What are Cookies in NodeJS?
HTML-код
- Опубликовано: 5 фев 2025
- ► Master NodeJS Playlist: • Master NodeJS
In this tutorial video, you will see what are cookies in browsers and two main authentication patterns i.e via Cookies and Headers
► Complete Full Stack Web Developer RoadMap 2023: • Complete Full Stack We...
Node.js is a JavaScript runtime built on Chrome's V8 JavaScript engine. It allows developers to run JavaScript on the server side, creating server-side applications with JavaScript.
► My Website: www.piyushgarg...
My Gears
► My Girlfriend: amzn.to/3WD6FRp
► Apple MacBook Laptop: amzn.to/3WBJgQn
► Anker USB Hub: amzn.to/3GhZSr0
► Blue Yeti Microphone: amzn.to/3YKZ9FT
► External 27” Monitor: amzn.to/3Vp3xaO
► Logitech MK295 Wireless Keyboard and Mouse: amzn.to/3DuL1bB
► Seagate Expansion 1TB External HDD: amzn.to/3QMm5Q8
► Tripod: amzn.to/3S4OwK4
► Ring Light: amzn.to/3YLf8DR
Disclaimer: All the links above are affiliate links.
Social Links
► Twitter - / piyushgarg_dev
► LinkedIn - / piyushgarg195
Video Titles
What are Cookies in the Browser?
Cookies in Nodejs?
Authorization Headers
Cookie-based Authentication
Tags
#nodejs #authentication #javascript #expressjs #mongodb #mernstack #developer #api #https #server #javascriptinhindi #webdevelopment #webapp #realtimeapp #serverside #nonblockingio #tech
The thing I love about this playlist is using simple language, very easy to understand and please always give the scenario of how things work at enterprise level in your future video.😌
This tutorial of nodejs is more useful to any other paid tut .
Thank you so much sir such a amazing series ❤️ 🙌 👏
Excellent Videos Piyush... Explaining it in such a simple way.. makes it so easy
I thought the same even though I used to do the same in my MERN stack projects what shubham has asked
But Thanks Piyush for getting us more clear on it also I found that OAuth and NextAuth use the same technique while authenticating users on each request they utilize tokens stored in the cookies and get users' data from it!
Very very useful topic you have covered
No words, how you explain deep fully, at each word meaning fully explain😊 Thank you, Create An RUclips channel and share your knowledge📚
Bro you are explaining very deep things in practical superb bro 🎉🎉
Thanks sir taking my doubts..it's clear now
Bro just don’t stop posting videos u r just amazing tutor❤
literally no words for uh bro !...excellent explaination 😃😃
Got to know many things this video thank you for the lecture😇😇
Thank You Sir, It was one of the Best explanation of cookies on youtube.
Great work, it has compelled me to like and subscribe.
Thanks bhaiya for the video tutorials. 🥳🥳🔥🔥🤘🤘
You're welcome 😊
i can't set cookie by res.cookie
use cookie parser and if you work on react and node you need to use cors package
@@sawaregamer8815I am also not able to set cookies using react. I have used both cookie parser and cors package.
Use res.cookies
that was so useful and deep knowledge for newbie. awesome bro ❤.
Thanks for the video 🔥✨
My pleasure!
@priyam,
In Postman, we manually send the token via headers without using local storage or cookies. How can we receive this token in our backend middleware to authenticate the request?
The authorization header is not present by default in the POST request in postman and hence you can get the error: Cannot read properties of undefined (reading 'split') as there's no authorization header present, you have to set the header in the Headers tab manually as "Authorization" and set its value to null so that it can be used further in the middleware functions.
Thank you so much for sharing this. Very good explanation :)
but when i m sending the cookies to the browser is not storing that cookies after first referesh cookies is not presitent on that browser i m usiing vercel for both front or back domain
16:10 what are you trying to do 🤔
According to mdn
Fir domain value -
"Only the current domain can be set as the value, or a domain of a higher order"
"A cookie for a domain that does not include the server that set it should be rejected by the user agent."
