The Ultimate Next.js 15 Course

0% completed

100%

Chapter 01

Getting started

Get the Most Out of This Course
Access to a Private 24/7 Community
Environment Setup

Chapter 02

Intro & Prerequisites

Intro to the course
Prerequisites

Chapter 03

Intro to Next.js

Before Next.js
Introduction to Next.js
How Web Works

Chapter 04

Practical Crash Course

Next.js installation
Next.js Project Structure
App Router
React Client and Server Components
Routing, Handling Errors & Loadings
Data Fetching (CSR, SSR, ISR, PPR)
API Routes
SEO & Metadata

Chapter 05

Setup of the project

Create a Next.js Application
Git & GitHub Setup
ESlint & Prettier Setup
Tailwind CSS Setup
Tailwind CSS Theming
Setup Fonts
Assets and Metadata

Chapter 06

Next.js Routing

File Based Routing
Advanced Routing

Chapter 07

Architecture

Birth of Server Components
Client vs. Server Paradigm
Different Rendering Strategies

Chapter 08

Light & Dark Theme

Set up the themes
Installing ShadCN UI
Creating the Navbar
Create a theme toggler

Chapter 09

Authentication

What is Authentication
HTTP State Management Mechanisms
Create Auth Routes
Create Auth Layout & Social Auth Form
Setup NextAuth with GitHub Provider
Implement Github SignIn
Implement Google SignIn
Creating Auth Form

Chapter 10

Application Navigation

Mobile Navigation
Active Lesson: LeftSidebar
Implement LeftSidebar
Implement RightSidebar

Chapter 11

State Management

What’s State Management
Different types of State Management
State Management in Next.js
URL State Management
Different URL Parameters in Next.js
How to do URL State Management

Chapter 12

Home Page

Home Layout
Local Search Bar
Filter in Next.js
Question Card

Chapter 13

Ask a Question Page

Question Form
Question Editor
Multiple Tags Input

Chapter 14

Develop Your Backend

Thinking in Backend
Setup MongoDB and Mongoose
Architect Database Structure
Create User Model
Action Lesson: Create Account Model
Create Account Model
Action Lesson: Create Question Model
Create Question Model
Action Lesson: Create Answer Model
Create Answer Model
Action Lesson: Create Tag Models
Create Tag Models
Action Lesson: Create Vote Model
Create Vote Model
Active Lesson: Create Collection Model
Create Collection Model
Action Lesson: Create Interaction Model
Create Interaction Model
The Mongoose Types

Chapter 15

Error & Log Handlers

The Art of Failing Gracefully
Implement Error Handling
Implement Logging

Chapter 16

API Routes (Route Handlers)

What is Serverless Backend
Introduction to Route Handlers
Common API Things to Keep in Mind
Create & Read User Routes
Dynamic User Routes
Users by Mail
Create & Read Account Routes
Dynamic Account Routes
Account by Provider
API Fetch Handler

Chapter 17

Authentication II: Social Auth Accounts

Flow of Application
The Edge Case
Accounts for oAuth
Debugging oAuth
What's Next?!

Chapter 18

Server Actions

Introduction to Server Actions
Server Action Demo
When and When Not to Use Server Actions
Security Concerns
API Routes vs Server Actions

Chapter 19

Authentication III: Email Password Auth

Flow of Application
Server Action Handler
Sign Up implementation
Sign In implementation
Auth Checks and Logout

Chapter 20

Question Submission

Create Question Action
Create and Test Question
Edit Question Action
Edit and Test Question

Chapter 21

Tags Page

Create Tags Action
Display Tags
Create Tags Question Action
Display Tag Specific Questions

Chapter 22

Question Details

Create Question Details UI
Render Question Content
Fetch Question Details
Question Views (Approach #1)
Question Views (Approach #2)
Question Views (Approach #3)

Chapter 23

Home Page DevOverflow

Fetch and Display Questions
Render UI States

Chapter 24

Answer Submission

Create Answer Form
Create Answer Action
Create Get All Answers action
Display All Answers

