1
00:00:00,780 --> 00:00:06,210
In the last section we spoke about the need for two separate sets of resources inside of our application.

2
00:00:06,330 --> 00:00:12,060
One set for development and once one set for production this is going to allow us to completely segregate

3
00:00:12,060 --> 00:00:17,430
the two sets of resources so we can just absolutely tear apart our development stuff as often as we

4
00:00:17,430 --> 00:00:21,020
want but not affect any of our production data.

5
00:00:21,120 --> 00:00:23,070
So let's get to it in this section.

6
00:00:23,070 --> 00:00:25,620
We're going to create a new Mongo database.

7
00:00:25,620 --> 00:00:31,680
We're going to create a new Google API account and then we will set them both up inside of our project.

8
00:00:31,680 --> 00:00:33,510
We've gone through both these steps previously.

9
00:00:33,540 --> 00:00:40,780
So this time around we will speed through both the database creation and the API sign up to get started.

10
00:00:40,890 --> 00:00:44,490
I'm going to flip over to my open in lab instance.

11
00:00:44,490 --> 00:00:48,580
So if you have closed down your browser tab that contains your lab database.

12
00:00:48,690 --> 00:00:55,740
Make sure you open it back up navigate to in lab dot com and we want to get back to our overall dashboard.

13
00:00:55,740 --> 00:01:00,380
So click on the big link up here and you should see a list of all the different deployments.

14
00:01:00,600 --> 00:01:03,530
Now on this list you should see e-mail the dash death.

15
00:01:03,570 --> 00:01:06,490
So make sure you see that.

16
00:01:06,570 --> 00:01:11,880
So we're going to create a completely separate database to house all of our production data so find

17
00:01:11,880 --> 00:01:14,990
the create new button here on the right hand side.

18
00:01:15,180 --> 00:01:16,720
We've gone through these steps before.

19
00:01:16,740 --> 00:01:18,450
So let's do it very quickly.

20
00:01:18,450 --> 00:01:20,510
I will select a sandbox.

21
00:01:20,640 --> 00:01:22,070
I will hit continue.

22
00:01:22,140 --> 00:01:26,700
I will select the closer region to me which is US east in my case.

23
00:01:26,700 --> 00:01:27,680
We will continue.

24
00:01:27,900 --> 00:01:34,150
And then I will give it a database name of email the dash Prod. which is short for production.

25
00:01:34,950 --> 00:01:38,190
So we will continue Samit order and that's pretty much it.

26
00:01:38,190 --> 00:01:40,310
Now the database will be created.

27
00:01:40,310 --> 00:01:43,430
Now I remember just creating the database is not enough.

28
00:01:43,470 --> 00:01:49,020
We also have to create a service account that can access that database so that our copy of mongoose

29
00:01:49,080 --> 00:01:52,870
can essentially log in and make changes to the database.

30
00:01:53,040 --> 00:01:58,480
So I find e-mail dash prod on this list right here.

31
00:01:58,490 --> 00:02:02,210
Here is the connection you URL that we'll be using just a little bit.

32
00:02:02,350 --> 00:02:05,770
So we'll leave that right there for now before we make use of it.

33
00:02:05,800 --> 00:02:07,550
I will click on the user's tab.

34
00:02:07,840 --> 00:02:12,880
We will add a new database user and then enter our database credentials.

35
00:02:13,000 --> 00:02:19,360
Now to be 100 percent clear since this is a production version of our database it kind of goes without

36
00:02:19,360 --> 00:02:25,500
saying that I would not want to use the same database credentials that are used on the development version.

37
00:02:25,630 --> 00:02:27,460
That would definitely be bad practice.

38
00:02:27,700 --> 00:02:33,850
So this would be a great case in which you might want to generate a very secure password or a very secure

39
00:02:33,880 --> 00:02:35,290
user name.

40
00:02:35,320 --> 00:02:38,600
In my case I'm just going to use an arbitrarily different user name.

41
00:02:38,680 --> 00:02:43,590
I'm looking to use a simple password because this is a sample application that we're building here.

42
00:02:43,600 --> 00:02:47,050
You know it's an application of course so it's not the worst thing in the world if someone can guess

43
00:02:47,050 --> 00:02:51,710
this and hack your see me write the username so how can secure it can it be right.

44
00:02:52,240 --> 00:02:59,680
Anyway as a database user name I'll say Stephen prod and I'll give it a password of password

45
00:03:03,220 --> 00:03:07,350
and then I will create that account OK.

46
00:03:07,390 --> 00:03:08,610
So that's pretty much it.

47
00:03:08,620 --> 00:03:12,850
We now have our database user account created.

48
00:03:12,850 --> 00:03:16,010
I still see the connection you are right here.

49
00:03:16,030 --> 00:03:17,880
Now we're not going to copy this thing just yet.

