Next.js Fetch Data the Right Way (with a Data Access Layer!) (Security, Auth, Cache, DTO)

00:00

a lot of things have changed in the

00:01

latest nextjs app router so with react

00:04

server components the line between

00:06

server and client have blurred and many

00:08

other things have changed so in this

00:10

video I want to talk about how to

00:12

structure or how to architect your

00:14

nextjs applications so this is actually

00:16

a wonderful article about Security in

00:18

nextjs by Sebastian markager and this is

00:22

an article about Security in nextjs and

00:24

here you can see they actually recommend

00:27

using a so-called data access layer for

00:30

your new project in this video I'll show

00:31

you what that means but for example we

00:33

want to make sure that we do an

00:35

authentication check before we actually

00:37

interact with our database and there's a

00:39

certain way that we can structure our

00:41

application make sure we do that so

00:42

what's the problem why do we need

00:44

something fancy like a data access layer

00:46

what even is that well let's say we have

00:48

a very simple project I just have a

00:50

homepage here and that's what we have

00:53

here H1 and read an article right so

00:55

this whole project just has one article

00:58

I can go to the article page and here I

01:00

have some text this is actually data

01:03

right when it comes to security what do

01:05

we want to protect what do we want to

01:06

secure it's our data right our data is

01:08

the most important part if we render the

01:11

wrong button or the markup isn't right

01:13

that's not the end of the world

01:14

typically but if this article text

01:17

specifically if this should only be

01:18

viewable for logged in users maybe even

01:21

paid users then we want to make sure

01:23

that this text here cannot be read by

01:25

guest users or free users um so what I'm

01:27

doing here is I'm using a react server

01:29

comp components right this is a page

01:31

component and by default everything in

01:33

the nexts rter is essentially a server

01:36

component I can do async await and this

01:38

is how you get data in the idiomatic way

01:40

in the latest next chance app router

01:42

right you can do it directly here in the

01:43

server component you don't need use

01:45

effect you don't need an API route or

01:47

route Handler either you also don't need

01:49

a server action you can do it directly

01:51

like this okay so in my database I just

01:53

have one article I'm using Prisma here

01:55

and you can see here in my database I

01:57

just have this one simple article here

01:59

that is what I'm getting and that is the

02:00

text that I'm showing here so that's

02:02

what we have so far now what's the

02:03

problem with this so we want to make

02:05

sure that only logged in users let's say

02:06

can actually read this text so what you

02:09

could do is simply add some protection

02:11

to this whole page right so you could

02:13

use an authentication solution so we're

02:15

going to use kind in this video they are

02:16

today sponsor and they have in my view a

02:19

great solution for authentication the

02:21

way it works with kind is you can do

02:22

something like this and now when this

02:24

page loads we're first going to do an

02:26

authentication check right so then

02:27

before you even get anything from the

02:29

database you first have the O check in

02:31

this case this would work but with react

02:33

server components we can also fetch data

02:36

in another component right so here we

02:38

were fetching the data uh right here in

02:40

the article page but maybe we are

02:42

fetching that in some component maybe we

02:45

have a dedicated component for the text

02:47

right which actually kind of makes sense

02:49

and in there we do the data fetching and

02:51

we then return the actual text right so

02:53

then we would use that component right

02:55

every react developer has components on

02:57

their mind so maybe you or somebody else

03:00

on your team structures it like this

03:02

where you actually access the data in a

03:04

