authentication and tokenoauth

Hi all How can I validate the Google authentication in my back-end? How do I verify the token? oauth standard

12 Replies

Hey @Deleted User! I'm the kapa.ai support bot. I've searched through the docs to try to answer your question. :wave:

---------------------- Hmm, I don't know enough to give you a confident answer yet. However, you can check out the Google Auth example (https://refine.dev/docs/examples/auth-provider/google-auth) in the refine documentation for more information on implementing Google authentication in your refine project. ----------------------

Google Auth | refine

You can use Google Login to control access and provide identity for your app. This example will guide you through how to connect Google Login into your project using refine.

kapa.ai•2y ago

<@1073419683014922323> kapa.ai is still learning and improving, please let us how it did by reacting below

Omer•2y ago

Hello @Deleted User , Thank you for contacting us. It seems that the question you asked is not related to Refine. You can find different solutions by conducting the necessary searches on Google.

rare-sapphire•2y ago

@Omer ok is there an example or things that I need to know for client side ?

metropolitan-bronze•2y ago

you can find auth examples here: https://refine.dev/docs/examples/?tags=auth-provider google example here: https://refine.dev/docs/examples/auth-provider/google-auth/

rare-sapphire•2y ago

Thank you I understand that I need to change here only the ClientID in the login.tsx page and rest will handle in the backend right ? another question, is useLogout hook call: htp:/localhost:PORT/logout ? @alicanerdurmaz @Omer

metropolitan-bronze•2y ago

useLogout calls authProvider.logout function and yes 🚀

rare-sapphire•2y ago

where I should add the server url for the auth in google auth example ? @Omer @alicanerdurmaz

metropolitan-bronze•2y ago

what do you mean by server url ? google login works with library. see: https://github.com/refinedev/refine/blob/master/examples/auth-google-login/public/index.html#L25 after you add this script, you will access google's login API by window.google

rare-sapphire•2y ago

I use passport.js so I need to add in the client side the api of the login that exist in server side to move me to the google auth page we can see in the image example

metropolitan-bronze•2y ago

server and client should use same google id

on Client
1. login with google on client side, get `token`.
2. save  on somewhere (in memory, localStorage, cookie)
3. add this `token` to header and send to API on every request.

on Server
1. when server get request, get token with header.
2. send this token to google server, check token is valid. (you can add other logics to improve security.  compare email etc.)
3. if token is valid, send data

server and client should use same google id

on Client
1. login with google on client side, get `token`.
2. save  on somewhere (in memory, localStorage, cookie)
3. add this `token` to header and send to API on every request.

on Server
1. when server get request, get token with header.
2. send this token to google server, check token is valid. (you can add other logics to improve security.  compare email etc.)
3. if token is valid, send data

i'm only familiar with this workflow, and our google example shows this flow. probably you can easily implement passport.js or another auth flows but i'm not familiar