3.3 Installing Middleware
There are several pieces of middleware that our application will need for parsing request bodies, cookies, and sessions. We'll set those up in this lesson.
1.Getting Started2 lessons, 03:51
2.Project Setup3 lessons, 20:58
3.Server-Side Code6 lessons, 53:00
4.The Client Side16 lessons, 2:43:53
5.Conclusion1 lesson, 00:29
3.3 Installing Middleware
In this lesson we're going to set up the middleware that our web application needs to manage users as they log in and out of our web application. So there are three different packages that we are going to need to install here. The first one is express session. And we'll install version 1 of that, and of course don't forget to save it, to the package.json file. This piece of middleware will just give our express application sessions, so that the user can stay logged in over multiple requests. We're also going to need the cookie parser middleware. So that is cookie-parser, and again version 1. This will allow our web application to read the cookies that the requests have as they come into our server. Now, we don't just need to read cookies as they come in on request. We also need to read the bodies of those requests, both for our user login system and also later on, for our API. So let's also install the body-parser middleware and again we'll install version 1 of that. So with those installed let's move back to our log in.js file and in here, let's move down to the bottom of the file. We can begin to apply some of these pieces of middleware to our express application. Now, you might say, well our express application is in server.js, isn't it? And that's true. But with recent versions of express, specifically express version 4, we can actually create a set of routes separately from express. And then hand it to express, and it will apply those routes to whatever application we hand it to. So, let me show you what I mean by this. We can create a router. So I'll create a router variable, and let's require express, and we'll just call ('express').Router, with a capital R. We'll just call that function, and now what we have here is a router to which we can apply any routes that we want. So we can use the use method, or we can use get, post, put, delete, any of those HTTP verb methods that you can use on an express application, you can use on an individual router instance. So, let's go ahead and use some of these pieces of middleware. We said that we want the body parser, right. So, let's grab that body parser by doing require('body-parser'. And then I can say router.use, and we can use bodyParser.urlencoded, and we have to pass that extended as true as one of our options. So, what this will do is, it will parse any URL encoded HGDP bodies that are coming into our application through requests. This is going to be used on the login page. So let me just put a comment there on the login page. We're going to have your traditional web application form where the user will put in their username and password. And then click log in and those values will be sent back here to our express application. And this piece of middleware right here will see that we have a URL encoded body on that post request and it will go ahead and parse that into an object for us. And that's actually where this user name and password values that we passed to our local strategy, are going to come from. Now we don't just have URL encoded bodies that we need, we also when we start using our API are going to have JSON bodies. So let's go ahead and include bodyParser.json. And we don't need to pass it any options. And this is for the API, because eventually we're going to be chirping from our web application. And when we actually do a chirp that chirp will be sent as JSON back to the server in a request body. And so we need some middleware to parse that text and convert it into an object so that we can use it here in our application. Now we also need to be able to parse cookies, so let's do router.use and right in line here, I can require the cookie parser middleware. And that actually returns a function that we need to call, so make sure that you have those set of parenthesis calling the cookie parser function that is returned right here. And then the last one we need is the express session package. So we'll do this in a similar way. Let's require express-session and we will have to call that as a function, too. However it takes an object with a couple of options inside of it. The first one is a secret which it will use to authorize or authenticate our sessions. And let's just throw some random values in there, and then we're going to set resave equal to false and save uninitialized to true. And with those options in place we're now using all three of the middleware packages that we just installed. However, that's not all the middleware we need because currently our express application doesn't know anything about our passport configuration, right. So now passport has its own middleware that we need to apply to our express middleware stack here. So let's do router.use and we start with passport.initialize and that's a function that we call. And then one more piece of middleware, passport.session. And that will set up the passport session, which, of course, will be using the express session package. All right, so that is all of the middleware that our application is going to need. Now eventually we're going to be requiring this login.js file from our server.js file. And that is how all this code that we've been writing will be applied to our actual application. And we'll be getting to that very soon in the next couple of lessons.