00:07:06,380
So first things first let's see when you register.

104
00:07:06,500 --> 00:07:11,750
You don't want anything to show up there right away when you send the post requests to slash register

105
00:07:11,750 --> 00:07:14,630
though when there's an error.

106
00:07:14,720 --> 00:07:16,600
We do want to add something in.

107
00:07:16,610 --> 00:07:22,160
So this would be if you can't sign up for some reason if your password is empty if the username is empty

108
00:07:22,670 --> 00:07:27,310
if the username is already taken that would all happen here.

109
00:07:27,680 --> 00:07:30,680
And we don't have to write those errors on our own.

110
00:07:31,100 --> 00:07:33,950
That's what this area refers to right here.

111
00:07:33,980 --> 00:07:35,760
So let me just show you that first.

112
00:07:35,760 --> 00:07:42,050
If we do request a flush error and then rather than campground not found as a string we just add in

113
00:07:42,500 --> 00:07:51,620
VRR Remember we're trying to register a user pass in new user and the password from the body.

114
00:07:51,620 --> 00:07:55,560
Then there's a callback error and user error checking if there's an error.

115
00:07:55,570 --> 00:07:58,490
And this is coming from passport.

116
00:07:58,910 --> 00:08:01,540
It will be empty or there will be an error there.

117
00:08:01,550 --> 00:08:08,240
And if that error exists it will be something like password can't be blank or a user name it can be

118
00:08:08,240 --> 00:08:10,510
blank or username is already taken.

119
00:08:10,850 --> 00:08:14,700
And we're just sending that through so we don't have to write those messages ourselves.

120
00:08:14,870 --> 00:08:19,130
We could write our own custom versions but for simplicity's sake we're just going to take advantage

121
00:08:19,130 --> 00:08:27,520
of what's already done for us and we can do the same thing once you do register and then we log you

122
00:08:27,560 --> 00:08:28,040
in.

123
00:08:28,190 --> 00:08:42,470
We can have request up flash success and we'll just say welcome to yo camp and then we'll add in the

124
00:08:42,470 --> 00:08:51,720
user name and the user name we access from different places we can just do user dot username.

125
00:08:51,860 --> 00:08:56,720
It would also be request a body to use your name but we'll use the one coming back from the database

126
00:08:56,780 --> 00:09:00,470
just in case somehow it got changed by our database.

127
00:09:00,470 --> 00:09:01,530
All right.

128
00:09:01,530 --> 00:09:03,950
A lot of different places we can add messages in.

129
00:09:04,070 --> 00:09:07,080
Let's just check again if there's any other important part.

130
00:09:07,790 --> 00:09:09,890
So when you log out we already have that.

131
00:09:10,460 --> 00:09:13,820
And we should be good to go while we're here.

132
00:09:13,820 --> 00:09:20,310
We can get rid of our middleware because we've now moved that to the middleware file.

133
00:09:20,420 --> 00:09:20,850
OK.

134
00:09:20,870 --> 00:09:22,640
So let's give this a shot.

135
00:09:22,830 --> 00:09:26,670
Restart the server and see what happens.

136
00:09:27,170 --> 00:09:28,790
So we start by refreshing.

137
00:09:29,210 --> 00:09:33,440
If I try and add a new campground tells me I need to be logged in.

138
00:09:34,110 --> 00:09:35,570
Let's go back.

139
00:09:35,600 --> 00:09:39,820
Same thing if I try and add a comment I need to be logged in.

140
00:09:40,160 --> 00:09:40,550
All right.

141
00:09:40,820 --> 00:09:50,930
So now let's sign in or sign up and let's try something like signing up as Rustie who already exists

142
00:09:50,930 --> 00:09:52,280
here.

143
00:09:53,630 --> 00:09:54,680
And never mind.

144
00:09:54,680 --> 00:09:58,030
Apparently Rusty did not exist in this version of the app.

145
00:09:58,190 --> 00:10:01,210
We have so many different versions databases going on.

146
00:10:01,370 --> 00:10:03,960
So it tells me welcome to your camp Rusty.

147
00:10:03,980 --> 00:10:07,890
Now if I do log out I also get logged you out.

