in this video we will protect our backend routes and get current login user by a simple npm package so just open your browser and type npm and now you can see here search bar to just type protected mid like this and select the first search result so you can see here this is our npm package just copy it and then paste it on Terminal and press enter now our package installed successfully now go back to our documentation and here you can see here is the full guidance of this package how to use it and how to import it then just import and you can also paste it just import protected app from from protected mid mid means middleware and here we have to pass some options you can see in documentation like this we have to pass these options now make variable const options is equal to and then pass object and we store our options in the form of key value pairs our first option is Secret in secret we have to pass our JWT secret key so I just copy it from here where you can generate your JW token so I just simply copy it and paste it and just write in the strings and in second option we have to pass our token name you can see here so how how can you get token name simply go to the file where you are generating token so here I am generating token and you can see I stored cookies in the name of token so here just pass token name as a key and then pass our value token now in the third option if we have to pass our get user ID now the question is what is user ID and how to get it so basically user ID is used to generate JWT token user ID is the ID of our current logged in user just open send token file and you can see here jwd do sign and we receive user ID and we passed this ID from from our user controller here you can see it user. ID and we receiving it as a user ID now in our fourth option we have to pass our user model to get current login user so just pass your user model and you can see it's automatically imported here our user model our all options are completed now we have to use our protected route so just choose any route so I'm using get user route just pass here protected app and pass our options so now our protected middleware is ready to use so just open your terminal and run your server so I am just typing noemon index.js so our terminal started successfully now minimize the vs code and open our Postman and you already know that Postman is a API testing tool by using this we can test our protected app middleware it's working fine or not so I already make a API route just check where I made API route so here in rest apis so we already made get user you can see it get user now go back to vs code here you can see we use this protected rout and get user so just send it you can see we get our current logged in User it's working fine perfectly fine now in the second case if we log out means if we delete our cookie just delete it and if we send request then we get the message unauthorized user no token is provided now if we relog in then we can get our user successfully