Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:02,180 --> 00:00:03,790 So let's now get started 2 00:00:03,790 --> 00:00:07,670 with adding authentication to this demo application, 3 00:00:07,670 --> 00:00:10,410 which you found attached to the last lecture. 4 00:00:10,410 --> 00:00:14,580 And for this, I start here in my Firebase project, 5 00:00:14,580 --> 00:00:17,690 since we'll use Firebase as a dummy back end. 6 00:00:17,690 --> 00:00:21,660 And there, you need to go to this authentication part, 7 00:00:21,660 --> 00:00:26,040 because we will use this Firebase Auth REST API, 8 00:00:26,040 --> 00:00:28,410 which I showed you a couple of minutes ago. 9 00:00:28,410 --> 00:00:32,600 But in order to use it, and to send requests there, 10 00:00:32,600 --> 00:00:35,510 we need to unlock authentication 11 00:00:35,510 --> 00:00:38,750 in one of our Firebase projects. 12 00:00:38,750 --> 00:00:42,100 And that's why I switched to one of my projects here. 13 00:00:42,100 --> 00:00:44,330 And then here in authentication, 14 00:00:44,330 --> 00:00:46,310 we can click on Get Started 15 00:00:46,310 --> 00:00:49,800 to get started with setting up authentication. 16 00:00:49,800 --> 00:00:53,600 And then you should be redirected to this screen 17 00:00:53,600 --> 00:00:56,853 where you can choose a sign in method. 18 00:00:57,800 --> 00:01:02,160 Now it turns out that Firebase supports logging in 19 00:01:02,160 --> 00:01:06,400 with a broad variety of authentication services 20 00:01:06,400 --> 00:01:10,550 but here I wanna simulate that we have our own API 21 00:01:10,550 --> 00:01:12,640 with our own database, 22 00:01:12,640 --> 00:01:15,210 where we store our own users 23 00:01:15,210 --> 00:01:17,800 with email password combinations. 24 00:01:17,800 --> 00:01:22,800 And that's why we'll use this email password provider. 25 00:01:23,260 --> 00:01:26,930 If you wanna add sign in with Google or Facebook 26 00:01:26,930 --> 00:01:27,810 to your app, 27 00:01:27,810 --> 00:01:31,490 then you can look up the dedicated docs for that, 28 00:01:31,490 --> 00:01:36,490 or simply google for react Facebook authentication, 29 00:01:36,570 --> 00:01:40,140 to find dedicated instructions for that. 30 00:01:40,140 --> 00:01:44,350 Here, I wanna show you this generic authentication flow 31 00:01:44,350 --> 00:01:47,113 as you could have it with your own back end. 32 00:01:48,300 --> 00:01:50,640 Therefore, here, I'll choose email and password 33 00:01:50,640 --> 00:01:52,840 and click on added configuration, 34 00:01:52,840 --> 00:01:54,773 and then choose enable here. 35 00:01:55,680 --> 00:01:58,400 I don't enable the passwordless link, 36 00:01:58,400 --> 00:02:02,980 I just enable the email password authentication overall, 37 00:02:02,980 --> 00:02:04,453 and then click Save. 38 00:02:05,790 --> 00:02:07,460 Now once that is done, 39 00:02:07,460 --> 00:02:09,960 we can start signing up with users 40 00:02:09,960 --> 00:02:12,540 and start logging in with users. 41 00:02:12,540 --> 00:02:13,560 And for that, of course, 42 00:02:13,560 --> 00:02:17,930 I wanna use my application and there it is, login screen, 43 00:02:17,930 --> 00:02:19,730 which we can reach here. 44 00:02:19,730 --> 00:02:23,540 As a side note, throughout this course section, 45 00:02:23,540 --> 00:02:24,530 we will of course, 46 00:02:24,530 --> 00:02:27,000 make sure that this user interface 47 00:02:27,000 --> 00:02:31,010 also reflects whether we are logged in or not. 48 00:02:31,010 --> 00:02:32,497 So that for example, 49 00:02:32,497 --> 00:02:37,497 the logout button will only be shown if we are logged in. 50 00:02:37,690 --> 00:02:39,450 Currently, that's not happening. 