1
00:00:00,210 --> 00:00:05,970
In this video we're going to take a few moments to talk about how we can better secure the user profile

2
00:00:05,970 --> 00:00:10,080
data we're sending from these server now to illustrate what we're going to change.

3
00:00:10,080 --> 00:00:13,130
All we need to do is log in as one of our users.

4
00:00:13,140 --> 00:00:16,840
So over here I have my log in user request.

5
00:00:16,920 --> 00:00:22,250
I'm just going to fire this off a single time and down below we have our response body.

6
00:00:22,320 --> 00:00:27,390
Now we have our two root properties we have user and token and both of those are going to stay.

7
00:00:27,390 --> 00:00:29,850
There's nothing wrong with sending them back.

8
00:00:29,850 --> 00:00:37,050
The problem is what data we're sending back about the user for example we're sending back the password

9
00:00:37,050 --> 00:00:39,180
which is not something we want to do.

10
00:00:39,210 --> 00:00:46,050
Passwords should be secured to the utmost extent and exposing them is never gonna be something we want

11
00:00:46,050 --> 00:00:49,610
to do even if it's to a logged in user.

12
00:00:49,620 --> 00:00:54,570
There's no reason they would ever need this data as it's hashed and it's not useful to them.

13
00:00:54,570 --> 00:00:56,820
So it's best to lock that down.

14
00:00:56,820 --> 00:00:58,650
Also the tokens are right.

15
00:00:58,700 --> 00:01:03,630
There's no need to expose all of the authentication tokens with the user profile.

16
00:01:03,720 --> 00:01:09,600
So it's gonna be our job to figure out how we can hide both of these when we're sending data back to

17
00:01:09,600 --> 00:01:15,330
the client to get this done we'll be making a few changes to the application and let's go ahead and

18
00:01:15,330 --> 00:01:20,300
start by scrolling up in the user router to the log in request both.

19
00:01:20,310 --> 00:01:22,110
Log in and sign up.

20
00:01:22,110 --> 00:01:28,770
They send back user and token we can see that here on line twelve and down below on line twenty two.

21
00:01:28,770 --> 00:01:34,680
Let's focus on changing them to just send back the profile data we actually want to expose.

22
00:01:34,710 --> 00:01:36,980
We're going to look at two ways to get this done.

23
00:01:37,020 --> 00:01:41,630
So let's start with the solution that uses skills we already have right here.

24
00:01:41,730 --> 00:01:47,580
We're going to set any user property equal to something else instead of using that shorthand syntax.

25
00:01:47,640 --> 00:01:53,850
What we're gonna do is set the user response equal to whatever comes back from the following function

26
00:01:53,850 --> 00:01:58,630
call user dot get a public profile.

27
00:01:58,710 --> 00:02:05,190
Now get public profile does not exist but we could go ahead and create that function and set it up to

28
00:02:05,190 --> 00:02:09,380
just return the public data that we should be exposing about the user.

29
00:02:09,420 --> 00:02:16,590
So over inside of the user models file we can go ahead and add a new method on now down below we have

30
00:02:16,590 --> 00:02:21,990
user schema dot methods for methods on the instance and individual user.

31
00:02:21,990 --> 00:02:28,710
And we have user schema dot statics for methods on the actual uppercase U user model.

32
00:02:28,800 --> 00:02:33,240
We want one on the individual instance right here we can set that up.

33
00:02:33,450 --> 00:02:43,430
It would be user schema dot methods dot right here get public profile exactly as we had set it up before

34
00:02:43,790 --> 00:02:46,880
and we can set this up as a standard regular function.

35
00:02:46,880 --> 00:02:50,900
Once again we're gonna use the this keyword inside of here.

36
00:02:50,960 --> 00:02:53,310
So we don't want to use an arrow function.

37
00:02:53,360 --> 00:02:58,820
The first thing we can do inside of here is create a constant user and get its value from this like

38
00:02:58,820 --> 00:02:59,930
we've done down below.

39
00:02:59,930 --> 00:03:03,250
And this just makes our function a little easier to work with.

40
00:03:03,410 --> 00:03:09,800
And the next thing we're gonna do is get back a raw object with our user data attached.

41
00:03:09,800 --> 00:03:15,350
So this is going to remove all of these stuff that Mongoose has on there to perform things like these

42
00:03:15,350 --> 00:03:20,630
save operation we want back and object with just our user data.

43
00:03:20,630 --> 00:03:27,230
Right here we'll create a another variable I'll call this something like user object and we'll get its

44
00:03:27,230 --> 00:03:32,390
value by using the two object method which is provided by Mongoose.

45
00:03:32,480 --> 00:03:35,510
So that's user dot to object.

46
00:03:35,510 --> 00:03:40,670
This is gonna give us just that raw profile data and then we could go ahead and return it.

47
00:03:40,670 --> 00:03:44,270
So I'm going to return user object.

