Golang HTTP User Authentication Yabi Series 8 | Golang Web Development | WebAssembly Auth System

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] okay guys welcome back to the channel this is tutorial series number 28 here in mulligan's code okay we are still in this ayab series guys uh the sub uh series here in uh golang web development uh series because it's a very very huge topic guys okay and um we are we're about to continue our activation guys uh account activation for the new users registration so uh we will validate when the when the user click on that confirm registration button from their email address from their email inbox or whether in their spam email or their inbox doesn't matter at this moment because we want to ensure that when the user clicks on the confirm registration button there then we will proceed with another static page um whether it is a successful or not then we will throw the photo for um error message that we have done in our previous discussion so right now we're continuing on we will validate if the token that the user is about to click is it valid or not so by default we will set to 30 minutes after the user register to the register to our site and then and then it will receive into the email address there and then if they don't click for that for about 30 minutes then we then it will we will throw the standard photo for error that means the token probably it is already expired okay so we will continuing on and um okay guys let's dive into this tutorial okay guys we will continue okay um this is what we have left out guys and then um we would like to enable this uh what they call this uh activate account right now we have disabled disabling this now we enabled back but uh now we need to create this function guys okay and then we will after that we will update our mysql table there that is active status there which is uh by default uh it is false or zero or off or something anything else okay and this uh ur url pattern now is a quite uh not not usual in this topic now guys because uh we have now we have this uh token variable here inside normally in golang uh what i call this a gorilla max there you can place the variable inside here and then as one of the arguments or parameters of that url so for example slash mohannikan school americansco.com or whatever the site is you have then slash the activation here and then of course your variable inside so we will get whatever the data inside in this after this slash here guys so we will capture that means this is the token part here and this is the url pattern for our activation email so this this one we have done in in our previous discussion guys uh remember when we have this um register here uh we have fix at the moment here guys so and then the talk ender this is how we going to feed the information on that after this slash here so that means it is a token so we need to feed some data there otherwise if you don't have this data here then we will throw the standard 404 okay so and then we have embedded the email confirmation url here uh whatever the url you are [Music] creating and then we will proceed with this email confirmation url so that one we have done in our previous discussion okay so uh this is what i'm talking about guys this is what we have left out this is the confirm uh confirm registration or whatsoever your button here or activate or something or something like that guys so just to confirm the user's uh new account and then we will change accordingly uh these uh i already clean clean up the the previous record but we will get here uh this field is active we will change the status from zero to one okay that means it is active guys uh because he already or he or she the user there um click this confirm registration as long that this token is uh still valid guys within 30 minutes period but we can fully adjust this it's up to your own liking there okay so we will continue um this is what we have done here guys in our previous discussion but of course if you have launched this into the production site we will uh switch this automatically guys um maybe we can probably we can programmatically feed this um this url pattern here because we have done that in our um what they call in our main itself here uh okay we have done this is prod server mode uh right now by default is uh we set it to false okay so but if if you are in the production site you just change this to true then the rest will uh will follow here guys because we programmatically uh set here like if this variable global variable here from our main uh main dot go so if this one is true then we can use whatever the url that we are using like your of course your domain name already guys or for a public ip address or whatsoever that one okay so uh it's just a sidetrack guys okay um we will continue so this part is we have done but right now we already enabled this um this one guys so we need to activate this we need to create a new function for these guys to cater this uh url here so he will uh proceed it with the and the bottom part okay so we will continue okay guys um i already pasted this w then i think i need to copy guys no need to keep typing this okay so hold on guys okay and then of course you put our lovely text here okay this is to activate is to activate the new user's registration uh new user registration from from or directly from the user's email address oops okay enough then of course we need to copy these guys this one is all standard one so probably maybe we can copy this as well this one all standard one guys okay hold on guys um right now this one will be changed so what could be our account activation we will create this new uh static static html guys later on account activation complete so we will be proceeding with the racket there or something guys so okay guys um we will continue um at this part we will create this paragraph now so we will just want to change this um text here so we just want to change first guys these are all the static one your new your new config site short name so that means whatever your short name there account has been activated okay [Music] short name um just uh this one is necessary also guys because uh we need to give the proper name here for page title and description guys your newly created um whatever is your name there and then we just concatenate okay account has been successfully successfully activated okay i want enough and then these are all the standard here so probably we will create this uh later on guys so um okay we will continue we need to extract the parameter here guys right now in golang itself um the account activation we don't pass on the arguments here guys we will capture it inside these