Golang HTTP User Authentication Yabi Series 10 | Golang Web Development | WebAssembly Auth System

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] hello guys welcome back to the channel this is tutorial series number 30 here in maharagan's code okay so we are still in this yabby series uh subseries of our golan web development guys this is the yabby series number 10 as well so welcome back to our channel guys and uh we are about to continue our login login authentication system we are still in our login page we are we have just started uh in our first video for this login uh in our in uh in our previous discussion okay so uh uh how's the things going guys and um hopefully you're doing well i'm i'm a bit busy this week and probably again i will just uh create a new video then now i just free up a bit so i i continue again with our session here for our um here in mark's code guys regarding this golang web authentication system using this so of course the golang golang web assembly okay so we are using this and we will continue about the login system and then of course we will continue to authenticate it we are using a various uh ways we can authenticate our login user and then we are going to create what they call this uh simplified dashboard guys of course are still in the same template so we can do that after our login successful and then we will redirect the user automatically to dashboard in our yeah okay so in this dashboard we need to protect this dashboard as well when when the user tries to log in directly with bypassing this login page and then of course entering directly into the direct url there of course we cannot uh we will uh prevent that of course guys and then um okay so we will dive into this tutorial guys uh for those people who want to uh what you call this uh shout out in our next video guys please comment down below so that i will read and flash your comment here in markets code in our last part of our uh video guys okay thank you so much uh for watching okay thank you so much hey guys welcome back to the channel uh okay so we will continue guys uh what we are going to do with this login guys i created the initially this table first this one in our later part guys so i just prepared a bit this one we can uh store our token key here our gold encoded data here as well our token key is encrypted username here guys this one is uh useful when we do the persistent uh users token guys so we will keep our token uh in our mysql also but the main thing is in the memory there for golang map so by using this golang gobe encoding as well guys so we will encode that uh struck itself and then of course uh we are using this uh by using this token that we are we are using guys this one is our own package as well so in the in our future uh our new package which is the yabi guys will be implemented as well here in our it republic get up so next time i will once we have done this yabby series guys so definitely i will publish it on a github so that easy for us to use or reuse this login authentication system guys using this of course these are webassembly guys it's a is the future of web development okay so this is the the thing uh we will uh use this uh to ease out our live guys as a web developer software developer engineer okay so this one we will keep it persisted uh you will know this uh in a later part guys so i just planned this like this so maybe for the changes in the in the future guys so okay so we will use this um js cookie as well uh this is a very popular js cookie for us to store that user's username guys so we will uh we will plan to insert only this what they call the yabi username we of course encrypted one without any other information guys this is our plan this is what i'm talking about here uh any browsers like a google chrome or a mozilla there or something guys we will insert one for example this is our thing guys so these are all the defaults one this is for the gorilla see saraf all these things okay for the ga this one we don't we don't touch one this one is a default for the gorilla csrf but again uh we need to insert our own uh cookie here called uh yavi so in the future guys in this login system uh you can see uh there is a new uh cookie here uh inside this uh of course this one we are working on the local host guys but if of course in our when we publish this on github i mean publish it on our production server there on the ubuntu server uh of course the this address would be uh like heliconsco.com or something else okay so this is our future plan here and then we will use this uh popular one which is the cookie this one is only this participation of this one guys is only to insert this uh insert the cookie here okay this is the role of this js cookie very easy to use and very convenient for us developer to insert cookie to the user's individual browser there okay why we need this yabi new yabi um what they call this uh cookie here the cookie name actually is a yabi you can actually rename it whatever you want guys but this one we can store it in this uh each individual browser we need to use uh at least we can store the encrypted username only okay uh for others uh other websites or other um programming languages guys uh like in a django or python or something any kind of thing like also in the springboard there or java they normally we will put most of the thing or even the jwt that one you can extract guys so you can decode back to the they have the decoder there so if you have the token there then you can extract back all the information the payload but for us here in malikan's code is