separate component now this is risky

03:06

with server components because now it's

03:09

still protected right we're still first

03:11

doing the authentication check before we

03:13

render this component and before we

03:15

actually get the data from the database

03:17

but what react developers also have

03:20

front of mind is reusability so what if

03:23

somebody on your team reuses this

03:25

component on the homepage let's say

03:27

right so maybe somebody's going to use

03:29

it on the homepage

03:30

here we do not have an authentication

03:31

check so now if I go to the homepage I

03:34

can view this data or whatever which is

03:38

not what we

03:44

want and by the way it doesn't matter

03:47

how you protect your pages whether it's

03:49

actually like this in a page component

03:51

or instead maybe you're using middleware

03:53

we can also use middleware with kind

03:54

right it would look something like this

03:56

they have the width off and we want to

03:58

run this on the/ article route but this

04:00

only protects the SL article route but I

04:03

just added this component on a on the

04:05

homepage which is a public route right

04:07

so here we are still accessing that well

04:09

what should be private data right so it

04:12

doesn't matter what way of protecting

04:14

you use as long as there is a gap

04:16

between where you do the authentication

04:18

and where you actually access data from

04:20

your database there is a gap and that

04:22

Gap allows for well potentially

04:25

dangerous and here I showed you an

04:27

example of getting data but this problem

04:29

also also is with updating data with

04:31

server actions right so server actions

04:33

are the idiomatic way of updating data

04:35

now server actions they live on the page

04:38

the route on which you're using them so

04:40

if you're using a server action on the/

04:42

article route you may think oh

04:44

middleware I'm going to protect the SL

04:45

article route so the the server action

04:47

I'm using there is going to be protected

04:49

well what if somebody's using that

04:50

server action on a public route on the

04:52

homepage let's say right so this way of

04:55

protecting your app at the middleware

04:57

level or at the page level like that is

05:00

this is not enough and so instead you

05:01

may want to use a data access layer now

05:04

before I show you the solution I quickly

05:06

removed what we just did and I quickly

05:08

will show you how to setup kind and then

05:10

we'll take a look at the data access

05:12

layer we don't even have any kind of

05:14

authentication right so everybody can

05:15

just go here it's a public page right

05:17

now so we need to add some

05:18

authentication so let's start there and

05:20

then I'll show you how to structure it

05:22

so I'm going to use kind for the

05:23

authentication they are today sponsor

05:25

and I'm actually a brand ambassador for

05:27

them it's a paid sponsorship but I had a

05:28

great time working with them so far and

05:30

they have a very generous free tier as

05:32

well you can find a link in the

05:33

description if you want to sign up right

05:35

now if you sign up you can easily add an

05:37

application I will quickly add

05:38

authentication with them so you can see

05:40

how that works but everything that we're

05:41

going to talk about here also works with

05:43

any other authentication solution you

05:45

may be using so here I just need to

05:47

quickly add uh some name I'll call it

05:48

nextjs app a backend web here nextjs is

05:52

very backend heavy so it's actually more

05:54

of a backend framework so here they have

05:56

a template here for nextjs okay easy all

05:59

right so so then here they show you

06:00

exactly existing codebase how to

06:03

implement this so yes it's running on

06:05

Local Host 3000 I just have to set these

06:07

to call back URLs here in kind boom boom

06:11

all right then I can install their next

06:12

JS package can just copy and paste that

06:15

right here all right and then let's see

06:17

we need to add some environment

06:19

variables I'm going to quickly create.