51 00:02:39,450 --> 00:02:42,130 But we're going to add that functionality 52 00:02:42,130 --> 00:02:43,763 through out this section. 53 00:02:45,570 --> 00:02:46,670 Now, therefore, 54 00:02:46,670 --> 00:02:49,260 now we wanna make sure that we can actually 55 00:02:49,260 --> 00:02:52,000 create a new account and send a request 56 00:02:52,000 --> 00:02:54,070 to this REST API here, 57 00:02:54,070 --> 00:02:57,840 Firebase provides for our Firebase project, 58 00:02:57,840 --> 00:03:01,180 where we did now enable authentication. 59 00:03:01,180 --> 00:03:03,510 And for this, we need to go to our code 60 00:03:03,510 --> 00:03:06,250 and there are to the auth components folder 61 00:03:06,250 --> 00:03:08,370 and there to the auth form. 62 00:03:08,370 --> 00:03:12,080 There, I render this form which you see here. 63 00:03:12,080 --> 00:03:13,080 And here, in the end, 64 00:03:13,080 --> 00:03:17,100 we wanna react to the user clicking this Submit button, 65 00:03:17,100 --> 00:03:21,853 if we are in sign up mode to create a new account. 66 00:03:23,110 --> 00:03:24,400 And therefore, 67 00:03:24,400 --> 00:03:28,510 I actually wanna extract the entered values 68 00:03:28,510 --> 00:03:30,280 the user provided, 69 00:03:30,280 --> 00:03:34,257 then check whether I'm in log in or sign up mode, 70 00:03:34,257 --> 00:03:37,370 of course we can toggle between these modes here. 71 00:03:37,370 --> 00:03:39,140 And then if we are in signup mode, 72 00:03:39,140 --> 00:03:41,240 I wanna send the entered data 73 00:03:41,240 --> 00:03:46,113 to the appropriate API endpoint by the Firebase REST API. 74 00:03:47,150 --> 00:03:49,920 For this, we should first of all add a new function here 75 00:03:49,920 --> 00:03:52,240 in this off form component, 76 00:03:52,240 --> 00:03:56,090 which is the Submit handler function, 77 00:03:56,090 --> 00:03:59,940 which should be triggered when the user submits this form. 78 00:03:59,940 --> 00:04:02,003 No matter in which mode we are, 79 00:04:02,880 --> 00:04:05,390 there will get an event object, 80 00:04:05,390 --> 00:04:08,100 and we should call event prevent default 81 00:04:08,100 --> 00:04:10,180 to prevent that browser default 82 00:04:10,180 --> 00:04:12,380 of sending a request automatically, 83 00:04:12,380 --> 00:04:15,713 which we don't want here, we wanna send our own request. 84 00:04:16,930 --> 00:04:18,560 Now that we're doing this, 85 00:04:18,560 --> 00:04:21,190 I then wanna extract the entered data 86 00:04:21,190 --> 00:04:25,530 and you learned that here we got two main approaches, 87 00:04:25,530 --> 00:04:30,040 we can either log every keystroke with use state 88 00:04:30,040 --> 00:04:32,270 and then get the data from there. 89 00:04:32,270 --> 00:04:36,390 Or we use a refs and connect refs to these input elements 90 00:04:36,390 --> 00:04:39,640 to then get the entered data with help of that. 91 00:04:39,640 --> 00:04:42,040 And I'll use the latter approach but of course, 92 00:04:42,040 --> 00:04:44,360 you can use either of the two. 93 00:04:44,360 --> 00:04:46,720 I will use the use ref hook here 94 00:04:46,720 --> 00:04:50,260 to then create the email input ref here 95 00:04:50,260 --> 00:04:55,260 by calling use ref and to create the password input ref 96 00:04:55,280 --> 00:04:57,833 by calling use ref like this. 97 00:04:58,670 --> 00:05:03,280 And now we need to connect these refs to the JSX code. 98 00:05:03,280 --> 00:05:04,950 So here on this email input, 99 00:05:04,950 --> 00:05:07,360 I'll set the ref property, 100 00:05:07,360 --> 00:05:11,480 the ref attribute and point at the email input ref. 101 00:05:11,480 --> 00:05:13,010 And for the password, 102 00:05:13,010 --> 00:05:16,163 I'll do the same but point at the password, 103 00:05:17,090 --> 00:05:19,023 input ref, like this. 104 00:05:20,440 --> 00:05:21,990 Now the refs are connected. 