If you encounter this error: Cannot read properties of undefined (reading 'split'), Follow the given steps:
1. first make changes only to handleLogin controller and send token as json instead of setting a cookie.
2. Now in postman, make POST req to /user/login and generate a token.
3. Now make change to our middleware functions i.e to checkAuth and restrictLogin middlewares.
4. And now finally make GET req to homepage and set the authorization header in postman.
Reason: If you make changes to the middlewares first and then try to generate the token it will result in error because we don't have authorization header during initial token generation and the checkAuth middleware is still executed. Hence generate the token first and then make necesarry changes in the middlewares.
Hope it helps!
still getting the same
@@Spotlight_Gaming same issues
Amazing explaination bro ❤👏🏻
21:06 but token match karne ke liye database access chahiye hoga na har bar request aane par!!..........to problem to same hi rahi jo aapne video ke starting me kaha tha
Sir i have a doubt because 11:04 you have directly providing user from jwt token but if the user is deleted from database but the user can still access logged in content.
getUser function doesnt "provide" user directly, it decodes the user data that was signed, i.e. id and email, adds it to req.user (code under restrictToLoggedInUser ) and finds that info from the database for each req, you can check the code at router.get('/'..) under staticRouter,
can you explain refresh token and access token?
From where you learn all this so well??
This is called pure hardworking, he go through all the documenation and dig the google very well.
That is the problem, everything is available for everyone but our lazy culture........!!
Thank You Piyush For this great video!!! ; )
Thank you for this tutorial - you have make an overview video about architecture of SSO (single sign on) authentication - if possible, can you make a full coding tutorial of SSO (basic only will do).
Good explanation👍
excellent explanation brother
22:28 -->changes happen
superb bhai...
you should set the headers in ejs files only ,whats the use of creating them if we have to use postman only
Agr hum Map or database ko combined use kry tu excess database request ka issue ni hoga, first time jab user login hoga tu map ma bhi or database ma bhi store hoga or getuser ma hum check laga day ka agr user exist krta ha map ma tu database sa query na kry or agr map sa ma ni ha tu database sa query kr kay usko map store krdy for further request verification
Thanks bro..excellent video .really helpful
Hi Piyush, maine ek website banai hai jiska server or client different domain pe hai but jab mai sever me cookies ke option me domain ko apne client ke domain pe set karta hu, tab bhi cookie send nahi ho rahi.
I've also used cors for cross platform sharing. kya browser ka kuch default behavior hota ki third party client par cookie send nahi karna?
meanwhile maine localstorage me token send kar diya, but mai cookies me token send karna chahta hu..
Bhai solution mila kya
@@JatinBedi69did you get any solution?
1. Aapke server ko CORS aur cookies ke sahi options enable karne padenge.
2.Agar aap React.js ya kisi aur frontend se API request bhej rahe hain, to fetch / axios me credentials: "include" add karein.
3.Kuch browsers (jaise Chrome) default third-party cookies block kar dete hain.
Chrome me cross-site cookies enable karne ke liye:
Settings → Privacy & Security → Cookies and site data → Allow third-party cookies
Agar Chrome me test kar rahe hain to Incognito Mode me test karein kyunki waha extensions aur settings interfere nahi karti.
Do anyone know why browser is not storing the cookie while it works fine with postman. ?
U got one subscriber ❤
Thank you so much ❤️
Really good video but It would be good if you compare localstorage vs cookies which is better, limitations like that.
But jwt be to scrent check krna ka liya br br new page reload phr datbase wala sa match krta ha?
2:00 what about storing user with their session id in redis instead of db
what is the difference? what does reddis do?
That is good way
Sir please tell us about new react JS series any idea when it's starting?
Too good brother
in browser based applications, in industry standard for authentication tokens are sent through cookies or response?
