1
00:00:00,230 --> 00:00:05,270
Okay, So now we want to get these two, these two functions and these two roots working to get the

2
00:00:05,270 --> 00:00:08,300
user profile and to update the user profile.

3
00:00:08,300 --> 00:00:14,660
So it's actually going to be pretty simple as far as getting the user profile, we just want to first

4
00:00:14,660 --> 00:00:15,440
get the user.

5
00:00:15,440 --> 00:00:21,560
So let's say const user and we're going to await on user dot find by ID.

6
00:00:21,860 --> 00:00:28,520
And remember when we're logged in, we're authenticated, we have access to request dot user, so we're

7
00:00:28,520 --> 00:00:31,340
simply going to pass in that logged in user ID.

8
00:00:31,760 --> 00:00:36,260
Then we're going to check to see if the user.

9
00:00:36,900 --> 00:00:43,530
Okay, so if we have a user, then we're going to respond with our Json, which is basically the same

10
00:00:43,530 --> 00:00:50,550
stuff that you get when you authenticate or when you register, which is going to be the ID name and

11
00:00:50,550 --> 00:00:51,360
email.

12
00:00:51,510 --> 00:00:58,770
Now one thing I want to do is let's see, see how we have dot status.

13
00:00:59,740 --> 00:01:00,670
When we authenticate.

14
00:01:00,670 --> 00:01:04,239
I just did res.json, which is fine, but I just want to stay consistent.

15
00:01:04,239 --> 00:01:09,880
So I'm going to do res dot status 200.

16
00:01:11,110 --> 00:01:12,550
Just to stay consistent.

17
00:01:12,550 --> 00:01:15,400
You can you can always just do res.json.

18
00:01:16,360 --> 00:01:17,590
All right now.

19
00:01:18,240 --> 00:01:20,310
Where we're getting the user profile.

20
00:01:20,310 --> 00:01:23,610
If there's a user, we're responding with that else.

21
00:01:25,080 --> 00:01:32,820
Else, then we're just going to set an error of 404 and just say user not found.

22
00:01:32,820 --> 00:01:34,230
So pretty simple.

23
00:01:34,500 --> 00:01:37,230
So we'll save that and we can try it out.

24
00:01:37,230 --> 00:01:39,450
So we'll go over to Postman.

25
00:01:39,690 --> 00:01:43,410
Now, if we're not logged in, obviously this isn't going to work, right?

26
00:01:43,530 --> 00:01:46,140
But if I go and I authenticate.

27
00:01:47,170 --> 00:01:53,300
Let's log in with the Brad user, which is the user I created in the last video when we registered.

28
00:01:53,320 --> 00:01:56,710
So I'll go ahead and authenticate and then come over here.

29
00:01:56,710 --> 00:01:59,230
Let's get the user profile and there we go.

30
00:01:59,230 --> 00:02:01,210
So we get the the user data.

31
00:02:02,190 --> 00:02:05,370
Now, we also want to be able to update the user profile.

32
00:02:05,370 --> 00:02:07,200
So let's do that next.

33
00:02:07,380 --> 00:02:12,780
So down here in the update user profile function.

34
00:02:13,650 --> 00:02:14,670
Let's get rid of that.

35
00:02:14,670 --> 00:02:19,950
And we're going to again, just get the user so we can actually just copy this.

36
00:02:22,300 --> 00:02:25,330
Okay, so we're going to get the user, then we're going to check.

37
00:02:26,880 --> 00:02:28,140
For the user.

38
00:02:30,340 --> 00:02:33,430
And I only want to update fields that.

39
00:02:34,460 --> 00:02:37,520
That, you know, if we send it in the body.

40
00:02:38,030 --> 00:02:42,830
So I want to be able to send just the name and have just the name update.

41
00:02:42,830 --> 00:02:45,080
I don't want to have to send every field.

42
00:02:45,080 --> 00:02:48,620
So what we can do here is we'll say the user dot name.

43
00:02:48,620 --> 00:02:55,250
So the user we got from the database that matches the request, basically the one we're logged in as

44
00:02:55,280 --> 00:02:58,670
we're going to set that equal to the request dot body name.

