Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create token-based authentication with the backend #93

Open
LucientZ opened this issue Feb 12, 2025 · 0 comments
Open

Create token-based authentication with the backend #93

LucientZ opened this issue Feb 12, 2025 · 0 comments
Assignees
@LucientZ
Labels
enhancement

Comments

@LucientZ
Copy link
Collaborator

Overview

Authentication currently only grabs information in the frontend. We want this to also be for the backend, which will involve sending access and refresh tokens across secure https endpoints.

Ideas

  • Basic flow (All sent through HTTPS)
    • User signs in with google and sends backend an authorization code
    • Backend generates session and access token and sets session as http-only cookie
    • Frontend stores access token in memory state (useState). Could possibly also be an http-only cookie.
    • Frontend adds access token to headers for each request to the backend.
    • If frontend needs another access token, it calls <root>/auth/refresh with the refresh token as a cookie to the server to get another access token.
@LucientZ LucientZ self-assigned this Feb 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@LucientZ LucientZ

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@LucientZ