very interesting okay guys uh i just hi okay but actually i'm telling uh our future plan for this login guys okay uh we need only the the username but that username of the user is the encrypted user itself again when you when when a very curious user or very advanced user they're checking our site definitely can search uh with our um uh cookie here whatever there whatever we are using so um you can see that this content here this is actually encrypted from the gorilla okay but for us the name here is yabi and then after this is the uh encrypted username so our content here in the cookie itself is for the username only we want to capture uh get the username from uh in each individual browser for the user who access your site okay so and then we will validate that because we will validate here if there is a trust this computer for 30 days then we can validate or validate this from the user's browser itself um like phone browser also is possible safari all the major browsers there any browsers then they can attack that can accept the cookie there then we can get our username and then uh you know why we don't have much information like this here because we are storing it in our uh golang's map there uh with the group encoding okay so that one is a more secure one guys so we only um expose here uh the username of the user it's not the user id but the username okay but oh of course it's encrypted again okay so that is the most interesting part so when uh an unattended user or whatever the user they're a very curious user they will check they cannot easily decipher what what is the content there of course uh this one also like like that guys uh okay so it's more uh of course our default uh user token expiry is um the standard one is the 30 minutes but if you want to have these 30 days then of course we will do that in our golang map and then our of course with our persistent uh user token here we will keep as well as a backup when uh why we need this a persistent persisted uh user token guys because when your server like this one if you want to go run just to simulate guys like this when it's running so what we can what we're going to do is uh now our server is running then our golang map is there it's also in the memory but when i end up this one when i end all the golang maps also disappear okay so when you run again the web server for any eventualities there this one we can avoid okay again all our golang's map is empty but what we are going to do in our future plan is once we have these um all the users authentication guys we will keep it here in this table okay the user token this one all encrypted one guys this uh token data and uh token key is our username actually but uh we will encrypt this as well and then this one of course uh by default is encrypted okay um expire on is uh i just want to put it here at the moment guys but we can remove it if we don't require in the folder but definitely these two token key and the data this token data is actually is our exact payload okay whatever the last name the first name last name whatever they're there they join of the user or something like that guys so the user id all everything in in this thing when we keep the user token so the moment when we restarted this server again we will have that kind of a certain function to load to capture everything whatever is in the data here that is not expired of course we will restore back to the memory there into our golang map so we will restore back all into the memory because our primary source of users token is in the golang's map so this one is very fast and efficient guys because we don't want to query every time into our mysql database okay we don't want to stress too much our mysql database or any kind of database there we will throw it to our uh what you call the memory it's very fast every time when the user or request like default the page loading or something any kind of authenticated pages or protected pages we will keep that into the memory only so we will store it don't worry it will not grow because we have also we plan to create uh what they call these um go routines okay we will clean up everything here as well no worries because we are in goal line guys okay so we all have uh this kind of uh i mean the power to develop okay as a developer or software engineer okay guys so too much of talking guys uh sorry about that i just want to give you a overview of what we're going to do uh with this login okay so uh with this a login session now so we have done the registration part we can uh actually we can now insert with this table the yab user here okay so we have this harlequin's username and then of course the password so we will our plan is to load all this uh valuable information for each user to our users map their goal lengths map so we don't want to query every time our mysql table here so we don't want to stress our mysql or any kind of a database guys and this is just um uh my experience guys okay so we don't want to stress too much our role for my uh our role of any database should be the storage and then getting all this information only we don't want to get we don't want to stress too much there so it will not be burden our server much uh no worry about the memory as well because the memory is nowadays uh golang is very efficient in the memory storage case and and then okay so too much that's enough okay guys um we'll just continue on so this is what we have left out guys uh from our login here we will continue this function okay so we have done all the basic uh validation here we get a password from the user and then we