105 00:05:21,990 --> 00:05:25,680 Now in submit handler, we can extract the entered data. 106 00:05:25,680 --> 00:05:27,480 So here we get the entered email 107 00:05:27,480 --> 00:05:31,973 by reaching out to the emailinputref.current.value. 108 00:05:33,100 --> 00:05:37,190 And we get the entered password 109 00:05:37,190 --> 00:05:41,133 by using the passwordinputref.current.value. 110 00:05:43,120 --> 00:05:46,780 Now we could add validation here, 111 00:05:46,780 --> 00:05:48,750 we could validate the user input 112 00:05:48,750 --> 00:05:50,750 and make sure that the entered email 113 00:05:50,750 --> 00:05:52,920 is a valid email address. 114 00:05:52,920 --> 00:05:54,860 And that the passwords, 115 00:05:54,860 --> 00:05:58,399 for example is at least seven characters long. 116 00:05:58,399 --> 00:06:01,450 But I'll skip this here since this is nothing new 117 00:06:01,450 --> 00:06:04,300 and has nothing to do with authentication 118 00:06:04,300 --> 00:06:06,430 or the Firebase back end. 119 00:06:06,430 --> 00:06:07,450 And instead, 120 00:06:07,450 --> 00:06:12,450 I wanna check if the mode is currently is log in. 121 00:06:13,180 --> 00:06:16,810 So this state if we are currently in login mode, 122 00:06:16,810 --> 00:06:19,210 in which case I wanna do something different 123 00:06:19,210 --> 00:06:22,120 than I wanna do if we are in sign up mode. 124 00:06:22,120 --> 00:06:24,870 So if we are not in log in mode. 125 00:06:24,870 --> 00:06:27,038 And I wanna focus on this else case for now, 126 00:06:27,038 --> 00:06:30,850 and send the request to the appropriate endpoint 127 00:06:30,850 --> 00:06:33,713 if we are not in log in mode. 128 00:06:34,630 --> 00:06:37,940 And now here the request which I wanna send 129 00:06:37,940 --> 00:06:41,370 is a request to this sign up with email 130 00:06:41,370 --> 00:06:43,410 and password API route, 131 00:06:43,410 --> 00:06:44,390 which we find here 132 00:06:44,390 --> 00:06:48,153 in the Firebase Auth Rest API documentation. 133 00:06:49,140 --> 00:06:52,080 Here, we learn that we can send a POST request 134 00:06:52,080 --> 00:06:56,120 to this URL with this data attached to it 135 00:06:56,120 --> 00:06:58,343 to create a new user. 136 00:06:59,790 --> 00:07:04,350 So, therefore, I'll grab that URL, go back to my code, 137 00:07:04,350 --> 00:07:08,270 and send that HTTP request with this fetch function, 138 00:07:08,270 --> 00:07:11,490 which we also used multiple times in this course. 139 00:07:11,490 --> 00:07:14,320 And of course, here, you can build your own hook, 140 00:07:14,320 --> 00:07:16,170 you can do whatever you wanna do, 141 00:07:16,170 --> 00:07:19,240 I really wanna focus on the authentication part. 142 00:07:19,240 --> 00:07:23,620 So I will just call fetch here directly in this component, 143 00:07:23,620 --> 00:07:26,230 without custom hooks, without Redux, 144 00:07:26,230 --> 00:07:27,823 without anything like that. 145 00:07:28,860 --> 00:07:30,860 Here, I just wanna send the request, 146 00:07:30,860 --> 00:07:34,003 and I want to send a request the this URL. 147 00:07:35,290 --> 00:07:39,500 Now in this URL, we got one special thing, 148 00:07:39,500 --> 00:07:42,530 this API key thing here. 149 00:07:42,530 --> 00:07:44,653 That is a part of this URL, 150 00:07:45,600 --> 00:07:50,300 which you should replace with your project specific API key, 151 00:07:50,300 --> 00:07:54,650 your Firebase project specific API key. 152 00:07:54,650 --> 00:07:57,830 Because this is a generic API endpoint. 