06:22

logo and just paste that right here and

06:24

actually here after logging in where do

06:27

we want to redirect the user well in

06:28

this case let's actually redirect them

06:30

to that article page so that's the only

06:32

thing I will change here all right so

06:33

then last step here we need to add the

06:35

API endpoint so that kind can internally

06:38

wire everything up and actually I should

06:40

be able to just copy the path and then

06:42

here I should be able to create a new

06:45

file by just pasting everything like

06:47

this yeah and here we need to just copy

06:50

and paste that right here all right so

06:52

that's all we need to do to add

06:53

authentication to our nextjs app with

06:56

kind and then here they show you log in

06:58

and log out buttons we're not going to

07:00

use that here but we do want to protect

07:01

this article page now so what we can do

07:04

with kind we can go to that page so what

07:06

we can do is if we want to protect this

07:08

article page well when it renders we can

07:10

simply check the authentication status

07:12

of the user so kind gives us this get

07:15

kind server session that we can use

07:17

everywhere on the server side this is a

07:18

server component so we can use it it

07:20

will give us an is authenticated

07:22

function actually so I do need to call

07:24

it here so if the user is not

07:25

authenticated we are going to redirect

07:27

them to that API route so kind can take

07:30

care of logging the user in and if the

07:32

user is authenticated we continue here

07:34

and we actually are going to make that

07:36

fetch call to our database through our

07:39

omm us using Prisma here but works

07:41

similarly for other OMS and that will

07:43

give us some data here and so we can

07:46

just take it text and that's what we

07:48

would see then now here I'm actually

07:49

already being redirected here so if I

07:51

click on read article I'm not logged in

07:53

so indeed I should be redirected right

07:55

and indeed kind is redirecting me to a

07:57

login page now here we do need to

07:59

specify how we want the user to log in

08:02

so we can go to authentication here and

08:04

kind gives us these options now what we

08:06

want to use is just GitHub here I'm

08:08

going to save that now if I try going to

08:10

that article page again all right so

08:11

here we have continue with GitHub I'll

08:13

quickly log in and now here I'm

08:15

redirected now if I go to inspect here

08:17

under cookies and if I go here yeah so

08:19

here under access token I can see my so

08:22

I'm logged in and therefore I can see

08:23

the article page with that well

08:25

protected data right that's why I can

08:27

now see this right so this is a very

08:29

quick way of securing our page for only

08:31

logged in users you don't want to do it

08:33

in layout right so if you watch my other

08:36

videos on authentication in nextjs you

08:38

know that you typically don't want to

08:40

add it to the layout here um it's very

08:42

tempting to do this if you want to

08:43

protect your whole app right because you

08:45

think uh instead of doing it in every

08:46

page we're just going to do it once in

08:48

the layout but that will not work as

08:50

expected because the layout here will

08:51

not do it's not going to run this if you

08:54

for example uh click on this link like

08:56

here when we navigate here it's not

08:58

going to read do the check for the

09:00

article page so you don't want to do it

09:02

in layout you want to do it either in

09:04

the page component or you can also

09:06

create a middleware they both have

09:08

certain advantages let's say we do it

09:10

like this now what's the problem with

09:11

this I have now properly protected them

09:13

so what's the issue with

09:16

this you can see we get the same result

09:19

but we have just refactored this a

09:21

little bit so we have a dedicated

09:23

component for the text and in a real

09:25

next CH app you could very well have a

09:27

separate component where you actually

09:28

get the data and this is the important

09:31

part because now there is more of a gap

09:34

right so here now we are doing the

09:36

authentication check but where we

09:38

actually access the database is now in a

09:40

separate place and it's in a separate

09:42

component here and so so far so good but

09:45

react developers also have reusability

09:48

at the top of their mind right so there

09:50

could be you or some other developer on

09:52

your team could accidentally perhaps use

09:55

this component on the homepage right so

09:58

I could also use text here on the

10:00

homepage uh if I do it here on the

10:02

homepage we now have this text here on

10:04

the homepage so even if I log myself out

10:07

by clearing all of my cookies here so I

10:10

don't have the token anymore since the

10:12

homepage is not protected right we don't

10:15

have any authentication check here and

10:17

I'm not logged in I can still read this

10:19

right so this text here this piece of

10:21

data that we have that should be

10:23

protected is not protected right now

10:25

right now the article page is still

10:27

properly protected but the homepage is

10:29

is public so if you use that component

10:31

on the homepage right so it doesn't

10:33

matter if you use middleware or you do

10:34

the authentication check directly in the

10:37

page right let's stick to the page for

10:39

this tutorial this problem exists with

10:41

both approaches I have other videos also

10:43

with kind when to do the authentication

10:44

check in the page or when in middleware

10:47

it depends a little bit on your setup

10:49

but uh let's continue with doing it in

10:50

the page for this video so how do we fix

10:53