max variables from other languages they will capture all the arguments here like in in python or jungle there then they will they will just add on all those parameters there but for [Music] for golang uh it's not necessary guys we need to capture it in the different way here so params like this is your parameters guys whatever is your parameter there and then bars you can add multiple parameters there guys it's up to you and then we need to capture the token as well here params then we can use this param now and then get that exact name here uh here guys so exactly variable name because we are passing on that token variable there so we will capture this then we need to extract here the variables guys extract the uh we are using this demand token guys so i just name it like this so this is our own demand we call it the demand payload guys okay okay we need to extract now because we already encrypted that uh url text there guys okay this is how we can decode uh the payload guys okay this one we have done in our previous discussion guys in my previous videos there so you can take a look so we just log uh use our itr log here okay then error after this um we will now we have already decoded the the token there guys uh remember that we have that uh funny text there that a lot of strings are already encrypted but that script there that thing there is already have this this payload is ready exists there guys so we just want to decode it okay uh username then we just want to put here because our we know our data consists of uh this payload guys we can consist of username and email address there this is our actual uh payload guys that we are embedded embedding in that url the moment this demand token generate the token we we embed this username so the username itself in that url is there it is present so and then of course the expiry on uh it's up to you guys you can adjust here but the standard way is 30 minutes guys okay so we just continue here okay so i want to capture the username guys so payload here like um this one okay we just want to extract back payload and then for field i just want to name this variable guys field and then the value there you need to arrange it uh payload okay so my log uh logging is very important guys because we we will know from our program there that um is there any errors there then we can fix as much as possible guys okay so we just want to extract here and then value okay i just want to know and then we will put it on our log here uh it will automatically log guys whatever it is so we just delete those previous logs there let's keep hanging there okay uh if uh strings that our favorite the function here guys you always check if the field um is exactly the username okay if this field is a username because we have the uh many uh remember we have a total uh three um what they call this payload guys um the other one is the expiry on but this is our customized one so we embed this exact name is a user name uh please match that one guys or whatever you are adding into your this payload here this section here you need to match this is the field name here this is the exact field name and then the value field name and then value okay so field name again guys value okay and then um this is the final token here and then the expiry expire on okay there is a expire on here guys so we will uh come automatically that one is we will check that expiry on as well later on guys okay this is the exact name or capitalize it's up to you guys but normally we will capitalize everything guys okay and then we will use that username bible to capture the username sprint if one of our favorite functions as well guys this one very helpful guys to convert uh whatever it is into a string value there okay because uh right now this field uh this one is a string but this one we will automatically convert guys so i mean the value here is an interface uh type uh we will convert this into a string whatever you are adding there most especially this interface so the value here is the value okay so um okay we will continue guys so we just put some marking here uh for your information guys we don't [Music] neglect this okay get the username value and then we will continue to check guys further uh if length wanna call this um okay now we will check these uh strings that dream space if this username variable is um it's not exist guys or something like empty or something so we don't allow to activate of course guys then we will uh throw the 404 here guys by calling this a page not found function this is our own function here and then you just supply with the standard response writer and then the request which is the wr the famous wr okay we will continue so if this one is empty guys meaning uh the payload uh is not exist or something because by default is empty then we will automatically uh throw the photo for our own customize 404 error guys okay we will call this function directly instead of the using that http redirect we don't we don't use that so we just call directly that the page not found function and then you just pass on this w r okay and then [Music] one more thing guys we need to check uh this is the main thing as well check the uh demand token expiry okay now we will check the time that now guys we will match from our server this is the current time from our server unix okay um then expire on so from the token payload here guys the the expire on and this is the mandatory field of uh present in the demand token itself so we now we are using this expire on um early on we'll just scroll up a bit uh we are we have we we entered this the expire on field here the configuration then we feed with the 30 minutes then we will convert because this one is a in 64 type so you will convert this into unix time which is the in 64 guys so easy for us to match because these are all integer value in 64. so this is how you deal with the time in golang as well guys uh you will conver you convert it into unix time so okay hold on guys and then uh you just uh convert that into unix time now is both integer uh integer value okay so if this current time uh convert to you next time as a in vote in 64 ready guys so you can use the numeric uh comparison like these are greater greater or greater or equal to or something like that guys so greater than uh this time that now is if if the current time converted into the u next time um is already exceed guys i mean it's already expired okay uh with whatever we set in our token expire on then we will uh um throw the standard 404 guys up but uh before that we just want to log as well guys but this one is it's up to you guys uh we uh i love to log everything guys but at least we will know uh what happened