Golang HTTP User Authentication Yabi Series 9 | Golang Web Development | WebAssembly Auth System

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

[Music] okay guys welcome back to the channel this is tutorial series number 29 here in marlikin's code okay we are still in this web development series guys and uh also this uh sub series now is a yabi series number nine which is uh uh the login authentication using uh this web assembly here in my hands code so okay guys so we are about to start about uh we are about to start our what they call this login now we are going to authenticate the user's account guys because we are fully uh tested and registered our users registration is actually now uh working and tested uh so far so we have a quite decent users registration here you can have our you can have our own users authentication guys so right now we need to do this login or user authentication guys now which is the login page we are working on this previously we have done this but uh it's just a bare one no authentication nothing at all it's just a plain html and then the webassembly okay right now we need to continue this and then we will validate from our yabi users there the from the mysql database our table which is the yabi user um okay guys let's dive into this tutorial okay guys welcome back okay this is our last discussion guys so we will i have a user here to capture our time already guys so we we have a username called the harlequins in our previous discussion and then i changed over the the email address as well and then we have some encrypted password now we have fully uh activated this user from our previous discussion as well so in the is active this is the key guys that is active uh field i mean the column there is should be one uh the one is the indicator for uh user it has been already activated fully uh from the from the from the user's uh inbox there that you remembered our and previous discussion guys okay so he or he or she the user itself um fully activate the user's account through email true email address guys okay right now we need to try to log in this we will validate using this one guys if it really can authenticate or not okay this one is a very raw uh usage authentication first guest and then we will enhance uh in our in our previous discussion again so okay we will continue and then this is our previous discussion guys um this is just again this is a very raw one but uh it's already authenticated using this login okay so one more thing guys i need to uh to tell you that uh our own click here no need for us to pass on all those username and password the object expect because this one is automatically it will capture everything the the objects or the elements or the doom elements in our uh whatever the html there it will capture automatically guys from our web assembly so that one is the older fashion now you need to specify like this password here and then like you do that like this uh now it's not no need guys okay i just call those uh function itself then it will automatically whatever the elements here password or inside keep me it will automatically capture in our main that go in our webassembly guys so this is our login in our previous discussion this is our the very first one for testing so we have the username password all these things guys it will capture automatically from there whatever the elements uh in this html there it will all capture guys in our web assembly this is a great guys because um golang's uh the latest golang or yeah it will uh capture um everything whatever is there that dome elements there okay so also we have a fix as well and from the user's registration so no need for us to specify whatever the elements you are going to pass through this uh web assembly okay uh but no worries guys i will uh after this video uh i will publish this into our github so that the latest source code will be published as well there so you can grab all these source code guys but of course don't forget guys mahalikans okay thank you for the support okay guys uh just subscribe to my channel guys okay uh okay and stay active uh now we will continue guys so uh this is our user here so we will create the users here again but this is our login endpoint so our login endpoint is here i guess this is an existing one but we just want to enhance it okay but in our webassembly um this is our webassembly which is the login this is already exposed to our javascript there our html is already exposed from our previous discussion so okay now uh to capture our time guys i pre-define all this information you follow we have a template already guys from our registration here in our previous discussion this one is already perfected which is the webassembly here so we already we have this payload here whatever you are going to throw to our api there so um we will pass on like the usage registration here and then from our out now we have this these are all standard codes already guys okay so no need to uh do it again and again okay guys i just copy paste over here these are all same structure okay api response the only thing guys matters for our site is the payload here and of course the the elements the dome elements here which is we have only the user name password and then the site keep me which is this one guys site keep me for 30 days or something like this yeah okay so we have this three payload here so far i think this is a decent enough this is the most important part okay so all the validation the swallow here now we have to change instead of the register we change to the another url guys or the api which is uh here is already existed from our previous discussion but we just want to enhance this okay so this is the very basic one only the the structure guys for our login uh user endpoint so we need to enhance this and then okay so we will start over here we just want to print something here guys and then but we need to continue guys okay so we will uh pass on all this um the yabi here so we also have we need to copy this one as well guys so no need for us to redo again okay i just want to copy this and then this one is a structured one guys it's okay ready and then this one we just want to say legend this one is the yabi is the user's uh credential okay credentials you know uses credentials using credentials credential payload okay this is what we call a user account guys okay we change this so we don't have these things we only need username password and then of course this site keep me oh i think i need this one because this one we don't have in our users uh struck there guys so this one is uh okay and then we need to validate but of course we will create the login first guys i mean the login authentication names same thing with our here guys okay we just want to okay we just got this one actually same guys okay guys uh we will continue on so i already predefined all this the basic one guys so no need for us to uh keep typing all these things again all over again so this one all all exactly same guys with our previous one of course we need to validate all those empty one guys and then the username password and the same thing and then we will return this new function called login user okay we will return it with a boolean one and then of course the error there so username and password you already have this experience guys okay um now we will get the users stored hash here guys so hash password so what i mean