this how can we prevent this so this is

10:55

where the concept of a data access layer

10:58

comes into play so what we want to do is

11:00

we want to have one centralized place or

11:03

layer in our application where we

11:06

interact with our database right so our

11:08

data so what you could do is you could

11:10

create a folder here for all your data

11:13

access right we can actually just call

11:15

it data access and in here we can create

11:18

a file uh here is this is going to be

11:20

for the Articles right so for the

11:22

article table in our database let's say

11:25

and here I will have all of the ways

11:27

that I'm going to interact with my

11:30

article data so here I could export a

11:32

function that I can just call get

11:34

article right I could accept some ID or

11:36

something like that but let's keep it

11:38

simple and here is where I'm going to

11:40

get the data right so what we were doing

11:42

previously somewhere in you know

11:44

somewhere in our application somewhere

11:46

in our component tree we now know for

11:49

sure that all of the data is going to

11:51

come from here I will just return that

11:54

from here this one function is going to

11:57

be responsible for getting the article

11:59

all of the data access is going to be in

12:01

here so this is for getting an article

12:03

maybe we we are going to have one for

12:06

update article right all of your CR

12:08

delete article we can right these are

12:11

not empty but you get the point all of

12:13

the interactions with your database

12:15

you're going to create functions in here

12:18

you can also do it with a class if

12:19

you're a backend developer you may

12:21

already be familiar with the concept of

12:22

a data access layer but a lot of you are

12:24

actually coming from the front end world

12:26

so basically what we're doing here is

12:27

we're creating a centralized place where

12:29

we do all the data access basically all

12:31

our interactions with our database so

12:34

now whenever you need data in your

12:35

application somewhere you're not going

12:37

to randomly do that in some component

12:40

right so here we're not going to get the

12:41

article data from here now because we

12:43

have one function now for getting the

12:45

article and so whenever we need to get

12:47

an article we're going to use that

12:48

function right so now if I want to get

12:50

article data I can say article data and

12:53

now I need to use that function right

12:55

get article I should import that and I

12:57

get a rest quickly line here by the way

12:58

because Prisma tells me it could also be

13:00

null right I may have deleted it in the

13:02

database I'm ignoring that here but I

13:05

can remove Prisma now from here right so

13:07

now I can access this data in the text

13:09

component now since we're always going

13:11

to use this function now when we need to

13:13

get an article we can do the

13:15

authentication check in here so we can

13:17

just do all of this with kind right here

13:20

right so you first do the off check and

13:22

then you interact with the database and

13:25

the benefit is now I can safely use this

13:28

get article function function wherever I

13:29

want whether it's in this component or

13:32

in some other component and I can be

13:34

rest assured that the authentication

13:36

check is always being done because

13:38

there's no Gap now between the

13:39

authentication check and the place where

13:41

I'm accessing my database right there's

13:43

no Gap in here they right after each

13:45

other they're right in the same function

13:47

so that is in essence the benefit of

13:49

using a data access layer it's safer in

13:52

my view because now whenever I need to

13:54

get a article I just use that one

13:55

function which takes care of all the

13:57

authentication and potentially

13:59

authorization logic so I can now more

14:01

comfortably uh work here in my

14:03

application now I may still want to have

14:06

a page level check as well maybe more of

14:08

a as a convenience perhaps as a way to

14:11

quickly do some redirections at a page

14:13

level let's say um or just to see what

14:16

what pages should be uh public or

14:18

private and so that would be like your

14:19

first line of defense whether you're

14:21

doing some kind of page level check or

14:23

middleware check that would be like your

14:25

first line of defense and then in

14:27

addition to that whenever you need to

14:29

get access to a piece of data in this

14:31

case you know a particular article it

14:33

could be other data that you have you're

14:34

going to create a separate function for

14:36

that in your data access layer right

14:38

basically just one file right now in

14:41

which you also do the authentication

14:42

check so that you're always certain that

14:45

the act the interaction with database is

14:47

safe and data access layer is not an API

14:50

or or an external API or something like

14:52

that right so you may be inclined to use

14:54

like a DAT an API layer to fix that

14:56

issue but that's not necessary when

14:58

you're using an API you're actually

14:59

going over the network there are other

15:01

complications that come from that

15:03

instead we can just structure our

15:05

application code slightly differently so

15:07

that every interaction with your

15:08

database is now going to be in this one

15:10

folder let's say this is just we can

15:12

call it a layer you can call it however

15:14

you want and we could have one file per

15:16

uh table or schema in our database right

15:19

so here I'm using Prisma and here I just

15:21

have this one model for article this

15:23

will create one table in my database and

15:25

so you may want to have one file for

15:28