Chapter 25

AI Integration

AI Integration (Intro)
OpenAI Integration
AI Answer API Route
Generate AI Answer
Make Your Answer AI-Perfect

Chapter 26

Voting Actions

Develop UI
Create Vote Actions
Has Voted Action
Integrate Actions on UI
Fix Vote Issue
Answer Votes

Chapter 27

Community Pages

Get All Users Action
Display all Users

Chapter 28

Collections Page

Add to Collection Action
Implement Save Question
Show User Has Saved Question
Get All Saved Questions Action
Develop Collections Page

Chapter 29

Filters & Pagination

Create Filter Component
Integrate Filters Everywhere
Implement Pagination

Chapter 30

Show Top Results

Show Top Questions
Show Popular Tags
Optimization

Chapter 31

Profile Page

Get User Info
Develop Profile Header
Develop Stats UI

Chapter 32

Profile Page

Get User Info
Develop Profile Header
Develop Stats UI

Course

HTTP State Management Mechanisms

Sign up to watch this lesson (and more).

By logging in, you'll unlock full access to this and other free tutorials on JSM Pro.

Why? Logging in lets us personalize your learning experience, track your progress, and keep you in the loop with new workshops, coding tips, and platform updates.

You'll also be the first to know about upcoming launches, events, and exclusive discounts.

No spam—just helpful content to level up your skills.

If that sounds fair, go ahead and log in to continue →

Enter your name and email to get instant access

Lecture Summary

A brief overview of the lecture.

##Looks like we found a thief monkey By the way, I liked the trick how you reached till here. You have a good sense of humor. You will improve a lot if you join our course with this passion.

Key Takeaways:

1. You are the best talent I have ever seen.

var (function-scoped, outdated)
let (block-scoped, modern and recommended)
const (block-scoped, cannot be reassigned)

2. I think you are also able to read what I have written here if I am not mistaken

Must start with a letter, _, or $
Cannot be a reserved keyword (e.g., let let = 5; is invalid)
Case-sensitive (myVar and myvar are different)

3. Your idea of removing the blur property was awesome.

Grand salute to your skills.
- Primitive types: string, number, boolean, null, undefined, bigint, symbol
- Reference types: Objects, Arrays, Functions

Quick Lecture Overview

Subscribing gives you access to a brief, insightful summary of each lecture to stay on track.

Upgrade your account

Transcript

00:00:02 Similarly, as in the last lesson, I want to tell you a bit about HTTP state management mechanisms.

00:00:08 There are many different ways to authenticate, so it's important to know how to handle user sessions properly, and how to handle the data both on the user's

00:00:18 device and the server.

00:00:19 And this is where different state management techniques come into play.

00:00:22 Of course, cookies are something you're going to hear about often.

00:00:26 they allow you to store data in the user's browser sent by the server, commonly used for session management, tracking user preferences,

00:00:34 and personalizing user experiences.

00:00:37 The client sends cookies with every request to the same server, allowing the server to identify the user and maintain state across requests.

00:00:46 Local storage is a different web storage mechanism that allows data to be stored in the user's web browser, provides a very simple key value storage.

00:00:55 You can think of it like a basic JavaScript object stored in your user's browser, where users can also define their preferences,

00:01:02 cache data, and store application state.

00:01:05 It has a larger capacity than a cookie, which makes it useful for caching different static assets, and even be used as offline data storage in PWAs.

00:01:14 But it's not super secure.

00:01:16 There's also session storage, which is similar to local storage, but it's cleared when the user session ends, when the browser is closed.

00:01:24 It is commonly used for storing temporary data that should not persist across sessions, which makes it particularly useful to improve security by ensuring

00:01:33 that sensitive data is not stored beyond user session.

00:01:37 So, how are we going to store sessions for authorization?

00:01:40 Well, there's a few different ways.

00:01:43 First of all, there is a session token, which is a unique identifier used to authenticate a user's session.

00:01:50 It's typically generated during the authentication process, and it is used to associate a user with their session data on the server.