is that this one we need to capture whatever the password here guys stored in our mysql this is the hash part the very long funny strings guys okay you can we can understand this one all encrypted one is a one-way encryption we cannot decrypt it back so we just want to know that uh we just want to compare this compare this whatever the has stored in this uh specific user which is uh this time is the maharlikan's username so we want to compare these uh password here stored uh in um encrypted by this golang b crypt guys okay this one is very secure encryption because this one is a one-way ticket only guys get the user stored uh password so we want the p hash here the local variable and then we need the error and then we need to get this get user password we need to create this one first guys um okay so i will get this and then i need to create this one guys i think similar to okay hold on guys to this one guys okay we just want to copy get user password okay we need to uh get the user's password guys uh okay [Music] okay hold on guys uh gets the authentic get gets the hash password stored stored from stored in the yabi user table okay we need to get this hash password guys so we need at least the username and then we will return it with the string guys not just and then we will return it with the error here okay the standard error here guys so we want um this uh update instead of update we need to select guys and then the password uh from the yabi user here where uh username or user name and is active now you need to validate this gun this one gets this one very important okay uh we need the username oh we need the username here and then of course and then the username we can probably enter this below the username and then one what we need is this active guys make sure it's one guys not zero okay then we need to scan to fetch only one row uh for this query guys okay i need this and variable here so we will store this to this uh localized variable guys okay this one by default is a string guys anyway the password there is a string so we just want to initialize it with the blank password okay so uh db con and then prepare and then okay nice it's okay uh and then we will uh check here guys okay this one we need okay guys just this one no need uh what we need is the error only guys okay this one because this one is a select statement so if uh error not equal to nil and then uh again we need to check guys if this one if there is a specific no record guys error no rows okay this one is very important guys when you query okay if return then we will return with an empty password guys and then of course like that that means this one is uh we just follow with this um this statement guys okay the notes copy paste is a very important face user name your surname is there okay ink password okay it's correct and later we will check then select password from yeah be user where username and his activity is okay so you're true okay maybe take time to reload okay guys we just continue on and then we will return it with empty here again this is a standard code already guys okay the structured one you can just follow this along okay and then uh neil will return it with neil you just have to refresh first guys sometimes uh the browser i mean i mean our gopls is not a detecting everything okay db cone not prepared this one should be query row okay this one is very okay very nice so we can continue on guys i need to search this okay so now we have this function there okay so we will continue with this and then what is this a db con okay we need a db con u dot username okay so we have the value ready guys so we can continue with this um if error not equal to near and then i need to our favorite error log okay and then return it return with false and then errors that the new are saying that oops error getting users credentialed okay please try again this one is a common one guys okay uh you would like to print this one empty uh we just want to know guys uh if this um already contained or already successfully captured uh or get the uh hash password guys from our yabby user table there and then our of course our original password we would like to capture this as well so that we need the plain text password guys from the user's input there uh i just want to know this password okay this one we can copy properly password okay we just want to from this one is the key in guys from our input from the user okay so we have successfully get this we will just continue on guys uh what's next should be we need to match the password now guys okay um match the two um match the two uh passwords okay just check if it's uh verified or not saying like that okay so we have this uh password uh match and then error so we will check this okay guys uh hold on guys so we use our favorite uh sakto here guys you can just uh download it or go get it from our github uh it republic there guys so this one we have done in our previous discussion guys so we make our life uh very easy guys okay because we made this into a package and publish it to the github so again you can just go get this and then you can use it freely in your project okay don't forget the marley cancer guys thank you vw hash okay so we will uh now what what this function is doing is uh it will come it will compare the the plane and then the hash guys this one will automatically uh when you go get this and then it will uh be clipped guys it will uh um this one is from the golang built-in library guys this one is more secure again very secure very secure okay uh they are using the b grip and then uh they just need this uh what they call the plain password input from the user there from that page uh here okay they would normally the user will key in originally the plain text and it's not an unencrypted password and then we will uh what we're going to do is we need to compare it with the compare hash and password so it will complain the plain password and then the compare it with this one is automatically this bcrip function here we'll convert these plain text into a hashable password so and then what we're going to do is this will return a hash password guys okay uh whether this one is true or not then this one is already harsh automatically they will detect guys this one is built in from the golang so they will compare both this uh plain password and then uh this pa this hash password from our mysql this one this this hash password here will automatically uh validate from this uh be crypt compare compare hash and password guys okay no need to worry much about this you can just download this uh helper from uh the suction as our own uh helper function there okay so make our life more easier guys as a developer okay i encourage you and i recommend you to make it as a standard package guys okay so we will continue on uh if ever continue okay then now we will check it here oh this one okay we need to log again guys okay then error and then i will return just copy this one copy this okay and then we will just say oops hash password please try again okay just want to shortcut a bit hash password error don't tell anything guys about the this one is a publicly display guys okay just uh just a generic message that is good enough then we will be having this encrypted and then this one is good enough guys um we will also we will just print this out for testing okay we'll just come here okay we are done and then here as well we need to