50
00:03:17,890 --> 00:03:21,100
I'm going to leave this tab open because we'll come back in a minute.

51
00:03:21,110 --> 00:03:25,690
We start to organize all of our different assets since going to leave this up for right now and we'll

52
00:03:25,690 --> 00:03:27,900
come back shortly.

53
00:03:27,900 --> 00:03:30,110
So now that we have the database put together.

54
00:03:30,220 --> 00:03:35,070
The second thing that we need to create is our production version of the Google API.

55
00:03:35,410 --> 00:03:41,320
So this is going to be a separate set of API credentials that's going to house all of our actual production

56
00:03:41,320 --> 00:03:42,760
users.

57
00:03:43,630 --> 00:03:52,180
So remember how we do that previously in a new tab I will navigate to console dot developers dot Google

58
00:03:52,270 --> 00:03:55,090
dot com.

59
00:03:55,090 --> 00:04:01,020
Now once we end up here our e-mail dash dev project should be visible by default.

60
00:04:01,030 --> 00:04:03,180
So here is email dush death.

61
00:04:03,370 --> 00:04:09,430
So we're going to have to create a completely separate separate project to completely isolate these

62
00:04:09,430 --> 00:04:10,170
things.

63
00:04:10,300 --> 00:04:11,970
These two separate projects.

64
00:04:12,160 --> 00:04:18,130
Now before we do that just one quick thing I want to mention when we create this separate project on

65
00:04:18,130 --> 00:04:24,850
the Google API console you'll notice that I'm still logged in as the same user like myself and even

66
00:04:24,850 --> 00:04:30,440
when we created the separate lab account I am still logged in as the same user.

67
00:04:30,760 --> 00:04:36,190
And so you might if you really think through this it's entirely conceivable that someone could instead

68
00:04:36,190 --> 00:04:41,890
of stealing our you know actual log in password or our connection here for the actual database.

69
00:04:41,980 --> 00:04:48,550
It's entirely conceivable that someone could instead steal my lab credentials and then get access to

70
00:04:48,550 --> 00:04:51,810
both databases and the same thing with the Google API.

71
00:04:51,820 --> 00:04:55,270
Someone could steal these credentials as well right and sign in as me.

72
00:04:55,570 --> 00:04:57,630
So of course that's always a possibility.

73
00:04:57,760 --> 00:05:03,370
If you really wanted to help things securely it's not outside the realm of reasonability to say that

74
00:05:03,370 --> 00:05:09,190
maybe you make a separate lab account with the extremely secure username password that you have never

75
00:05:09,190 --> 00:05:11,130
used on any other service before.

76
00:05:11,410 --> 00:05:13,870
Obviously you can really go overkill with this stuff.

77
00:05:14,080 --> 00:05:19,290
But for us doing an happiness course we got to kind of draw the line somewhere.

78
00:05:19,360 --> 00:05:19,810
OK.

79
00:05:20,170 --> 00:05:26,710
So back over at the developer Council we will generate a brand new separate project so up with a dropdown

80
00:05:27,030 --> 00:05:34,370
I will click this I will find the plus button on the top right to create a new project.

81
00:05:34,390 --> 00:05:42,070
Now we get prompted for a project name to enter email the dash prod and then we will click Create.

82
00:05:42,070 --> 00:05:43,450
Now very important.

83
00:05:43,480 --> 00:05:49,210
Remember when you create a new project on the Google Dashboard it is not instantly created.

84
00:05:49,270 --> 00:05:52,240
We have to wait for the actual creation process to finish.

85
00:05:52,270 --> 00:05:59,410
And so here is a little notification waiting for things to complete and you will notice that I just

86
00:05:59,410 --> 00:06:02,610
recorded this video 7 minutes ago and forgot to wait.

87
00:06:02,620 --> 00:06:08,320
So I started making changes to email dush dev which is why I am very recording the video without that

88
00:06:08,320 --> 00:06:08,900
mistake.

89
00:06:08,930 --> 00:06:11,560
So don't do what I do right.

90
00:06:11,820 --> 00:06:17,290
Anyways it looks like the project has now been created created so I will go back up to my project selector

91
00:06:17,560 --> 00:06:22,890
and make sure that I change over to email the dash product right here.

92
00:06:25,580 --> 00:06:28,240
K we are now inside of Emily dash Prod..

93
00:06:28,360 --> 00:06:30,310
We have to do two separate things here.

94
00:06:30,400 --> 00:06:35,440
We have to enable the API and then we have to generate a set of API credentials.

95
00:06:35,710 --> 00:06:37,790
So a click Enable API.

96
00:06:38,110 --> 00:06:47,400
We will search for the Google Plus API which is very poorly labeled for giving us access to the API.