148
00:10:07,970 --> 00:10:10,760
Now if I try and sign up as Rusty that's already taken

149
00:10:13,420 --> 00:10:15,650
they'll see that I get this object.

150
00:10:15,650 --> 00:10:17,360
Object here.

151
00:10:17,480 --> 00:10:19,930
So let's take a closer look at that in just a moment.

152
00:10:19,940 --> 00:10:25,600
Object object when I sign up and I get a sign up error that will come back to that.

153
00:10:25,610 --> 00:10:28,070
Let's take a look at some of the other errors that we saw.

154
00:10:28,070 --> 00:10:30,500
So if I do log in as Rusty again

155
00:10:35,440 --> 00:10:43,280
and now I try and go to samen creek and this I try and but say at this campground which the link isn't

156
00:10:43,280 --> 00:10:51,560
even here but if I went to slash at it it tells me you don't have permission to do that.

157
00:10:51,620 --> 00:10:58,040
So all those are working except for the error around trying to sign up as resti.

158
00:10:58,100 --> 00:11:00,740
Once Rusty has already been created.

159
00:11:00,860 --> 00:11:04,060
So I did mention instead of our.

160
00:11:04,160 --> 00:11:05,240
It's kinda confusing.

161
00:11:05,240 --> 00:11:06,690
We have to index files.

162
00:11:06,710 --> 00:11:12,770
So let me close out the index middleware and we'll take a look at our index wraps which is where we

163
00:11:12,770 --> 00:11:13,610
have.

164
00:11:13,690 --> 00:11:20,600
Let me just show you over here just so it doesn't get too confusing instead of routes number campgrounds

165
00:11:20,600 --> 00:11:22,220
comments and we have index.

166
00:11:22,220 --> 00:11:26,900
So instead of index where we have this line right here

167
00:11:29,590 --> 00:11:38,330
request that flash error and we're passing error and let's just do a simple con. The log VRR and let's

168
00:11:38,330 --> 00:11:40,500
take a look at what what we get.

169
00:11:41,000 --> 00:11:43,080
So to cause that error again.

170
00:11:43,520 --> 00:11:48,830
So let's see what happens if I try and sign up with an empty username empty password shouldn't work

171
00:11:48,850 --> 00:11:49,640
.

172
00:11:50,270 --> 00:11:53,810
If we take a look at what we get here a message.

173
00:11:53,810 --> 00:11:55,660
So this is our.

174
00:11:55,950 --> 00:11:58,440
And inside of it there is name.

175
00:11:58,550 --> 00:12:02,140
And more importantly message no user name was given.

176
00:12:02,150 --> 00:12:07,070
So rather than just passing through here are we want your message

177
00:12:09,650 --> 00:12:11,110
just like that.

178
00:12:11,350 --> 00:12:17,300
So restart the server now and whenever there's an error message it will be different.

179
00:12:17,300 --> 00:12:19,310
So in this case no user name was given.

180
00:12:19,310 --> 00:12:25,760
It could also be no password is given user name already taken as you can see I got this earlier.

181
00:12:25,760 --> 00:12:28,430
So let me try this again.

182
00:12:29,750 --> 00:12:38,270
Register just refresh make sure let's leave it blank and I get no username was given.

183
00:12:38,300 --> 00:12:45,080
Now if I try and sign up as resti which already exists I now get a user with the given name is already

184
00:12:45,080 --> 00:12:46,450
registered.

185
00:12:46,640 --> 00:12:51,160
So we're taking advantage of that E-R our message in passing that through.

186
00:12:51,170 --> 00:12:57,380
And these are we're not finding these messages are coming back from Passport actually from mongoose

187
00:12:57,410 --> 00:13:02,520
but because we have that mongoose passport local package that we're using.

188
00:13:02,600 --> 00:13:04,360
So we're getting that automatically.

189
00:13:04,370 --> 00:13:05,370
All right.

190
00:13:05,390 --> 00:13:10,620
So it's kind of a lot of work as far as the number of videos there was three videos to get this done

191
00:13:10,630 --> 00:13:10,850
.

192
00:13:11,180 --> 00:13:17,000
But compared to doing this from scratch adding this into every request and dealing with all of that

193
00:13:17,090 --> 00:13:17,960
it's much easier