uh call that yabby that we just recently uh called guys so okay guys uh to capture our time i added this call our new function which is the login user guys we just read the normal connection string and then user account this payload here and then of course this site keep me so later part we will enhance further our login there guys so we just want to authenticate uh properly from from mysql table there the hash password stored for each user and then uh we will compare it uh with the bcrip compare and hash password guys so we will check if it's valid or not then we will authenticate then we will go to the dashboard there okay if this return with the is account because our our own function will return a boolean guys either true or false so if it is successful it is already validated and then we will say something or we will read that like this one auto redirect to the dashboard guys okay this one is just a bare one guys okay uh we don't have the dashboard yet but it will throw a 404 most probably because we don't have this dashboard yet we will create this static page just to show you that these protected the pages we will enhance for further guys you cannot access directly in the future guys when once we have done this uh authenticated pages so it's not a public page but uh it should authenticate prior you can access to these pages but right now we don't have that so just also we don't have this uh password we don't have this page as well yet okay or url okay so we will just continue on guys okay so we will be try to run run go let's see if any errors okay okay don't have okay guys uh no errors and then of course we need to build our wasam guys remember that we need to set again set goose is equal to js remember that you need to be in your directory guys in your wasam file uh then you can set goose and set go arcs is equal to warsam and then you can catch your time guys i prepared this okay we try to build any errors there okay no errors so it's good to go okay so we have this hash password guys the password for this one is a letter a guys only letter a only one single small letter a america okay so we just want to load this now guys we want to authenticate the username there is some harlequins okay but we key in wrong password press guys oh this one is i entered correct one sorry yes i should key in the wrong ones okay you validate it again [Music] okay you will continue you will try this admin guys and this one not exist okay uh only maharikan's user here we will try this okay so usage authentication failed uh there's some uh simple message or generic message guys ever getting user's curtains just please try again okay uh we have marley cans okay i'll try these mahalikants but the user are key in the wrong first guys okay still the same but again we need to see the log first guys okay our log here is a key in the username harlequins the password is uh double a and then i said give me suppose because i never think that i remember for 30 days so the hash password guys is totally captured from our mysql now okay so this is the hash password here so we have the users here where is the test password so we password hash so this one we capture also from our mysql guys so we already captured this uh directly from our mysql table okay and then after that the plain password is uh okay two so i key in the single a password guys then i take this this one later we will enhance guys yeah we don't have it this one our main goal is to validate whatever is here is a correct or not guy so okay let's see so this one is good indicator guys because we are already redirected to the dashboard there that means uh our password is a match with our record from our mysql user guys from this yabi user table so both match this uh password hash here and of course from the uh the user's plane password which is a single small letter a okay so this one is a good indicator guys so we have successfully validated our user's authentication okay with the very simple steps there and now of course a very very basic one um just to get the hash password there and then check it with this uh check password hash okay so that's all for today guys and that's all for today guys okay okay that's all for today guys and i hope you enjoy here in malikan's code uh regarding this login authentication we have successfully authenticated our users i'll compare it with our mysql record for each user and then of course uh from that input box there from the user's page there the login page which is which is the plain password so if this boot password that will be on this plain password will automatically convert into a hash password guys if this hash password is compare it with the stored password is match guys these are all done by the golang bq compare and hash password guys so these are all the default libraries there then it's um it's a good indicator that we we have successfully uh compared these both hash password guys that one is so simple and uh faster guys so we all the golang's inner um what i call this uh the what they call the internal process to authenticating this a hash password is uh very fast and more secure guys this is a one-way uh password hashing guys so no way we can decrypt the password with the original one okay so uh i hope you enjoy our uh tutura series here guys here in mulligan's code uh here in our uh we will enhance that uh login user's identification guys so no worries so we will uh enhance also the protected uh pages which is the dashboard or whatever the pages inside or whatever the protected page is there we will wrap it with the authenticated or whatever this function that it will wrap that that requires authentication there's a lot of things to do with this login process guys okay so just uh keep watching here in marlinkan's code then uh please support my guest code guys by subscribing to our channel to my channel and then uh please um stay active into my channel as well okay guys uh in our interesting part which is the uh shout out section for our americans code to honor our viewers here their names is there are two who recently commented on my previous video guys um these are uh uh what is um joey leo okay and the message or the comment will be flash in our screen guys and thank you um joey leo and then of course the karthik krishna thank you thank you also kartik for uh commenting a nice comment here in marling scout so both of you thank you so much for subscribing and thank you for um watching my video here here in my elections code thank you so much guys and for those of you who want to be shout out please comment down below so that i can i can honor your name and mention your name here in malikensk okay guys thank you so much for watching may god bless us all thank you and stay safe everyone [Music]

Info

Channel: Maharlikans Code

Views: 147

Rating: undefined out of 5

Keywords: Life As Software Developer, go, golang web development series 29, golang web development course, web development with go, golang tutorial, learn to create web applications using golang, building scalable web apps in golang, golang good for web development, golang http user authentication, golang http authentication, golang user registration, golang authentication microservice, golang session authentication, golang webassembly, golang mysql, golang mysql tutorial, golang sql

Id: XL4qK0A8SaU

Channel Id: undefined

Length: 31min 8sec (1868 seconds)

Published: Wed Jan 13 2021