Hi, First, this is a very good introduction tutorial to NestJS. One thing to highlight is that there is nothing to prevent `updateRoleOfUser` to update the entire user entity. Maybe this will be cover in the future videos, but for now looks like a duplication of `updateOne` action method.
i m happy that i found this channel, currently working on an angular/nestjs project so i think this serie of videos will be very helpfull, i'll watch them and give you my feedback, as well as if i have any question, i'll let you know, many thanks
the circular reference is actually quite easy to avoid, you don't need the entire user service in the roles guard, only the database. so instead of injecting the entire user service, use the @InjectRepository and inject just the typeorm repo then you can still do the database lookup and avoid the circular reference because all your doing is a simple lookup by id which can easily be done in the roles guard with a simple this.userRepo.findOne call. I just did it that way myself and it works perfectly and I didn't need any forwardRef and I completely avoided the circular reference issue (which really SHOULD be avoided) :)
I am actually thinking about implementing it as middleware. Cause then we are not acessing the "user" table from two modules. I will make a video for it. Will be published at first week in december
Hello Thomas, Thanks a lot for this tutorial, this one helped me a lot, I was looking for Role based custom guards not only just an Auth Guard, and you are an amazing teacher :-) . Waiting for your Microservices series.
@@TommiCodes not everyone has multiple monitors and use their phone to play the videos while doing it on the desktop. its a royal pain (especially when people go too fast) to swap between RUclips/editor/console, etc when you only have 1 monitor/screen (I have 6 now so its not an issue but I started out with only 1 ) :)
thanks for this video, helped me a lot, even though its a little different maybe because a year has been pass..(or I just dumb haha), but I got the basic idea how it's work..
I have a problem in this section. I don't know if I made a mistake or maybe something is updated since the video was published! (Sorry, I am new to Angular and nestjs)
Hi, i am looking at the nestjs doc about the validation , in nestjs doc the validation is using class-validator, do we need to change our interface to be DTO if would like to use class-validator ?
Hi Antoni :) With a DTO (Domain Transfer Object), including class-validator, we can for example validate an incoming Request, or better the Data from the incoming request. But as described here stackoverflow.com/questions/53531488/nestjs-why-do-we-need-dtos-and-interfaces-both-in-nestjs It normally is more needed in bigger applications. You can also see in the official examples, that they are using interface and dtos. For example, here they are using Interfaces github.com/nestjs/nest/tree/master/sample/01-cats-app/src/cats/interfaces Either way, I added it to my list, I will make a video about dtos, after i implemented the blog feature in the nestjs backend, from this playlist. Maybe i will build for the blog feature module, not just the interfaces, but also with the dto, so you can see :) Btw, thanks for your question :)
Thomas_Kilb Hi, when building an apps, the most difficult part is the "state management" (cmiiw), my point is when we have to consider to combine rxjs with another state management library ? or rxjs already good enough even we are building a complex app ?
@@antonian6577 Hi, i think you are mixing some things a bit up here :) RXJS is not for state management, but for handling async work, for example the communication between client and server. In our nestjs backend we are already persisting the data with typeorm in our database (in this playlist here, in a postgres database). State management is more used on the frontend, for angular you can use ngrx (i will handle and talk about this in later videos), and is being used, to have a "single source of truth" and to store some data in the client and to synchronize the complete frontend state. So for example, if you upload a new profile image in one component, you also want your profile image (in the navbar), to change immediately. This could be done with writing the new link of the user profile in the ngrx store, and then ngrx will also handle the rest call to the backend. You can read more about actions, reducers, selectors, effects, ... and more here ngrx.io/docs Thanks for the question :)
I am sorry If I have missed something in the video, but how do you manage refreshing access tokens? I do not suppose you expect users to login every minute, right? (I noticed "ignore token expiration" is explicitly set to false)
Hi Adam, thanks for the question. You didn't miss anything. This is not included atm in this tutorial. I am planning to implement this in my next series, which is going a bit more into the details. - Here the token has a expiration time of 10.000 seconds. But you could also make it more. Or you can implement the refreshing, if there any questions, just ask, i will answer within time.