Even Google is using cookies and you still have doubt 😂
Thank you so much
Another potential concern might arise when dealing with stateful authentication in the context of load balancing.
bhaia do you have short notes of this lecture
sir in my code it is showing can't read the properties of undefined after i switched to response section after cookie section, i copied exactly your code but it is not working, if someone know please help
Bro you are great>>>
im facing problem regarding non existing authorization header in server side gives Cannot read properties of undefined (reading 'split'), though using res.set('Authorization', `Bearer ${token}`); inside handleUserLogin async function to set the valus, help me to debug it any one...
How can I get a token set in cookies in browser
Thank you so much bro
Sir I am sending cookie by res.cookie and 'm able to see that cookie in network but not in application-->Cookies
Did you find any solution for this problem?
@@DineshKumar-gt7xm did you?
@@BiGryuuu add with credentials: true in your frontend code and in backend use cors ( app.use(cors({
origin : '*',
credentials: true,
}))
I think this might work for you
kaise ho pankaj sir ham bhi yhi se padh rhe😁
I didn't get authorization in req.headers, where am I wrong?
but first time in mobile device we have to login how can we send token in request in first time does it not required?
First time we need to login, after successful login server provide us token and subsequent we use provided token by server to communicate server
Bhaiya please make a video on cross site in which authorization header is sent to the backend my malicious website and produce hacking in the backend :)
I am not getting authorization in the headers. Why?
how we can take user information from tokens Piyush Garg
how to get this code
Adhyapak Diwas ki Shubhkamnaein! 🙏😇
Thank you so much 😄
if one user logs in, but second user comes and copy your Authorization Bearer token or Cookie..... and that 2nd person then requests in the backend from his own laptop via the copied token/cookie. In this case, how to make it more secure ???? Can you please walk through this scenario ?
He has said in his video that do not pass exact jwt token in cookie. Encrypt the token before passing it to the cookie
In last, we use header base authentication, Will it work for browser?
Because, it is not working for browser in my case.
Same.
I am looking for the content on CSRF and CSP Headers in JAVA Filter. If you could provid it that would be really helpful.
Hi.. Need your help.. My req.headers does not contain authorization property
Bro! You have to set your headers on your own
like this that contain Authorization property here is the example!
const headers = {
'Authorization':'Bearer ',
'Content-Type:'application/json', // just an example property you can add more property as you want!
}
now you can pass this header with your fetching methods like fetch or Axios
Hope you get it
well if you're using postman then you've to set the bearer token by going in headers
What is the need to send bearer, as it is getting split
It's a way in which bearer token is designed
@@pratyushpragyey7002 is it just to make code readable or it is compulsory
@@ArpitJain-kc7bl you don't have a choice to include it or not it's just how it's written whenever you'll pass the token in headers it will always be attached with word bearer
@@pratyushpragyey7002 Okay brother thanks for clearing it
Tenks😊 gruudev
why it showing this?
C:\Users\toshiba\Desktop\codes
ode js\URL shortcut project\index.js:50
res.redirect(entry.redirectURL)
^
TypeError: Cannot read properties of null (reading 'redirectURL')
at C:\Users\toshiba\Desktop\codes
ode js\URL shortcut project\index.js:50:21
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
Node.js v21.7.3
[nodemon] app crashed - waiting for file changes before starting...
Are you checking whether entry is null or not
19:35 reponse
Thanks
what are http only cookie ?
still I got One error TypeError: Cannot read properties of undefined (reading 'split') if Anyone have solution for this...
getting same error. were you able to find the solution?
@@prateek_saxena2107 Not yet...
because you've to set authorization property if you're using postman by setting bearer token
Very useful video Piyush, but it could be helpul if you are teaching in English
ye Manish Paul bhai hai kya ??
excellent
this authorization thing got me confused like cookies, tokens, headers and all.
Thank's man
please share the code
Bhaiya ji esse he videos aati rehye gii ?
haa
bhai mene "split" ki jaga "spilt" likh diya aur uss error ko dund ne ke chakkar me mujhe 1/2 ghand lag gaya🥲🥲
Thanks for the video sir
bade bahiya m soch kyo nahi pa rha hun😟
done
Pls provide the source code always
ddd
@piyushgarg sir