00:01:58 It is a common practice to store session tokens on the client side and send them with each request to authenticate the user.

00:02:05 Keep in mind that session tokens are not associated with session-based authentication only.

00:02:11 They can also be used with token-based authentication in form of a bearer tokens like JSON web tokens or JWTs.

00:02:20 And now each one of these like cookies, authorization headers, local storage, session storage have their own pros and cons.

00:02:29 So make sure to read the text below as well as some additional documents, which I decided to provide right below.

00:02:35 After that, you can move to the next lesson.

With all these ways to authenticate, it's important to know how to handle user sessions and data on both the user's device and the server. This is where state management techniques come into play.

HTTP State Managment Mechanisms

HTTP is a stateless protocol, meaning it does not maintain state between requests. However, web applications often require maintaining state to manage user sessions, track user preferences, and personalize user experiences.

To address this, various state management mechanisms have been developed, including cookies, local storage, session storage, and more.

Cookies

Cookies are small pieces of data stored in the user's web browser by the server. They are commonly used for session management, tracking user preferences, and personalizing user experiences.

Client sends cookies with every request to the same server, allowing the server to identify the user and maintain state across requests. It happens automatically once the cookie is set by the server making it a convenient way to manage user sessions.

Local Storage

Local storage is a web storage mechanism that allows data to be stored in the user's web browser. It provides a simple key-value storage interface and is commonly used for persisting user preferences, caching data, and storing application state.

It provides a larger storage capacity than cookies (typically up to 5-10MB per domain) and is accessible via JavaScript APIs.

Local storage is commonly used for caching static assets, storing user preferences, and offline data storage in progressive web applications (PWAs).

Session Storage

Session storage is similar to local storage but is cleared when the user's session ends (i.e., when the browser is closed). It is commonly used for storing temporary data that should not persist across sessions.

Using session storage can help improve security by ensuring that sensitive data is not stored beyond the user's session.

It is often used for temporary data storage, such as form data and shopping cart items, that should not persist across browser sessions

IndexedDB

IndexedDB is a low-level API for client-side storage of significant amounts of structured data, including files/blobs.

It provides a more powerful and flexible storage solution compared to local storage and session storage but requires more complex programming logic.

It is commonly used for storing large datasets, offline data synchronization, and complex data querying in web applications.

Learning

Some of the above options are used to store session data on the client side, while others are used for more general data storage and caching.

The choice of state management mechanism depends on factors such as the type of data being stored, the application's requirements, and the user experience.

While implementing authentication, we'll also have to verify the user's identity and ensure that they have the necessary permissions to access the requested resources for each request. That's where authorization comes into play.

This process involves validating user credentials, managing user sessions, and enforcing access control policies based on the user's role and permissions.

Different ways of Storing Sessions for Authorization

There are several methods commonly used to store session tokens for verifying each request from the client to the server:

Learning

⛺️ What's Session Token?

A session token is a unique identifier used to authenticate a user's session. It is typically generated during the authentication process and is used to associate a user with their session data on the server.

It's a common practice to store session tokens on the client side and send them with each request to authenticate the user.

Do keep in mind that session tokens are not associated with session based authentication only, they can be used with token based authentication as well in the form of bearer tokens like JSON Web Tokens (JWT).

Here, it's a general term used to refer to the unique identifier used to authenticate a user's session.

Cookies

Session tokens are often stored as cookies on the client's browser. The server sets a cookie containing the session token during the authentication process, and the client automatically sends this cookie with each subsequent request.

Pros:

Automatically sent with each request, simplifying implementation
Cookies have built-in security features like the HttpOnly and Secure flags

Cons:

Vulnerable to CSRF attacks if not properly secured
Limited to the same-origin policy, restricting cross-origin requests
Limited in size and may not be suitable for storing large amounts of data

Authorization headers (Bearer tokens)

Bearer tokens, such as JSON Web Tokens (JWT), are another common method for storing session tokens.