@@paingsoe9392 Image upload is on my list for July. It will cover saving it to the file system and to an aws s3 bucket. It will be needed, as soon as i implement the blog feature :) This will also start with the videos in July. ---- Microservice will come, when the blog series is finished.
In roles.guard.ts line 29-36, why didn’t you just return roles.indexof(user.role) > 1? The extra code doesn’t seem to add much but adds a lot of visual noise and makes it harder to understand
Hi, can you please upload your repo somewhere and link it, or give me a bit more context. :) Then I can have a look in it. Some questions you can already check: - Are you attaching the user correctly? - Is the user in the database, so you can find him? - Are you extracting the request/context correctly?
Do you have your own blog write about whole this nestjs tutorial. I want to read to undersatand more than what you are saying in this video.Because I don't hear English well.
![NestJs - Guards & Authentication & Authorization [08]](/img/1.gif)
Thomas!! Your Nestjs tutorial is way better than the other udemy videos. Thank you from South Korea.
Video is processing for 4k right now, should be done in the next few hours
This part of the tutorial was complicated.
Thank you Professor Thomas!
Thank you for watching!
Hi, First, this is a very good introduction tutorial to NestJS.
One thing to highlight is that there is nothing to prevent `updateRoleOfUser` to update the entire user entity. Maybe this will be cover in the future videos, but for now looks like a duplication of `updateOne` action method.
i m happy that i found this channel, currently working on an angular/nestjs project so i think this serie of videos will be very helpfull, i'll watch them and give you my feedback, as well as if i have any question, i'll let you know, many thanks
Thanks! Have fun with nest and angular
the circular reference is actually quite easy to avoid, you don't need the entire user service in the roles guard, only the database. so instead of injecting the entire user service, use the @InjectRepository and inject just the typeorm repo then you can still do the database lookup and avoid the circular reference because all your doing is a simple lookup by id which can easily be done in the roles guard with a simple this.userRepo.findOne call. I just did it that way myself and it works perfectly and I didn't need any forwardRef and I completely avoided the circular reference issue (which really SHOULD be avoided) :)
Hi, yeah, should def be avoided.
One of my next videos will fix this :)
I am actually thinking about implementing it as middleware.
Cause then we are not acessing the "user" table from two modules.
I will make a video for it. Will be published at first week in december
Hello Thomas, Thanks a lot for this tutorial, this one helped me a lot, I was looking for Role based custom guards not only just an Auth Guard, and you are an amazing teacher :-) . Waiting for your Microservices series.
Thanks. It will be coming, when this series finds an end :) Will probably take some more weeks
Please consider zooming in a little be so that mobile users can also see the code effortlessly
I can try it for the next videos. But i generally think, that coding videos should be watched on desktop. :)
I can change the config of vsc to make the code a little bit bigger
@@TommiCodes not everyone has multiple monitors and use their phone to play the videos while doing it on the desktop. its a royal pain (especially when people go too fast) to swap between RUclips/editor/console, etc when you only have 1 monitor/screen (I have 6 now so its not an issue but I started out with only 1 )
:)
@@problemchild959 Ah thanks, didn't really thought about that.
I adjusted the zoom for the next videos
When you fixed the last error and finally it ran properly, I did the same but this error appeared at the end!
thanks for this video, helped me a lot, even though its a little different maybe because a year has been pass..(or I just dumb haha), but I got the basic idea how it's work..
Should still work the same way.
I have a problem in this section. I don't know if I made a mistake or maybe something is updated since the video was published! (Sorry, I am new to Angular and nestjs)
Hi, i am looking at the nestjs doc about the validation , in nestjs doc the validation is using class-validator, do we need to change our interface to be DTO if would like to use class-validator ?
Hi Antoni :)
With a DTO (Domain Transfer Object), including class-validator, we can for example validate an incoming Request, or better the Data from the incoming request. But as described here stackoverflow.com/questions/53531488/nestjs-why-do-we-need-dtos-and-interfaces-both-in-nestjs
It normally is more needed in bigger applications.