will actually get in our previous discussion and then check the password here we will continue with this one guys and uh this one we have done already so we can just remove these guys this is for our testing in a previous one so what we're going to do now is uh [Music] check password as well we have done so now we will continue on with this uh his password match guys so we will copy this this this one is a boolean one so okay okay we will continue here guys so if this one is uh is both password is match guys then we will get uh the user's information uh from the okay i just put a lovely comment here guys okay i love to do this and just put in our notes okay uh then we have user we have some local variable here so uh we will create this we will create this user first guys i mean the new function here so we don't have this yet okay so we will copy these uh what we're going to do is we need to capture all the mice uh we want to capture this all the information like the first name email address the username the middle name address or suffix everything like this guys we will uh we will get this one from our mysql table first because this part is already successful guys already check the password is all correct so we need to get all the users information based on this username provided from the login here so whatever the user is logging in here we will uh authenticate it uh we will match it with our yabi user table here and then we will collect all this first name middle name and the last name okay so uh we will add on this uh new uh function here guys okay guys uh to capture our time um i created this one guys so no need for us to do it again and type in all again to save our time guys okay uh what we're going to do now i just explain a bit uh this one is a usual get what they call the query row guys from the official mysql uh mysql driver therefore golang so okay so we just want to select all these things guys i think i suppose you you know already all these things guys because we have done many things here so no worries this code will be published in our marlikan's code okay so we will just a basic query guys matching with all this username and then of course uh just a normal safeguard kind of thing guys but uh we we know we all know that uh our username there is a unique one okay so what we're going to do is acquire with this username here match all the scan so we i i reuse this um our user uh struck guys so this one we this is uh this is very important guys because we can reload it and reuse it because this is the exact table definition from our uh yeah our table there so i just want to retrieve uh but the password we don't retrieve password guys okay this is a this is a more uh secure and safeguard yes anything that you're going to do don't retrieve don't retrieve the password at all or store it in a memory or store it in it somewhere else except of course we don't have a choice to the yabby user table there okay this table but uh in case of a session kind of thing we don't store but those other systems guys the most especially this is what i have experienced as most especially if you are using those um framework kind of thing they have a lot of storage they store a lot of uh all this information um is what i've heard only in the and the spring boat there uh i don't know if for those people who know spring boat i'm not also familiar with spring boot but one of my friends they're saying that the springboard actually they are storing most of the information there so it's very hard to control because that one is a framework kind of thing so but for us guys this is what this is the beauty of your own uh user's authentication okay just trust yourself guys okay and then um learn anything here most especially here in marlinkan school just kidding guys okay uh this is the beauty of our own um customize our own framework it's not actually the framework but actually you have a full control guys okay uh with your own user's authentication you can do whatever you want to do for us we only store username into the user's cookie there okay this is very important guys don't need like this one again we only store the encrypted username in this part for other frameworks out there they store a lot of information here okay if this one it will be decrypted then go on case any guys okay scratching your head again just kidding guys okay this is the beauty of it guys this one is uh this function basically returns uh we fill in all these struct here this track that we have done in our previous discussion okay so we just fill in from the mysql data this mysql data here we will fill in back to that struct okay no worries again the struct only holds uh one row at a time okay guys one row at a time okay after that it will be replaced again even if you retrieve a new user retrieve again okay and this is the thing okay we will go back again guys okay so we will continue on we will provide our db cone here our pointer here guys for our mysql connection and then this is the username here okay of course because we need to have the username okay so now we able to capture our user guys what we're going to do next is uh we need to here we need to generate guys something like generate new demand token our favorite our own demand token guys again this is the beauty of our own packages guys and we publish and share it into our github there it republic github guys okay um the yabi for the yabi user for our marlin get up guys that one is for the source code okay but any packages that we publish and share it with you guys we'll publish it in our another github there