153 00:07:57,830 --> 00:08:02,830 In order for Firebase to know to which Firebase project 154 00:08:03,350 --> 00:08:06,240 this belongs, and for which Firebase project 155 00:08:06,240 --> 00:08:08,390 you wanna create a new user, 156 00:08:08,390 --> 00:08:12,550 you need to add your Firebase project API key here. 157 00:08:12,550 --> 00:08:16,490 And you get that key in the Firebase project console 158 00:08:16,490 --> 00:08:18,950 by clicking on this gear icon, 159 00:08:18,950 --> 00:08:20,880 Project Settings. 160 00:08:20,880 --> 00:08:24,470 And then here, it's this web API key, 161 00:08:24,470 --> 00:08:25,920 which you find here. 162 00:08:25,920 --> 00:08:28,833 This key, that's what you need to grab here. 163 00:08:30,010 --> 00:08:32,090 So let's grab that key. 164 00:08:32,090 --> 00:08:36,743 And with that grabbed, we replace API key, 165 00:08:37,683 --> 00:08:41,383 including the square brackets here with that key, 166 00:08:42,419 --> 00:08:45,123 without a line break, like that. 167 00:08:46,080 --> 00:08:48,940 And of course, you need to bring your own API key here, 168 00:08:48,940 --> 00:08:52,283 mine won't work anymore when you're viewing this. 169 00:08:53,740 --> 00:08:55,720 So that's not sending such a request, 170 00:08:55,720 --> 00:08:59,380 but it's sending the wrong kind of request. 171 00:08:59,380 --> 00:09:01,970 If we have another look at the documentation, 172 00:09:01,970 --> 00:09:05,080 we learn that this should be a POST request 173 00:09:05,080 --> 00:09:08,010 with some JSON data attached. 174 00:09:08,010 --> 00:09:10,120 And at the moment, it's neither of that, 175 00:09:10,120 --> 00:09:11,900 we're not sending a POST request, 176 00:09:11,900 --> 00:09:13,823 and we're not attaching any data. 177 00:09:14,710 --> 00:09:17,690 Of course, we learned how we can change this in this course. 178 00:09:17,690 --> 00:09:22,130 We set this second argument on this fetch function 179 00:09:22,130 --> 00:09:25,590 and here we pass an object that describes 180 00:09:25,590 --> 00:09:29,150 and configures this request which we're sending. 181 00:09:29,150 --> 00:09:33,830 And we can, for example, override the default HTTP method. 182 00:09:33,830 --> 00:09:35,790 And instead of sending a get request, 183 00:09:35,790 --> 00:09:37,030 which is the default, 184 00:09:37,030 --> 00:09:39,073 we can now send a POST request. 185 00:09:40,900 --> 00:09:42,740 When sending a POST request, 186 00:09:42,740 --> 00:09:45,800 we should also set our body for this request. 187 00:09:45,800 --> 00:09:48,120 So the data which you wanna add. 188 00:09:48,120 --> 00:09:50,400 And that should be in JSON format here. 189 00:09:50,400 --> 00:09:53,000 That's what this endpoint once 190 00:09:53,000 --> 00:09:56,980 and then it wants an object with these three keys 191 00:09:56,980 --> 00:09:59,660 with these three properties. 192 00:09:59,660 --> 00:10:03,293 And we also see the types of values which are expected here. 193 00:10:04,940 --> 00:10:07,890 So here are I'll then called JSON stringify, 194 00:10:07,890 --> 00:10:11,850 to create some JSON data, and to JSON stringify, 195 00:10:11,850 --> 00:10:13,340 we can pass an object, 196 00:10:13,340 --> 00:10:16,003 which will then be converted to JSON. 197 00:10:16,850 --> 00:10:20,460 And there, we should set an email, a password, 198 00:10:20,460 --> 00:10:23,670 and a return secure token key. 199 00:10:23,670 --> 00:10:25,730 So we set email and that's, of course, 200 00:10:25,730 --> 00:10:27,660 our entered email here. 201 00:10:27,660 --> 00:10:31,250 We set password, and that's our entered password. 