48
00:03:44,270 --> 00:03:47,310
Now this isn't going to do anything special.

49
00:03:47,330 --> 00:03:50,980
We've essentially recreate the same behavior we've had before.

50
00:03:51,050 --> 00:03:55,940
But with more code in place and a second though we'll be able to alter it to get what we want to get

51
00:03:56,180 --> 00:03:57,860
done right here.

52
00:03:58,010 --> 00:04:03,650
If we go back to postmen and we log in again we can still see everything we were seeing earlier in the

53
00:04:03,650 --> 00:04:04,280
lesson.

54
00:04:04,460 --> 00:04:10,020
But now we can actually manipulate User object to change what we expose.

55
00:04:10,040 --> 00:04:16,640
So right here what I'm going to do is use the delete operator to delete stuff off of that object such

56
00:04:16,670 --> 00:04:26,570
as user object dot password and then down below I will delete user object dot tokens removing both of

57
00:04:26,570 --> 00:04:30,860
those from the object that we send back as the response.

58
00:04:30,860 --> 00:04:37,460
Now with this in place we can head back over to postmen we can fire off the exact same log in request

59
00:04:37,730 --> 00:04:40,360
and this time we no longer see that data.

60
00:04:40,430 --> 00:04:46,310
We're still getting back token and user and users still has the data we actually want to share with

61
00:04:46,310 --> 00:04:52,010
the individual user who's logged in and it does not contain things like token and password.

62
00:04:52,010 --> 00:04:58,030
Excuse me tokens plural and password which the user does not need to access.

63
00:04:58,040 --> 00:05:03,030
So now that we have this in place we have a pretty manual way to get the job done.

64
00:05:03,170 --> 00:05:09,650
And it's manual because we have to call our function get public profile every single time we're sending

65
00:05:09,650 --> 00:05:10,880
the user back.

66
00:05:10,950 --> 00:05:12,770
There is a way to automate this.

67
00:05:12,770 --> 00:05:17,500
That's not going to require us to make any changes to our route handlers.

68
00:05:17,510 --> 00:05:20,570
That's the second solution and we're going to touch on that now.

69
00:05:20,660 --> 00:05:24,670
And it really requires just a small tweak to what we've already done.

70
00:05:24,680 --> 00:05:26,030
So here's what we're gonna do.

71
00:05:26,030 --> 00:05:31,910
And I'll explain why it works with an example in isolation in just a minute we're going to remove the

72
00:05:31,910 --> 00:05:34,370
method call that we just set up.

73
00:05:34,520 --> 00:05:40,280
Now since we're removing it we can go back to using the shorthand which means that so far in this lecture

74
00:05:40,280 --> 00:05:41,960
we haven't made any changes.

75
00:05:41,960 --> 00:05:44,390
This is exactly what we started with.

76
00:05:44,780 --> 00:05:48,620
We're going to save that file as we're not going to change it at all.

77
00:05:48,650 --> 00:05:54,500
Now over inside of the user model all we're going to do is rename this method.

78
00:05:54,500 --> 00:06:01,510
We're going to change the name from get public profile over to to capital Jason.

79
00:06:01,640 --> 00:06:07,280
And it's important that this matches up exactly lowercase t o capital J.

80
00:06:07,280 --> 00:06:08,820
S o n.

81
00:06:08,840 --> 00:06:14,690
Now what I'm gonna do is save the program and we're going to head back over to post man and test things

82
00:06:14,720 --> 00:06:16,190
out right here.

83
00:06:16,340 --> 00:06:21,280
I'm going to lie again and we can see that things are still working.

84
00:06:21,380 --> 00:06:26,670
We no longer have the password and we no longer have that tokens array.

85
00:06:26,750 --> 00:06:31,250
All we've done is we've created this to Jason method on the user.

86
00:06:31,250 --> 00:06:34,580
We haven't changed the user router at all.

87
00:06:34,580 --> 00:06:40,030
Now this means we have the exact same behavior any other time we are sending the user back.

88
00:06:40,040 --> 00:06:44,150
For example when signing up or when getting their profile.

89
00:06:44,180 --> 00:06:50,840
So if I go over to read profile without having made any changes to how data is sent back you can see

90
00:06:50,990 --> 00:06:57,350
right here that the password and the tokens array are not there anymore which is fantastic.

91
00:06:57,350 --> 00:07:00,870
Now the question is how exactly is this working.

92
00:07:00,890 --> 00:07:07,520
What's so special about to Jason that allows it to run even though we're never explicitly calling this

93
00:07:08,060 --> 00:07:08,870
to figure this out.

94
00:07:08,900 --> 00:07:14,780
Oh we're going to do is head to index dot J S in here down near the bottom of the file.

95
00:07:14,870 --> 00:07:18,820
We're just going to add a little code to mess around with an example.

96
00:07:18,860 --> 00:07:23,690
Now we already have an example from earlier in the class when we were messing around with Jason Webb

97
00:07:23,720 --> 00:07:26,210
tokens we can remove that.