which is the it republic okay then must convert i just put all my notes here guys all the different uh different type types of different type types of into a string okay um value okay just uh okay guys uh token payload so we will be putting this and then we call our demand package tp here okay so we have our time token so this is the time guys this is the get up if you want to get it all into our all it republic thing so we all using this our own packages okay so we don't rely heavily on others guys so if you have your own then you can understand what you are doing guys because you you have done that uh everything okay from uh by yourself okay okay um now i'm what i'm doing is um i will uh copy paste for a while okay so we all convert into a screen guys um this fmt dot sprint is very useful for us any values inside here will be converted them automatically with a string okay string value this one we all this is our customized payload guys okay so we want to have uh all in our username here this is our customized one guy so this is from our structure our model so we can store the username okay later i will just explain guys no worries email okay another one we want as you can see i never put the password guys okay don't ever ever put that password there okay guys and then first name okay just match correctly meanwhile name i just want to capitalize everything here guys because this is the payload just to standardize everything okay uh this payload is very useful when we retrieve back after we can log into our dashboard there so we will retrieve all this information no worries we will uh collect all these once we encrypt this into a i mean the gobin code okay okay guys uh some message there guys okay last name and then okay this one is a middle name uh we just want to collect everything there guys except for the password last name okay this one is for the suffix this one is for us standard guys this one is something like a junior the third the fourth and fifth all this kind of thing is senior junior all this okay so effects this one is for the suffix these are all optional guys but of course we want to capture it this one for you guys out there you can reuse this um extra column for whatever purpose you serve okay um this one is super user and then this one is admin this one we can enhance further in the future guys uh his admin we just want to put everything here uh the last two probably the login and the date join okay so i just won the last login and then last night last login okay this one and then the date join okay this user the user when it joins okay they join okay the last one okay so we have done this part we will continue with this thing guys uh not yet done guys actually still many so you will want to check here the site keep me is equal to true guys so we want to check first because we want the bar token expiry yabby we require this you can input the number of days you want to expire so you can customize it guys okay uh if if the user tick this uh trust me okay so after this we will uh uh continue on guys this one or the validation here okay uh if true then we can validate further guys okay so these are all encrypted one then we can pass on the encrypted username back to the users there these are login uh here we will enhance further guys in our next discussion so we don't have much time i will elaborate it in our next attention video guys here in malikian's code okay so this at the moment we will stop here in a moment okay guys thank you so much for watching my video here and here in malacanang school sorry okay so uh i hope you enjoy our tutorial series here guys in markets code and we don't have much time i don't want to make a video very long guys to get maybe you get bored something so thank you so much for watching so we will catch up in our next video here thank you so much for watching my video guys can you subscribe to my channel so that uh you can will be notified and press that notification bell guys so that you will be the first one to comment okay i mean you will learn together here in martin's code and um again um in our um interesting part uh here in martinsko which is the uh what they call these uh by mentioning your name guys uh to shout out those uh who commented on on my last video prior to this video uh his name is [Applause] rajashekar rajas shakar okay the comment will be flash in our screen here guys so thank you so much raja shekhar uh for commenting out in our next video for those people who want to honor here in bharlikan's code guys can you comment down below don't be shy just kidding okay guys that's another to honor you here in malikan's code and uh of course i want to honor our users and viewers here in malikin's code so we learn together we share everything here guys as well okay um thank you so much for watching guys and i see you in my next video here in martin's code may god bless us all thank you and bye bye keep safe everyone

Info

Channel: Maharlikans Code

Views: 98

Rating: undefined out of 5

Keywords: go, golang web development series 30, golang web development course, web development with go, golang tutorial, learn to create web applications using golang, building scalable web apps in golang, golang good for web development, golang http user authentication, golang http authentication, golang user registration, golang authentication microservice, golang session authentication, golang webassembly, golang mysql, golang mysql tutorial, golang sql, golang login authentication

Id: 3osB_8jh5eI

Channel Id: undefined

Length: 30min 59sec (1859 seconds)

Published: Thu Jan 21 2021