简体繁体中英

How can I verify login using google api, oauth?

原文 2019-10-11 13:06:08 8 1 node.js/ express/ authentication/ google-api/ google-oauth

I want to use google oauth api to log in to the site which I create.

I use react and node and I'm done with getting current access_token issued but I'm not sure how to know if the user is logged in.

Should I check the user's access_token every time the user calls the api of my site?
If that's correct, should the access_token be held by the client?
Isn't that a security issue?

I did a lot of searching but I don't know how to manage access_token and how to check if user is logged in.

This is the article I referenced

1 answers

Should I check the user's access_token every time the user calls the api of my site?

Yes. The only ones you will not check will the public ones.

If that's correct, should the access_token be held by the client?

Yes, it can be stored in cookies, local storage... Is is debatable which is the best solutions, you can articles such as this one

Isn't that a security issue?

No. Anybody can check the content of a JWT token (just paste the content here ). But the neat thing is that it can't be modified or manipulated. Of course, it is advisable to keep it as safe as a password, so don't share it around:)

How can i make a different oath flow between login & signup for social? like google oauth2.0 using passport js

How can I use the Google OAuth2 ID token with node.js / passport.js to verify if the user is valid and authenticated?

'Login Required' error. How to login after getting oauth2 token with Google API

How can I test my Backend API against google Oauth2?

How can i safely pass access token generated from Google OAuth to a NodeJS REST API?

how can I do facebook login using FB.api

How can I make passportjs google login oauth work with JWT instead of creating session through serialize/deserialize method?

How to get Google Fitness API data using OAuth2 with PassportJS

How can I send properly an oauth 1.0 request to verify credentials with nodejs

How to combine Json Web Token(JWT) and google oauth using passportjs, passport-google-oauth and node to create social login system?

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can i make a different oath flow between login & signup for social? like google oauth2.0 using passport js How can I use the Google OAuth2 ID token with node.js / passport.js to verify if the user is valid and authenticated? 'Login Required' error. How to login after getting oauth2 token with Google API How can I test my Backend API against google Oauth2? How can i safely pass access token generated from Google OAuth to a NodeJS REST API? how can I do facebook login using FB.api How can I make passportjs google login oauth work with JWT instead of creating session through serialize/deserialize method? How to get Google Fitness API data using OAuth2 with PassportJS How can I send properly an oauth 1.0 request to verify credentials with nodejs How to combine Json Web Token(JWT) and google oauth using passportjs, passport-google-oauth and node to create social login system?

Related Tags

How can I verify login using google api, oauth?

Question

1 answers

solution1 0 ACCPTED 2019-10-12 21:04:34

solution1
0 ACCPTED 2019-10-12 21:04:34