each one you have and in this case I

15:29

only have article and so here you would

15:31

do your authentication check right

15:33

before the actual database call and we

15:35

would do the same for the other

15:37

potential functions here right so if you

15:38

want to update the article maybe you

15:40

would have some kind of database call

15:41

like this maybe you pass in an ID or

15:43

something like that but here again you

15:45

would first do your authentication check

15:47

before you interact with the database

15:48

and now wherever in your app where you

15:50

need to update the article you need to

15:52

make sure that you only use this

15:54

function and then you can be rest

15:55

assured that there's always the

15:57

authentication check first right so now

15:59

only logged in users can update an

16:01

article you know realistically you're

16:02

going to have other authentication

16:04

authorization rules right so maybe every

16:06

logged in user can actually uh get an

16:08

article but to update an article you

16:10

need to be an admin or something like

16:12

that and so here you can have additional

16:14

rules if the user is not an admin kind

16:16

has a great solution for roles and

16:18

permissions as well we can check if the

16:20

user has the proper role or permission

16:22

so that's another benefit of using this

16:24

structure is now whenever you need to

16:26

change your authentication or

16:27

authorization logic you know where to

16:29

look because previously if you were

16:31

doing the authentication check in some

16:33

you know random components throughout

16:35

your codebase you don't know exactly

16:38

where you left that check right so now

16:40

you want to update the authorization

16:42

logic so that only admins can update

16:44

articles so now you have to think oh

16:46

where did I leave that where did I leave

16:48

that uh logic was it in a text component

16:50

or some other component right so it's

16:52

scattered throughout your codebase but

16:53

this way you know where to look it's all

16:55

in your data access folder you have

16:57

embedded that Within these function all

16:59

of the updates happen in one place also

17:01

if you work in a team you may have one

17:03

person who takes care of the data access

17:05

layer and another person and that

17:07

actually uses that in the rest of the

17:09

app right so I think it also helps split

17:11

up the work I think somebody who is a

17:13

traditional backend developer would feel

17:15

more at home interacting with the

17:16

database than a traditional front end

17:19

developer right so a front end developer

17:20

would probably feel more comfortable

17:22

actually using these functions so I

17:24

think this is a more natural way of

17:26

splitting up the work in a team that's

17:28

working on xsf it also helps in other

17:31

related ways for example if you want to

17:32

log who's accessing the database the

17:35

access or you doing some kind of

17:36

security audit you can just do it

17:38

directly in here you know where to do it

17:40

it's all in one centralized place right

17:41

so there are many benefits that come

17:43

with this structure the fancy word for

17:45

this is a data access layer and you can

17:47

implement it in different ways you can

17:48

use classes but this is now the

17:50

recommended structure for accessing your

17:53

data in new nextjs projects right and by

17:56

the way if you ever need this data in

17:58

some other component maybe not in text

18:00

maybe we also need article data in some

18:02

statistics component maybe and writer

18:05

can log in and can view their most

18:07

popular posts right and we want to show

18:09

the we want to show the title of the

18:11

most popular post right just an example

18:13

but we could want to access this data

18:15

and other components as well right so

18:17

now I'm accessing the article data in

18:19

stats as well as in text and maybe I

18:21

have stats here on the page as well so

18:24

now maybe you are getting worried

18:25

because now we're going to duplicate

18:27

those calls right so now you could say

18:29

oh I'm accessing the data the database

18:31

from this component but now also from

18:33

this component so that would be a bit

18:35

much because now we're going to invoke

18:37

this multiple times so we're going to

18:38

make that datab base call multiple times

18:40

Well react has a solution for that

18:43

actually they have a cache function so

18:45

you can wrap that entire function in a

18:47

in the cache function from react if you

18:50

invoke that multiple times during what

18:53

react calls a render pass so if this

18:55

page gets rendered they both get called

18:58

but it would only run once right so it

19:00

would not make duplicate calls to the

19:02

database so that's something that you

19:04

may want to use here as well in addition

19:06

to that you may also want to use the

19:09

server only package it will make sure

19:11

that if you try accessing anything here

19:13

on the client side that you will get an

19:15

error so it's it's slightly safer so

19:17

that you're not accidentally trying to

19:19

use these functions on the client side

19:21

and what you may also want to do is if

19:23

you're using an omm like Prisma here

19:25

there are some other security best

19:27

practices I would say um because very

19:29

often you don't need all of the article

19:31

data right so with Prisma here I can

19:33

select what I want so here I want the

19:35

text for example but maybe this article

19:38

in the database also has the author

19:40

email right and that is more sensitive

19:42

data right so somebody's email is not

19:44

something that we Loosely want to pass

19:46

around now by default if you leave the