if the user uh complain or something like how how how come my user can have a new user's account cannot activate then we will we can investigate in our itr log okay guys the uh practice this week is more uh convenient and very helpful for you in troubleshooting in later on part okay expire on so we will log everything whatever the data there you can add more uh information guys in your log then we will throw the standard 404 here guys w then r okay so now we have done and then we will be refining a little bit guys now in this case we will [Music] we will continue with the thing okay guys uh we will continue we will have something like uh we need to check our database now guys okay uh open the mysql mysql db connection okay uh dbrb as usual and then guess we already set this and uh on top guys okay open then mysql and then our own customize function here db con str and then we just put blank as our default one is we only have one database there so if any errors and then nail then we will just throw an error here guys okay hold on guys um dear log dot error then we just throw directly the error okay and then we defer here db okay so at the moment we need to create a new function guys now we need to touch with our mysql table there now activate the user's new account which is the is active sequel to true status just change the status guys okay and then we will create here guys um okay i think we i need to go to the users here guys so what we're going to do is we need to create a new user's function here guys okay so we together this activate activate you user okay we will create a new function here guys so we will call it um activity bait user okay and then of course our standard one so i don't want to repeat myself again okay and then uh this would be boolean value here so this one our lovely likes will update very specific user status to true or active like that should be enough okay and then [Music] okay i think we no need to add this uh update then error uh we will update directly now guys uh db con prepare we're still using this prepare of course update so this is this we will concatenate here guys okay this is the yabby table guys so i don't want to uh change that so we only have one table guys okay update uh yeah b table this is our yabby table and then set is uh active is equal to question mark uh where um user name let's see go to question mark again so this one is a more secure guys this is the standard way guys all the question mark there uh this will be escaped automatically by the golang mysql uh server i mysql library there okay so if error here then we will check okay and then return false if any errors then we don't set to true and then um pass on all the what they call this a parameter here parameters or we only have one or two this one is uh we need to change this into username guys not the email so pass on the parameter values okay we just want to take note guys okay the update statement here is uh same thing with the exact and then we will set it to true guys and then the username okay you need to match guys remember when you have this uh careful with this um what you call this argument here uh the first one should be the uh it would be the series it would be much in your exact statement here guys so your first uh question mark your first argument here is the is active field so you will supply it accordingly with the um true or whatever is your field here and then the second argument which is the question mark here the question mark symbol then you will feed with of course you need to match guys okay remember that please need to match rather than scratching and troubleshooting most especially guys when you have many uh fields here already under the any statements that you are preparing here uh please um remember that it must be in the correct sequence okay it's active and then you match it here and then the second one then you match accordingly here okay and just um quick reminder guys activate the user's status now okay so now we are activating guys and then of course don't forget to close your eyes in your connection okay if it is just hanging there then problem guys you have too many um and close uh mysql connection so better you close it otherwise you have problem with your mysql connection because there is a limit as well there okay um and then it will consume a lot of memory in your um of course your server guys so we have done this activate user with the corresponding update statement here just a simple straightforward update guys okay update table name set uh whatever the field here is active in our case and then of course uh username so our username is a unique one so we we only want to state it here so okay guys uh we can add the add-on here like is active is false then but in this case there's no point guys um because this one is a new user's registration so by default it is of course it is uh false there so but uh no no harm when you add something there but this one is um enough for us guys okay okay guys so we will continue we have done this so we will copy this activate new function and now we can check because this one this function returns a boolean function guys so we will check if it is true or not then we will know okay so we will have some local variable here okay so we called our localized thing then activate user okay good then we will pass on this database connection and then the username because we have a username here we already extracted from the payload argument the parameters there okay so we will uh now we will check if is active then if it is active guys then if it returns then i mean this function returns true that means we already set the mysql table there for this specific user uh this active status is true ada so we will return it with true otherwise if there's some error here or something and we just uh we just return it with false guys okay whatever the reason whatever that is on the return we cannot find the user then it will just simply return it with the false then this statement here is true so we just want to cut this and then put it inside guys okay so we will display nicely with this uh uh our static we need to create this uh please remember me guys okay uh okay okay we will uh then after this we will put the else statement here guys since we don't return yeah by the way guys you can uh return for those um i don't know yet uh you can only create the else statement the within the goes if else statement when you don't return with the thing you don't return like uh i mean what i mean is we when you return uh something like something like this guys then your else statement uh it's not uh it's not working guys i mean um no need for you to put the else statement