202 00:10:31,250 --> 00:10:34,450 And we set this return secure token key, 203 00:10:34,450 --> 00:10:36,713 which we can simply set to true here. 204 00:10:38,320 --> 00:10:40,330 Because this is a Boolean, 205 00:10:40,330 --> 00:10:42,523 and we see that it should always be true. 206 00:10:45,720 --> 00:10:48,110 So that's the data we wanna set. 207 00:10:48,110 --> 00:10:49,230 Last but not least, 208 00:10:49,230 --> 00:10:52,140 I'll add some headers to this outgoing request. 209 00:10:52,140 --> 00:10:53,020 And specifically, 210 00:10:53,020 --> 00:10:55,190 I'll add the content type header 211 00:10:55,190 --> 00:10:58,210 and set this to application JSON, 212 00:10:58,210 --> 00:11:01,820 to ensure that the Auth REST API 213 00:11:01,820 --> 00:11:05,670 knows that we got some JSON data coming in here. 214 00:11:05,670 --> 00:11:09,313 And this will now send such a sign up request. 215 00:11:10,280 --> 00:11:11,410 Now, that alone, of course, 216 00:11:11,410 --> 00:11:13,040 is not everything we wanna do. 217 00:11:13,040 --> 00:11:14,940 This will send the request, 218 00:11:14,940 --> 00:11:17,300 but we're not handling any errors 219 00:11:17,300 --> 00:11:21,600 and we are also not doing anything with the response. 220 00:11:21,600 --> 00:11:23,920 Now, as you learn fetch returns a promise 221 00:11:23,920 --> 00:11:27,150 and therefore, you can add catch here to handle errors, 222 00:11:27,150 --> 00:11:30,710 or then to handle regular responses. 223 00:11:30,710 --> 00:11:34,970 And here, I'll add res then, to handle the response. 224 00:11:34,970 --> 00:11:38,983 And I wanna check if the response is okay. 225 00:11:40,170 --> 00:11:41,003 In which case, 226 00:11:41,003 --> 00:11:44,590 we can do something with this success response. 227 00:11:44,590 --> 00:11:47,100 Or if it fails, 228 00:11:47,100 --> 00:11:50,573 in which case, we probably wanna froze some error. 229 00:11:51,450 --> 00:11:53,310 Now, if it does fail, 230 00:11:53,310 --> 00:11:56,130 it turns out that this response data, 231 00:11:56,130 --> 00:11:59,840 which we get back will hold some extra information. 232 00:11:59,840 --> 00:12:02,430 So we then might wanna look into the response data 233 00:12:02,430 --> 00:12:04,770 by calling response JSON. 234 00:12:04,770 --> 00:12:07,910 That's how we get that data that's coming back 235 00:12:07,910 --> 00:12:09,283 with the response. 236 00:12:10,270 --> 00:12:13,450 And response JSON also returns a promise. 237 00:12:13,450 --> 00:12:15,600 So we also might wanna call then here 238 00:12:15,600 --> 00:12:18,530 to get access to the actual response data. 239 00:12:18,530 --> 00:12:21,460 And then here, we could, for example, 240 00:12:21,460 --> 00:12:25,870 show an error modal or anything like that. 241 00:12:25,870 --> 00:12:29,417 Here I'll just keep it simple and console log that data 242 00:12:29,417 --> 00:12:30,343 for the moment. 243 00:12:31,460 --> 00:12:36,460 And I'll then return this new nested promise chain here. 244 00:12:36,880 --> 00:12:40,470 And you'll learn all about sending these HTTP requests, 245 00:12:40,470 --> 00:12:45,220 and also how you could use async await in the HTTP section. 246 00:12:45,220 --> 00:12:47,820 Here I'm using promises with then catch, 247 00:12:47,820 --> 00:12:50,783 but you can absolutely also use async await. 248 00:12:51,830 --> 00:12:54,120 This is also not the final state of this, 249 00:12:54,120 --> 00:12:56,253 it's just an intermediate state. 250 00:12:57,210 --> 00:12:59,410 With that code added, though, 251 00:12:59,410 --> 00:13:02,010 we should be able to send that request 252 00:13:02,010 --> 00:13:03,993 for creating a new user. 253 00:13:05,020 --> 00:13:07,080 Now for that to work, though, 254 00:13:07,080 --> 00:13:10,110 we of course need to connect the Submit handler. 