19:48

select off if you just do it like this

19:50

it will give you all the fields of that

19:52

article but by using select here we can

19:54

make sure that we only get the text

19:56

field back and not the email that's so

19:58

we can be more specific and get back

20:01

just the fields that we need and not the

20:03

more more sensitive perhaps Fields right

20:05

so that's another I would say security

20:07

best practice right also if you're if

20:09

you're actually managing users in your

20:11

own database you don't want to get their

20:12

hashed passwords right so you don't want

20:14

to select the password in that case now

20:16

let's say we we are getting the data

20:18

like this so we are getting the article

20:20

data from the database and we are

20:22

returning it plainly like that now

20:24

before we actually return that and sort

20:26

of make it available to the rest of our

20:28

app where wherever we may be accessing

20:30

wherever we may be trying to use that

20:32

maybe we sort of want to do one last

20:34

filter step or now you may want to be a

20:36

little bit more specific so instead of

20:38

just returning the whole article data

20:40

like that maybe we actually do want to

20:42

pass and make available a specific

20:44

object right so we know that article

20:46

data has an ID so maybe we do indeed

20:49

want to return that ID okay and also the

20:53

text right so article data. text okay so

20:56

we are now returning essentially the

20:57

same now if article data also had that

20:59

author email right you could decide to

21:02

not include it here right so here in

21:04

this case you can also say well we're

21:06

simply not going to return that from

21:07

here that's another way of sort of

21:09

filtering out sensitive Fields also

21:11

maybe you can already do some data

21:13

Transformations here or some or do some

21:15

computation here for example the slug

21:17

for if it for whatever reason is not

21:19

part of the article data from the

21:21

database maybe the slug right so that's

21:23

typically the title of the article in

21:25

the URL maybe we can just take uh the

21:27

article dat

21:29

the text and then just maybe take the

21:31

first uh the first 10 characters or

21:33

something like that so that it's easier

21:35

to use it in the rest of the app

21:37

basically the fancy word for this is a

21:39

data transfer object dto and so instead

21:42

of doing it like this we may actually

21:44

create a function that actually does

21:46

that for us right so here we can say

21:47

create article dto and you pass in the

21:51

article data and that's what we're going

21:52

to return here let me actually just

21:54

create that function here create article

21:56

dto which takes in that article data and

21:59

it returns an object with that ID detect

22:02

we came up with some slug example as

22:05

well right so here it's basically a way

22:07

of filtering out sensitive field and

22:10

maybe do some Transformations on some

22:11

data basically making sure that it's the

22:14

exact shape that we want because what

22:16

you get back from the database may may

22:18

not be the exact shape in which you want

22:20

to use it in the rest of your

22:21

application that's what we would return

22:23

now basically we get the data the raw

22:25

data from the database and we just shape

22:26

it a little bit before we return it from

22:28

from that function before we're actually

22:30

going to use it in the rest of the

22:31

application we may want to create a

22:33

separate file where you have these uh

22:35

dto another benefit of this is for

22:37

example if you if you change the model

22:39

in your database right maybe here I'm

22:42

going to change the schema actually here

22:44

for Prisma instead of text maybe we

22:46

actually rename this to content let's

22:48

say the benefit is now that we don't

22:50

have to update that everywhere in our

22:52

app and so previously if you were just

22:54

using the raw for the raw object from

22:57

the database you would have to update an

22:58

every plan but now we are also

23:00

centralizing that here in one place so

23:03

we can keep using text as long as we of

23:06

course change this into content right so

23:08

then in the rest of the app we can still

23:10

use article data. text right so we would

23:12

still use article data. text here but

23:14

now it is do content from the database

23:16

right so now I would say this is

23:18

becoming pretty uh sophisticated setup

23:20

in the latest next s app router next

23:22

chance is a full stack framework so we

23:24

are sort of rediscovering a lot of

23:26

traditional software engineering concept

23:29

but I would say this is a better

23:30

structure than randomly accessing your

23:33

data throughout your component this is

23:35

something that you may want to use or at

23:37

least to think about right so here we

23:39

were talking about getting data fetching

23:42

data from your database but the same

23:44

problem will exist update data in a

23:46

database in a server action and actually

23:48

for very similar reasons you may be

23:50

confused a little bit because this is

23:51

all pretty Cutting Edge but the good

23:53

news is for authentication and

23:56

authorization which used to be a huge

23:58

problem

23:59

at least that part of the stack has been

24:01

solved thanks to kind kind makes it

24:03

really easy to manage all of the

24:04

authentication authorization stuff so I

24:07

would say check out kind I want to thank

24:08

them for sponsoring this video very easy

24:10

to set up very professional looking you

24:12

can find a link for them in the

24:14

description and I want to thank you for

24:15

watching as well hope to see you the

24:17

next one bye