because you already returned this is how go is maintaining its code okay uh let me try again just a sidetrack yeah as you can see there is an error already guys okay uh as you can see if block ends with the return statement so drop these else and now out then so that means you there's just a side track again yes just a hint okay so if you remove that return statement there then you can use the else statement okay whatever the if else lc for something and then we will return the page not found wr okay now it's okay uh not yet ready to go we need to create one more thing guys another [Music] this is the new static page here so we will create under this up front okay then html just follow with the same thing here guys the the 404 one okay okay guys to capture the time i pasted the similar with this photo for html here just it's a good thing if you have a template guys then you can just replace whatever you can save a lot of time when you're doing this uh templating guys okay i just changed here with the new account activation completed so these are all our static um what they call the html here and then of course there is a image here a new account activation completed so we will we will see this a beautiful simplified decent enough whatever the title it is of this account activation complete later on later on part later on guys when we um demo and then we will activate these new users okay uh new account activation completed your password has been set you may go ahead and log in now okay and then all the standard thing here so we are ready to go um i think okay this one okay we no need no need for us to export uh no need for us to build the wasa because uh we have done the assam there so yeah just a purely thing here i guess we'll go run main.go again i think it's ready to go now should be no error okay it's good uh we will um this is my thing we just want to delete uh delete this one guys because we want a clear one and then we also have i think we don't have also okay good we just want to refresh don't forget to refresh ctrl f5 your um your browser i guess sometimes the browser always uh cache uh most of the thing is okay so we will uh and again the our favorite uh example users here support at maharlikansko.com again the password we don't want to trouble us up at the moment okay with the long password guys okay register um we will expect to redirect okay this is we have done this we will check uh the moment here if we added okay added and then of course this is the critical now guys uh um the is active is zero okay uh i need to refresh our thing uh our email here it takes some time okay not yet please okay now he's coming uh now this take a look guys when i click this this is our last part uh now we have activated our uh i need to click this guys but please we need to check whatever uh this is our account activation guys this is the link okay this is the link here so this is the actual link so the embedded uh payload here is after this activate and slash here so we need to extract uh this one these strings here is contained with the username and the email address so now uh it's already embedded in this thing guys but the same grid also um encrypt this this is a good thing if you are using a sendgrid uh smtp guys so if you click this uh remember that we have the is active status here is zero uh after the user click that click this then we will it will change to one that means it's already active user okay so we will try to clean guys let's see what will happen okay now i'm clicking page okay um maybe something wrong there you guys need to investigate further new user activate okay account activation send okay we need to check further guys let's see we already changed no no that means something wrong there so we need to check our log idr log we need to go to the bottom there let's see what's the problem register hopefully we can find something account activation send register this one done okay x now we can um we can get the value as just an example here guys from our username here because this is our key value that we need to match from our mysql table okay match there then we need to activate that user okay so we can um remove this um maybe not not at the moment because we need to test further this um expire on guys so we need to uh expire it in the few seconds guys because uh if the user just to simulate only uh we have here in a minute so we can change this into a second guys and then we can just um change it with the maybe five seconds so when we can expire quickly okay we will change that later on so when the moment when we simulate this when the moment when the user clicked this and then the token already expired guys then it will return a 404 should be returned the 404 guys so we just want to delete again just to clear up and then we need to empty again the table guys just for the sake of testing then we go back to the register okay but before that we need to refresh our thing because we have changes in our golan code here okay um now we are expiring uh in five seconds time guys okay uh we just want to run and then we will register it again okay so just a quick hard refresh um harley cans and then support harley cans guys okay [Music] thank you okay i want to click the register okay the lovely email sent then of course this one it is there default is false now uh the expiration there is five seconds guys uh it should be expired expired now should be because that one is a five seconds only so the moment the email arrived it it is already expired guys doesn't make any sense but this one is for the testing purpose guys just to test whether the expire on for the demand token is expired so the moment i click this to simulate the user uh like the user take time to click that button there or that he maybe forget then uh now it's uh try to confirm it should return a photo for okay okay because this one is expired guys so we have our uh although we can capture the harlequins here but we can check our log guys because we log uh this demand token here that's why it returns a 404 here there is a demand token has expired so we want to check this log from our lovely itr log here okay so okay guys it captures the log uh thing guys that did that means uh the the user for this uh username maharlikanz demand talk and payload so we already we already logged everything here guys so talking uh the demand token has been expired so this is the the unix timestamp guys so that means if you see this then we we already the the token expired so when the user complained to you something like how come i cannot uh the beauty of vlogging is uh it's there guys so we can investigate the further okay and then quickly so we can you can log