other-emerald
other-emerald•2y ago

authentication and tokenoauth

Hi all How can I validate the Google authentication in my back-end? How do I verify the token? oauth standard
12 Replies
kapa.ai
kapa.ai•2y ago
Hey @Deleted User! I'm the kapa.ai support bot. I've searched through the docs to try to answer your question. :wave:
kapa.ai
kapa.ai•2y ago
---------------------- Hmm, I don't know enough to give you a confident answer yet. However, you can check out the Google Auth example (https://refine.dev/docs/examples/auth-provider/google-auth) in the refine documentation for more information on implementing Google authentication in your refine project. ----------------------
Google Auth | refine
You can use Google Login to control access and provide identity for your app. This example will guide you through how to connect Google Login into your project using refine.
kapa.ai
kapa.ai•2y ago
<@1073419683014922323> kapa.ai is still learning and improving, please let us how it did by reacting below
Omer
Omer•2y ago
Hello @Deleted User , Thank you for contacting us. It seems that the question you asked is not related to Refine. You can find different solutions by conducting the necessary searches on Google.
other-emerald
other-emeraldOP•2y ago
@Omer ok is there an example or things that I need to know for client side ?
continuing-cyan
continuing-cyan•2y ago
other-emerald
other-emeraldOP•2y ago
Thank you I understand that I need to change here only the ClientID in the login.tsx page and rest will handle in the backend right ? another question, is useLogout hook call: htp:/localhost:PORT/logout ? @alicanerdurmaz @Omer
continuing-cyan
continuing-cyan•2y ago
useLogout calls authProvider.logout function and yes 🚀
other-emerald
other-emeraldOP•2y ago
where I should add the server url for the auth in google auth example ? @Omer @alicanerdurmaz
continuing-cyan
continuing-cyan•2y ago
what do you mean by server url ? google login works with library. see: https://github.com/refinedev/refine/blob/master/examples/auth-google-login/public/index.html#L25 after you add this script, you will access google's login API by window.google
other-emerald
other-emeraldOP•2y ago
I use passport.js so I need to add in the client side the api of the login that exist in server side to move me to the google auth page we can see in the image example
No description
continuing-cyan
continuing-cyan•2y ago
server and client should use same google id

on Client
1. login with google on client side, get `token`.
2. save  on somewhere (in memory, localStorage, cookie)
3. add this `token` to header and send to API on every request.

on Server
1. when server get request, get token with header.
2. send this token to google server, check token is valid. (you can add other logics to improve security.  compare email etc.)
3. if token is valid, send data
server and client should use same google id

on Client
1. login with google on client side, get `token`.
2. save  on somewhere (in memory, localStorage, cookie)
3. add this `token` to header and send to API on every request.

on Server
1. when server get request, get token with header.
2. send this token to google server, check token is valid. (you can add other logics to improve security.  compare email etc.)
3. if token is valid, send data
i'm only familiar with this workflow, and our google example shows this flow. probably you can easily implement passport.js or another auth flows but i'm not familiar