45
00:02:58,670 --> 00:03:03,860
Or if that's not there, we're just going to keep whatever is already in the database and then we'll

46
00:03:03,860 --> 00:03:06,140
do the same with the email.

47
00:03:07,840 --> 00:03:09,130
All right now.

48
00:03:10,810 --> 00:03:16,570
I want to just check to see if there's anything in the body for the password.

49
00:03:16,570 --> 00:03:23,470
So we're going to say if request body dot password, then we'll set user dot password.

50
00:03:23,560 --> 00:03:28,090
And the reason I'm doing it, doing it like this and not just putting password up here is because the

51
00:03:28,090 --> 00:03:30,520
password is hashed right.

52
00:03:30,820 --> 00:03:38,320
The password that's in the database is hashed, so we only want to mess with it if it's being updated.

53
00:03:39,260 --> 00:03:41,360
So then after that.

54
00:03:42,480 --> 00:03:51,330
Let's say const updated user and we're just going to call user dot save and that will return the user

55
00:03:51,330 --> 00:03:53,550
data which will then put in here.

56
00:03:53,670 --> 00:03:57,750
And then I want to respond with that with that data.

57
00:03:57,750 --> 00:04:00,510
So we'll say res dot status.

58
00:04:01,210 --> 00:04:03,210
200 dot.

59
00:04:03,220 --> 00:04:04,420
Jason.

60
00:04:05,420 --> 00:04:13,730
And then we're going to pass in an object with the ID, which will be the updated user ID, the name,

61
00:04:13,730 --> 00:04:16,610
the email and is admin.

62
00:04:17,149 --> 00:04:17,810
Okay.

63
00:04:18,360 --> 00:04:23,550
And then let's put an else for this if user so else.

64
00:04:24,440 --> 00:04:28,790
Then we're just going to send an error, say user not found.

65
00:04:29,270 --> 00:04:31,010
Okay, So pretty simple.

66
00:04:31,040 --> 00:04:32,390
So let's come over here.

67
00:04:32,390 --> 00:04:34,310
And right now we are logged in.

68
00:04:34,310 --> 00:04:35,990
I'm logged in as the Brad user.

69
00:04:35,990 --> 00:04:42,440
So I'm going to go to, let's see, update user profile.

70
00:04:42,710 --> 00:04:50,360
And I don't have to add any user ID or anything because it's going to know by the cookie by the JWT

71
00:04:50,390 --> 00:04:51,500
that's saved.

72
00:04:51,500 --> 00:04:55,370
But we do have to put in the body what we want to change.

73
00:04:55,490 --> 00:04:58,880
So let's say I want to change the name.

74
00:04:59,490 --> 00:05:02,080
And I'll just do my just my first name.

75
00:05:02,100 --> 00:05:03,900
So let's click send.

76
00:05:03,900 --> 00:05:10,500
And now you can see we get the data back and the name is just Brad, if I want to put it back.

77
00:05:13,780 --> 00:05:14,740
Send.

78
00:05:15,360 --> 00:05:18,990
And now I updated the name if I want to change the email.

79
00:05:20,230 --> 00:05:21,700
Say email.

80
00:05:22,660 --> 00:05:27,550
I'll say Brad t@email.com.

81
00:05:28,630 --> 00:05:30,070
And send that.

82
00:05:30,100 --> 00:05:30,490
All right.

83
00:05:30,490 --> 00:05:36,050
So now we can get the user profile and we can also update the user profile.

84
00:05:36,070 --> 00:05:40,630
Now, our back end as far as authentication is pretty much complete.

85
00:05:41,080 --> 00:05:41,410
Right.

86
00:05:41,410 --> 00:05:50,440
We're able to log in, we're able to register, we're able to store our Json web token in a cookie safely.

87
00:05:50,440 --> 00:05:51,490
We're not storing it.

88
00:05:51,610 --> 00:05:54,280
We're not sending it to local storage or anything like that.

89
00:05:54,310 --> 00:06:03,310
We can we have our admin middleware, so we haven't added any functionality to these admin functions

90
00:06:03,310 --> 00:06:07,050
yet, but you do have to be an admin to even access them.

91
00:06:07,060 --> 00:06:12,610
So now what we'll do is jump back into the front end and start to implement a login form, a register

92
00:06:12,610 --> 00:06:13,870
form and so on.