You can also see in the official examples, that they are using interface and dtos. For example, here they are using Interfaces github.com/nestjs/nest/tree/master/sample/01-cats-app/src/cats/interfaces
Either way, I added it to my list, I will make a video about dtos, after i implemented the blog feature in the nestjs backend, from this playlist. Maybe i will build for the blog feature module, not just the interfaces, but also with the dto, so you can see :)
Btw, thanks for your question :)
Thomas_Kilb thanks for the detail answer, and yes looking forward for the example of implementing about interface together with dto. thank you
Thomas_Kilb Hi, when building an apps, the most difficult part is the "state management" (cmiiw), my point is when we have to consider to combine rxjs with another state management library ? or rxjs already good enough even we are building a complex app ?
@@antonian6577 Hi, i think you are mixing some things a bit up here :)
RXJS is not for state management, but for handling async work, for example the communication between client and server. In our nestjs backend we are already persisting the data with typeorm in our database (in this playlist here, in a postgres database).
State management is more used on the frontend, for angular you can use ngrx (i will handle and talk about this in later videos), and is being used, to have a "single source of truth" and to store some data in the client and to synchronize the complete frontend state. So for example, if you upload a new profile image in one component, you also want your profile image (in the navbar), to change immediately.
This could be done with writing the new link of the user profile in the ngrx store, and then ngrx will also handle the rest call to the backend.
You can read more about actions, reducers, selectors, effects, ... and more here ngrx.io/docs
Thanks for the question :)
I am sorry If I have missed something in the video, but how do you manage refreshing access tokens? I do not suppose you expect users to login every minute, right?
(I noticed "ignore token expiration" is explicitly set to false)
Hi Adam, thanks for the question. You didn't miss anything. This is not included atm in this tutorial. I am planning to implement this in my next series, which is going a bit more into the details.
- Here the token has a expiration time of 10.000 seconds. But you could also make it more. Or you can implement the refreshing, if there any questions, just ask, i will answer within time.
Really love Nest JS tutorial using observables pattern. Hope to create advance concept using nest js.
Do you have any wishes for a topic that i should cover?
@@TommiCodes image upload and hope to cover micro service as comment.
@@paingsoe9392 Image upload is on my list for July. It will cover saving it to the file system and to an aws s3 bucket.
It will be needed, as soon as i implement the blog feature :)
This will also start with the videos in July.
---- Microservice will come, when the blog series is finished.
@@paingsoe9392 Image Upload (Profile Image) is terminated for the 09 of July. So next week thursday :)
FR
T
@@TommiCodes Code First graphql
Awesome! Thanks! is it possible to implement role guard at controller level instead of method level? Greetings from Mexico!
you can add @UseGuards right after @Controller and then use @Roles on the route handler.
which shortcut/plugin are you using for auto import in vscode? btw thank you for awesome videos.
ALT + ENTER
In roles.guard.ts line 29-36, why didn’t you just return roles.indexof(user.role) > 1? The extra code doesn’t seem to add much but adds a lot of visual noise and makes it harder to understand
Hi, yeah that would be possible.
I will change this in the Next Series. There is another one coming, where I refactor and enhance this blog project.
Thomas Oliver this is a great series so far. Looking forward to the rest and next. Have you done anything with NX monorepos?
@@simon_smale Actually yes :) Have done something there on the last weekends. But atm i have no recorded videos for this. I will put it on my list :)
now I get this error on every request:
{
"statusCode": 404,
"message": "Cannot POST /users/login",
"error": "Not Found"
}
user object is empty while console logging at 26:23.Can you please help me with that?
Hi, can you please upload your repo somewhere and link it, or give me a bit more context. :)
Then I can have a look in it.
Some questions you can already check:
- Are you attaching the user correctly?
- Is the user in the database, so you can find him?
- Are you extracting the request/context correctly?
hi vivek , was this problem solved?
Thank you. It is great.
Do you have your own blog write about whole this nestjs tutorial. I want to read to undersatand more than what you are saying in this video.Because I don't hear English well.
At the moment not.
But actually, i am planning to deploy the whole project when it's finished and then maybe start blogging with it.
If you have questions to anything, just write it here in the comments, i try to answer everything
Thank youuu
Thanks! Welcome
cats