255 00:13:10,110 --> 00:13:12,510 And there for now on that form, 256 00:13:12,510 --> 00:13:14,303 I'll add the on submit, 257 00:13:15,290 --> 00:13:18,703 prop here and point at the Submit handler. 258 00:13:19,780 --> 00:13:22,130 With that, if we save everything, 259 00:13:22,130 --> 00:13:25,500 we can go back to our page and on that login page, 260 00:13:25,500 --> 00:13:28,320 if we click on Create New Account, 261 00:13:28,320 --> 00:13:32,060 we should now be able to create a new user. 262 00:13:32,060 --> 00:13:34,490 For this, I'll enter a valid email address here. 263 00:13:34,490 --> 00:13:36,290 And then a password, 264 00:13:36,290 --> 00:13:39,560 which is only four characters long. 265 00:13:39,560 --> 00:13:41,770 If I now open the dev tools here, 266 00:13:41,770 --> 00:13:45,283 and I click Create Account, I get an error here, 267 00:13:47,099 --> 00:13:49,210 I get an error with some error details 268 00:13:49,210 --> 00:13:51,340 sent back by Firebase, 269 00:13:51,340 --> 00:13:55,540 where I then see that I get this weak password message 270 00:13:55,540 --> 00:13:59,370 that the password should be at least six characters long. 271 00:13:59,370 --> 00:14:01,960 That's simply a restriction 272 00:14:01,960 --> 00:14:06,960 or a security mechanism enforced by Firebase. 273 00:14:07,160 --> 00:14:09,960 And that's why I wanted to show this to you here. 274 00:14:09,960 --> 00:14:12,360 Now, of course, you might wanna show such an error 275 00:14:12,360 --> 00:14:13,420 to the user. 276 00:14:13,420 --> 00:14:14,930 And you can do that, 277 00:14:14,930 --> 00:14:16,970 we are getting that error message here. 278 00:14:16,970 --> 00:14:19,490 We're logging it to the console at the moment. 279 00:14:19,490 --> 00:14:21,720 That's where this log is coming from. 280 00:14:21,720 --> 00:14:22,553 And of course, 281 00:14:22,553 --> 00:14:25,900 nothing is stopping you from setting some state here 282 00:14:25,900 --> 00:14:27,410 with that message, 283 00:14:27,410 --> 00:14:29,500 which is part of this data object 284 00:14:29,500 --> 00:14:31,790 or with doing whatever you wanna do. 285 00:14:31,790 --> 00:14:34,386 You can show this error to the user. 286 00:14:34,386 --> 00:14:38,240 It's just not the focus of me here at this moment. 287 00:14:38,240 --> 00:14:40,940 Instead, now I wanna show you that it works 288 00:14:40,940 --> 00:14:43,750 if we enter a correct password. 289 00:14:43,750 --> 00:14:46,950 So if I make this password a bit longer, 290 00:14:46,950 --> 00:14:49,460 and I then click Create Account, 291 00:14:49,460 --> 00:14:51,870 we don't get any feedback here at the moment, 292 00:14:51,870 --> 00:14:54,790 because we haven't added any code for this yet. 293 00:14:54,790 --> 00:14:58,890 But if I go to this Firebase project 294 00:14:58,890 --> 00:15:01,040 to authentication there, 295 00:15:01,040 --> 00:15:04,640 you should now see this user under users, 296 00:15:04,640 --> 00:15:08,000 maybe click this reload icon here if you don't. 297 00:15:08,000 --> 00:15:09,540 And that's that user, 298 00:15:09,540 --> 00:15:13,490 which we just created with that email we just chose 299 00:15:13,490 --> 00:15:15,236 and some unique user ID, 300 00:15:15,236 --> 00:15:20,140 which was automatically generated by Firebase. 301 00:15:20,140 --> 00:15:24,260 So that shows us that creating a user does work. 302 00:15:24,260 --> 00:15:28,180 Now let's enhance this feedback which we show to the user 303 00:15:28,180 --> 00:15:30,513 before we then work on logging users in. 23647