more uh thing here like get the username as well or we can add the username or whatever the user okay yeah that one is that makes sense guys so the username we can you can log here as well guys uh demand token has been expired uh for for user or username we want to add this one guys it's not a variable okay and this is the variable and then of course uh just split it with the time guys okay i like that again okay oops need to um okay why are they showing let me just put like that i guess again okay and now it should be okay so we can uh you can add the folder here guys you can add more multiple uh logs so that we can investigate easily so that means the user take time to click our confirmation button there okay so this should be enough for today's discussion guys and um probably we have done this and we can i just want to return back this uh thing uh this one is for this i mean it's guy so we can set uh 30 minutes here is a standard uh across the uh knowledge there guys okay so probably we have done this and then we have all successfully tested and then we have done this confirmation registration here uh the next step would be the login guys so we can log in from our [Music] dashboard there but of course we need to authenticate guys uh this user registration here and then we have done this uh registration then the next step uh for us in my accounts code here we need to log in that user because since this user is already activate guys so okay so this user is active ready guys so we can log in here and then authenticate again all those password correct or not and then after that we can uh we will check this forgot password guys so we need to reset the password okay and then we will send out the email again and then click the token there and then they can change the password with the with this username and the new password okay um okay guys uh we need to test uh one more thing guys uh just a quick one um we need to test this uh expire on guys so whether this this one is uh now it's a default by 30 minutes so we just want to expire quickly guys okay so five seconds okay and then uh from this demand token here we will change uh we will log accordingly guys uh i added this username and then of course the time that now so we will uh test further here guys so we just want to clear everything first and then we will register it again with a very quick one when we want to test if the expire token expiry is uh uh it's still valid or not guys then uh okay we will test quick hard refresh and then uh oh no this one is a sign up uh register here again our favorite one support marlicans guys okay thank you again okay uh we set the expiration for the token guys is for i think it's oh yeah it's five seconds uh by by now it should expire guys so the moment when the user click to confirm the registration guys then it will return to uh it will return with the standard 404 error guys okay and then um because it takes time but normally we will set it to 30 minutes but we just want to simulate only if the expire token is still activating so we need to test further guys okay i just want to refresh okay now is the email is coming up uh by now when i click this this scenario is like the user uh take time to click the buttons here to register his account or her account okay you just want to click okay now it's good because it's already expired guys we want to check further here in our thing uh the username is uh although it's still capturing but uh we need to check our log because we are logging uh everything here guys so that means this demand token expired for user name helicons okay these are all the unix timestamps now it's totally um working guys because we set it to we set it to five seconds to simulate this token is totally working as well guys so we put back this uh time that into a minute okay so we will put this into 30 minutes okay so give some buffer time for the user to click guys okay that's all for today guys okay that's all for today guys and um i hope you enjoy and enjoy learning here in harlequin's code and i hope i impart with you especially our students out there um our friends students out there who are listening uh thank you so much for your support and uh here in harlequin's code and um i hope you learned a lot here in american school especially this golang web development series here in manikins code guys so thank you so much for watching uh my video and the tutorial series here and uh now is our interesting part is our shout out section in harlequin's code okay uh we will uh we will shout out one user from from our previous video that uh commented out so we will shout out uh our student here named uh to shar giggy i'm sorry how my wifi i pronounce it wrongly um toshar gegengi so the his comment will be a flash in our screen uh the bottom there okay so for those people um uh who wanted me to shout out your name to honor you to honor you here in harlequin's code just comment in this video and then um i'm glad to i'm happy to mention your name here in our maharakans code and thank you so much for your support and i hope uh more people will share the uh share our uh videos here in my elections guys so thank you so much and um for all of you there supporting my channel uh thank you for those people who don't subscribe yet please consider subscribing so that you can have more videos like this and i'll be inspired to create more videos like this guys um okay uh just this is one of my passion only guys okay uh just to share the knowledge there okay so these are all the free ones [Music] okay for because for others they will uh you will go with the own course or something guys and then they will you will pay more but here mulligans i i'll share it with you guys here with the actual code of course and we will publish this in our github in by batch so thank you so much for watching my video kindly subscribe to my channel again guys for those people who don't subscribe yet um thank you so much for your support may god bless us all thank you and bye bye keep safe [Music] everyone

Info

Channel: Maharlikans Code

Views: 283

Rating: undefined out of 5

Keywords: go, golang web development series 28, golang web development course, web development with go, golang tutorial, learn to create web applications using golang, building scalable web apps in golang, golang good for web development, golang http user authentication, golang http authentication, golang user registration, golang authentication microservice, golang session authentication, golang webassembly, golang mysql, golang mysql tutorial, golang sql, golang email confirmation

Id: 1_qMZaWwJ8Q

Channel Id: undefined

Length: 51min 57sec (3117 seconds)

Published: Thu Jan 07 2021