Oauth2 flow without redirect_uri

后端未结

关注

 5  1535

北海茫月 2021-01-05 06:15

I am creating an Android/iOS app which communicates with a Node.js server and would like to identify them securely on my server using Google (and/or Facebook) and OAuth2. I\

5条回答

Happy的楠姐 (楼主)

2021-01-05 06:58

And it become really easy if you use VueJS with https://github.com/guruahn/vue-google-oauth2

Client side

import GAuth from 'vue-google-oauth2'

Vue.use(GAuth, {
    clientId: 'xxxxxxx.apps.googleusercontent.com',
    scope: 'profile',
})

async signWithGoogle() {
    const code = await this.$gAuth.getAuthCode() //
    console.log(code ) // { code: 'x/xxxxxxxxxx' }
    // send the code to your auth server
    // and retrieve a JWT or something to keep in localstorage
    // to send on every request and compare with database
}

Server side

import { google } from 'googleapis'

const oauth2Client = new google.auth.OAuth2(GOOGLE_ID, GOOGLE_SECRET, 'postmessage')

google.options({ auth: oauth2Client })

async function getAccount(code) {
    // the code you sent with the client
    const { tokens } = await oauth2Client.getToken(code)
    oauth2Client.setCredentials(tokens)
    const oauth2 = google.oauth2({ version: 'v2' })
    const { data: { id } } = await oauth2.userinfo.get()
    // there you have the id of the user to store it in the database
    // and send it back in a JWT
}

0 讨论(0)

查看其它5个回答