97
00:06:48,310 --> 00:06:54,700
So a click that on the screen will click and unable to give us access to accessing user credentials

98
00:06:54,700 --> 00:06:57,350
with auth 2.0.

99
00:06:57,460 --> 00:07:04,620
We will let that do its thing and then after that we will make sure that we generate our credentials.

100
00:07:04,640 --> 00:07:12,670
So on the left tab credentials create credentials we want to make an oath client ID before we can do

101
00:07:12,670 --> 00:07:12,960
that.

102
00:07:12,970 --> 00:07:14,730
We have to configure the consent screen.

103
00:07:14,740 --> 00:07:19,330
I know this entire set up is just madness.

104
00:07:19,330 --> 00:07:24,070
So for your production application it definitely makes a lot more sense to spend a little bit of time

105
00:07:24,160 --> 00:07:25,780
on the consent screen right here.

106
00:07:25,870 --> 00:07:32,590
Like you know a completely reasonable to use a home page you Arel put an actual logo and all this other

107
00:07:32,590 --> 00:07:33,480
stuff as well.

108
00:07:33,670 --> 00:07:38,440
So if you really want to go all out with the production version of your app absolutely feel free to

109
00:07:38,440 --> 00:07:43,360
pause the video here and maybe you put on some you or L or product logo you know whatever you want to

110
00:07:43,360 --> 00:07:43,810
do.

111
00:07:43,910 --> 00:07:47,200
And of course you can always come back later and change the settings as well.

112
00:07:47,200 --> 00:07:51,730
And obviously for a real production application we would want to make sure that this is all set up very

113
00:07:51,730 --> 00:07:52,840
nicely.

114
00:07:53,490 --> 00:07:53,920
Okay.

115
00:07:54,010 --> 00:07:57,700
So right now we really just need our product name.

116
00:07:57,760 --> 00:07:59,400
I'm going to use e-mail.

117
00:07:59,980 --> 00:08:01,420
This is shown to users.

118
00:08:01,450 --> 00:08:04,710
So we're not going to say email Prod. you know that doesn't make sense to our users.

119
00:08:04,720 --> 00:08:10,660
This is solely something to tell our users who are the who they are granting access to then down the

120
00:08:10,660 --> 00:08:11,310
bottom.

121
00:08:11,340 --> 00:08:12,710
What clicks save.

122
00:08:13,360 --> 00:08:15,630
And then we can select our type of application.

123
00:08:15,820 --> 00:08:21,350
So we'll say it's a web app we can leave the name the same.

124
00:08:21,490 --> 00:08:26,500
Now something that's a little bit more challenging this time around is going to be our authorized origin

125
00:08:26,800 --> 00:08:29,950
and our authorized redirect you or I and here's why.

126
00:08:29,950 --> 00:08:36,340
Remember that authorized user redirect you are right there that redirects you or I is specifying what

127
00:08:36,340 --> 00:08:42,410
the valid address is or what the valid you are Elazar that we can redirect the user back to after they

128
00:08:42,410 --> 00:08:44,690
have gone through our auth process.

129
00:08:44,710 --> 00:08:50,230
Now in the past when we previously set up these credentials we used localhost 5000 because that's where

130
00:08:50,230 --> 00:08:52,140
we are running our local server.

131
00:08:52,480 --> 00:08:58,600
However this time around we are generating a production set of credentials.

132
00:08:58,600 --> 00:09:05,620
So when a user goes through the flow corresponding to this account right here they're going to be tied

133
00:09:05,620 --> 00:09:09,680
to our Heroku application or the Heroku you are out.

134
00:09:09,910 --> 00:09:13,580
So it will no longer be a redirect back to localhost 5000.

135
00:09:13,810 --> 00:09:18,290
It's going to be a redirect back to our running Heroku instance.

136
00:09:18,310 --> 00:09:23,410
Now the reason that this is kind of a problem right here is that you and I have completely different

137
00:09:23,620 --> 00:09:25,720
Heroku addresses.

138
00:09:25,840 --> 00:09:30,580
You have one that was automatically generated when you first deployed your app to Hoku.

139
00:09:30,700 --> 00:09:32,800
And I have a completely different one.

140
00:09:33,010 --> 00:09:34,150
So I think at this point.

141
00:09:34,150 --> 00:09:36,750
Let's take a quick pause in the next section.

142
00:09:36,760 --> 00:09:38,580
We're going to come right back to this.

143
00:09:38,590 --> 00:09:39,340
So don't go anywhere.

144
00:09:39,340 --> 00:09:40,830
We're going to come right back to this.

145
00:09:40,840 --> 00:09:42,760
We will figure out what are correct.

146
00:09:42,790 --> 00:09:46,400
Redirect your ideas and then make sure that we add it right in here.

147
00:09:46,630 --> 00:09:48,750
So catch you in just a second.