98
00:07:26,210 --> 00:07:29,530
So the last thing in the file is our call to app.

99
00:07:29,540 --> 00:07:36,420
Listen now we're going to figure out what exactly that to Jason method is doing start by creating a

100
00:07:36,420 --> 00:07:37,890
very simple object.

101
00:07:37,890 --> 00:07:43,380
I'm going to set up a new constant I will have the variable name and be pet.

102
00:07:43,470 --> 00:07:47,450
It's gonna be an object and we're just going to setup the name of our pet.

103
00:07:47,460 --> 00:07:50,100
My cat's name is how so from here.

104
00:07:50,110 --> 00:07:53,110
What we're gonna do is string a ify this object.

105
00:07:53,130 --> 00:07:59,040
So we're going to convert it from an object over to Jason and we'll log of that Jason to the terminal

106
00:07:59,070 --> 00:08:00,020
down below.

107
00:08:00,120 --> 00:08:05,280
So console log we'll use the method we've used before to get this done.

108
00:08:05,340 --> 00:08:10,160
That is Jason dot string Fi and what are we going to do.

109
00:08:10,190 --> 00:08:12,170
We're just going to pass in the object.

110
00:08:12,170 --> 00:08:13,820
We're trying to string ify.

111
00:08:13,940 --> 00:08:20,470
Now if I save the program and reruns down below as expected we get our Jason string.

112
00:08:20,480 --> 00:08:26,750
We have our Jason with the name property where the value is how and we can see that we have Jason and

113
00:08:26,750 --> 00:08:30,680
we have those double quotes wrapping all properties.

114
00:08:30,680 --> 00:08:36,020
So this is exactly what Express is doing when we pass an object to response.

115
00:08:36,030 --> 00:08:39,390
Dot send it's calling Jason dot string a.

116
00:08:39,390 --> 00:08:40,660
Behind the scenes.

117
00:08:40,670 --> 00:08:46,940
So right here when we pass our objects off to response dot send they're getting string RFID and the

118
00:08:46,940 --> 00:08:53,450
same is true any other time we get that done such as when we send the profile back down below.

119
00:08:53,450 --> 00:08:59,840
Now let's go ahead and bring two Jason into the mix to see how that impacts the behavior when we set

120
00:08:59,840 --> 00:09:00,920
up to Jason.

121
00:09:00,950 --> 00:09:04,630
It's gonna get called whenever that object gets string a five.

122
00:09:04,820 --> 00:09:11,960
So right here we're going to set up Pat dot to Jason and we're gonna set this up as a standard arrow

123
00:09:12,020 --> 00:09:13,190
function.

124
00:09:13,190 --> 00:09:19,270
Now right here we have access to a this value which is the object itself.

125
00:09:19,280 --> 00:09:23,560
So right here console dialogue printing this.

126
00:09:23,870 --> 00:09:28,870
Then down below we'll go ahead and return this to see what behavior we get.

127
00:09:29,060 --> 00:09:33,140
Right here I'll be saving index dot J S down below.

128
00:09:33,140 --> 00:09:38,280
I have my object with the name property and to Jason function we just defined.

129
00:09:38,390 --> 00:09:44,300
And then when it comes to the output right here I can see that I just have name the Jason is exactly

130
00:09:44,360 --> 00:09:46,230
like what I had before.

131
00:09:46,250 --> 00:09:52,610
The nice thing though is now we can manipulate what exactly comes back when we string a fi the object

132
00:09:52,790 --> 00:09:55,320
my returning an object from here.

133
00:09:55,370 --> 00:10:01,550
So what I could do for example is return this to keep things the same like we're doing now or I could

134
00:10:01,550 --> 00:10:05,990
return an empty object to have none of the data get exposed.

135
00:10:05,990 --> 00:10:10,460
So right here we can see that down below the Jason is completely empty.

136
00:10:10,460 --> 00:10:16,730
There are no properties because to Jason sends an object back with no properties attached.

137
00:10:16,760 --> 00:10:22,730
This is exactly the sort of thing we're doing in our Express application when we use response dots and

138
00:10:22,790 --> 00:10:29,420
Jason string if I gets called on the user we've set up a to Jason method on the user where we manipulate

139
00:10:29,480 --> 00:10:36,080
the object sending back just the properties we want to expose and the end result is that we no longer

140
00:10:36,140 --> 00:10:44,030
see password or tokens any time the user gets sent back to the client now that we have this in place

141
00:10:44,240 --> 00:10:50,150
we're no longer in any danger of exposing user data that we didn't want to expose we can go ahead and

142
00:10:50,150 --> 00:10:56,660
remove the little example we had down below save index dot J S and that's where we're going to stop

143
00:10:56,660 --> 00:11:03,260
for this one we'll be continuing on with the other routes inside of the user file in the next video

144
00:11:03,470 --> 00:11:04,880
let's jump right into that.