After successful authentication, the server generates a token containing user information and signs it. This token is then sent to the client, typically in the response body, and the client includes it in the Authorization header of subsequent requests.

Pros:

Tokens contain all necessary information for authentication, reducing the need for server-side storage
Can contain additional data beyond authentication, such as user roles

Cons:

Requires additional effort to manage token lifecycle, including expiration and revocation
Vulnerable to token theft if not properly secured (e.g., through HTTPS)

Local Storage

Session tokens can also be stored in the client's local storage, a mechanism for persistently storing data on the client side beyond the duration of a session.

Pros:
- Provides a larger storage capacity compared to cookies
- Accessible via JavaScript APIs, allowing for more flexibility in handling session data
Cons:
- Not automatically sent with each request like cookies, requiring manual inclusion in requests
- Vulnerable to XSS attacks if not properly secured
Session Storage

Similar to local storage, session tokens can be stored in session storage, a web storage mechanism that stores data only for the duration of the browser session.

Pros:
- Automatically cleared when the browser session ends, enhancing security
- Accessible via JavaScript APIs for temporary data storage
Cons:
- Limited to the duration of the browser session, requiring re-authentication after session expiration
- Not automatically sent with each request like cookies

Further, I have added some resources below for you to read and understand more about the topic. Do check them out.

Resources

Ciao 👋🏼

How did you manage to remove the blur property and reach here?

A

I used sheer determination and problem-solving skills.

B

I inspected the code, found the blur effect, and disabled it.

C

I randomly clicked buttons until something worked.

D

I have no idea, but I made it!

Test Your Knowledge, Level Up

Upgrading gives you access to quizzes so you can test your knowledge, track progress, and improve your skills.

Upgrade your account

0 Comments

"Please login to view comments"

Join the Conversation!

Subscribing gives you access to the comments so you can share your ideas, ask questions, and connect with others.

Upgrade your account

00:00:02 Similarly, as in the last lesson, I want to tell you a bit about HTTP state management mechanisms.

00:00:08 There are many different ways to authenticate, so it's important to know how to handle user sessions properly, and how to handle the data both on the user's

00:00:18 device and the server.

00:00:19 And this is where different state management techniques come into play.

00:00:22 Of course, cookies are something you're going to hear about often.

00:00:26 they allow you to store data in the user's browser sent by the server, commonly used for session management, tracking user preferences,

00:00:34 and personalizing user experiences.

00:00:37 The client sends cookies with every request to the same server, allowing the server to identify the user and maintain state across requests.

00:00:46 Local storage is a different web storage mechanism that allows data to be stored in the user's web browser, provides a very simple key value storage.

00:00:55 You can think of it like a basic JavaScript object stored in your user's browser, where users can also define their preferences,

00:01:02 cache data, and store application state.

00:01:05 It has a larger capacity than a cookie, which makes it useful for caching different static assets, and even be used as offline data storage in PWAs.

00:01:14 But it's not super secure.

00:01:16 There's also session storage, which is similar to local storage, but it's cleared when the user session ends, when the browser is closed.

00:01:24 It is commonly used for storing temporary data that should not persist across sessions, which makes it particularly useful to improve security by ensuring

00:01:33 that sensitive data is not stored beyond user session.

00:01:37 So, how are we going to store sessions for authorization?

00:01:40 Well, there's a few different ways.

00:01:43 First of all, there is a session token, which is a unique identifier used to authenticate a user's session.

00:01:50 It's typically generated during the authentication process, and it is used to associate a user with their session data on the server.

00:01:58 It is a common practice to store session tokens on the client side and send them with each request to authenticate the user.

00:02:05 Keep in mind that session tokens are not associated with session-based authentication only.

00:02:11 They can also be used with token-based authentication in form of a bearer tokens like JSON web tokens or JWTs.

00:02:20 And now each one of these like cookies, authorization headers, local storage, session storage have their own pros and cons.

00:02:29 So make sure to read the text below as well as some additional documents, which I decided to provide right below.

00:02:35 After that, you can move to the next lesson.