1 00:00:00,000 --> 00:00:02,350 [No Audio] 2 00:00:02,350 --> 00:00:04,075 In the last video we started to think about how to 3 00:00:04,075 --> 00:00:06,733 code up the controller, and that was responsible for 4 00:00:06,733 --> 00:00:08,791 sending the user to a home page if the password was 5 00:00:08,791 --> 00:00:10,874 correct, or to a login page if the password wasn't 6 00:00:10,874 --> 00:00:13,244 correct. So that's what a controller did. 7 00:00:13,244 --> 00:00:15,980 However, it doesn't know itself, has no knowledge about 8 00:00:15,980 --> 00:00:18,226 anything to do with actually authenticating the user. 9 00:00:18,226 --> 00:00:20,434 In other words, the business of checking the password, 10 00:00:20,434 --> 00:00:22,916 checking if the user exists, looking the user up 11 00:00:22,916 --> 00:00:24,656 in a database, that kind of thing is not 12 00:00:24,656 --> 00:00:26,470 the responsibility of the LoginController. 13 00:00:26,470 --> 00:00:28,114 So what's going to happen is, and what normally 14 00:00:28,114 --> 00:00:30,404 happens is that a controller will delegate to 15 00:00:30,404 --> 00:00:32,753 a service in a different layer. 16 00:00:32,753 --> 00:00:34,753 So let's suppose we have, 17 00:00:34,753 --> 00:00:37,836 [No Audio] 18 00:00:37,836 --> 00:00:39,586 an AuthenticationService 19 00:00:39,586 --> 00:00:42,970 [No Audio] 20 00:00:42,970 --> 00:00:45,850 which LoginController is going to use. 21 00:00:45,850 --> 00:00:47,816 We just create this quickly 22 00:00:47,816 --> 00:00:50,974 [No Audio] 23 00:00:50,974 --> 00:00:53,016 in the same package. That's fine. 24 00:00:53,016 --> 00:00:54,836 Typically these have been different packages, but 25 00:00:54,836 --> 00:00:56,816 we don't worry about that for now. That's all fine. 26 00:00:56,816 --> 00:00:59,347 And then go back to our LoginController. 27 00:00:59,347 --> 00:01:01,988 So now we have an AuthenticationService which 28 00:01:01,988 --> 00:01:05,000 LoginController can use. So let's use it then. 29 00:01:05,000 --> 00:01:07,733 So we said before the if 30 00:01:07,733 --> 00:01:10,675 [No Audio] 31 00:01:10,675 --> 00:01:12,100 say authentication service 32 00:01:12,100 --> 00:01:14,183 [No Audio] 33 00:01:14,183 --> 00:01:18,458 which is authenticate username password. 34 00:01:18,458 --> 00:01:19,826 So supposing we have a method 35 00:01:19,826 --> 00:01:21,758 on AuthenticationService called authenticate. 36 00:01:21,758 --> 00:01:23,976 It takes username takes a password, and if the 37 00:01:23,976 --> 00:01:26,076 password matches for that user, after it's looked it 38 00:01:26,076 --> 00:01:28,692 up in some database, presumably then it returns true, 39 00:01:28,692 --> 00:01:30,050 otherwise it returns false. 40 00:01:30,050 --> 00:01:32,376 So return false in the case of the password is not 41 00:01:32,376 --> 00:01:34,974 the correct one or the user doesn't exist, for example. 42 00:01:34,974 --> 00:01:39,924 So we can do this, return the home page. 43 00:01:39,924 --> 00:01:43,590 Otherwise, if we're in the else block, 44 00:01:43,590 --> 00:01:46,273 then the call to authenticate returned false. 45 00:01:46,273 --> 00:01:49,884 So, we kick the user out and send 46 00:01:49,884 --> 00:01:51,660 the user back to the login page. 47 00:01:51,660 --> 00:01:54,010 [No Audio] 48 00:01:54,010 --> 00:01:56,090 Let's just quickly create this method 49 00:01:56,090 --> 00:02:00,770 [No Audio] 50 00:02:00,770 --> 00:02:02,200 for the sake of demonstration. 51 00:02:02,200 --> 00:02:04,066 Let's just hard quote a password 52 00:02:04,066 --> 00:02:06,733 [No Audio] 53 00:02:06,733 --> 00:02:07,850 abracadabra 54 00:02:07,850 --> 00:02:13,455 [No Audio] 55 00:02:13,455 --> 00:02:15,534 for now, so we won't bother about the username 56 00:02:15,534 --> 00:02:17,394 for now. We'll just basically check a password. 57 00:02:17,394 --> 00:02:19,264 So if the password is equal to the hard 58 00:02:19,264 --> 00:02:22,447 quoted password "abracadabra", then you can get him. 59 00:02:22,447 --> 00:02:24,950 [No Audio] 60 00:02:24,950 --> 00:02:27,226 Obviously this is not secure and you wouldn't 61 00:02:27,226 --> 00:02:28,556 do this in an application, but it's just 62 00:02:28,556 --> 00:02:30,605 for the purpose of a demonstration, of course. 63 00:02:30,605 --> 00:02:33,272 So the authentication service now will authenticate any 64 00:02:33,272 --> 00:02:36,160 user as long as they type in the password abracadabra. 65 00:02:36,160 --> 00:02:38,335 Also we can compact this as well. 66 00:02:38,335 --> 00:02:40,532 So if we just get rid of those 67 00:02:40,532 --> 00:02:44,000 comments there, we can basically turn this into 68 00:02:44,000 --> 00:02:46,294 a term reoperator, which would be nicer. 69 00:02:46,294 --> 00:02:49,427 So we can just return if 70 00:02:49,427 --> 00:02:52,587 [No Audio] 71 00:02:52,587 --> 00:02:53,620 if that's true. 72 00:02:53,620 --> 00:02:55,612 [No Audio] 73 00:02:55,612 --> 00:02:58,029 return home otherwise 74 00:02:58,029 --> 00:03:00,663 [No Audio] 75 00:03:00,663 --> 00:03:01,630 return login, 76 00:03:01,630 --> 00:03:03,658 [No Audio] 77 00:03:03,658 --> 00:03:04,792 just get rid of those. 78 00:03:04,792 --> 00:03:08,970 [No Audio] 79 00:03:08,970 --> 00:03:11,186 That's a little bit neater. So the LoginController 80 00:03:11,186 --> 00:03:12,971 has an AuthenticationService which is passed 81 00:03:12,971 --> 00:03:15,693 into it, and it delegates to this AuthenticationService 82 00:03:15,693 --> 00:03:17,604 to check the credentials passed in. 83 00:03:17,604 --> 00:03:19,137 In this case it's just a password. 84 00:03:19,137 --> 00:03:20,892 So now you should start to see, this 85 00:03:20,892 --> 00:03:22,758 layering that we've got in place, and the fact 86 00:03:22,758 --> 00:03:25,152 that different responsibilities belong to the different 87 00:03:25,152 --> 00:03:26,973 classes in the different layers. So 88 00:03:26,973 --> 00:03:28,596 we're going to explore this further in the next video. 89 00:03:28,596 --> 00:03:30,938 When we look at curling up the data layer. 90 00:03:30,938 --> 00:03:32,203 Let's see that now.