Reputation: 1623
How to implement code grant flow in REST API?
I am developing web application in React and Django(Rest Framework)., i want to users can login with google account.,
I approach i followed is implicit grant flow.,where i get the access token in the front end., and sent the access token to the back-end. then the back-end should verify the access token with google., and return the new jwt token for future requests. once the user logged out., same cycle continues.,
By My client don't want repeat the same implicit grant flow for other devices(mobile for example)., they want authentication to be handled entirely by back-end. so i am planning to use code exchange flow.
the approach i am planning.
- user clicks the login with google button
- send the request to django back-end, get the clientId and server callback URL.
- client redirect the request to google with the client id and
callback url. - google ask permission to users and sends the access token to backend.
In the above approach the connection between client and server is broke in step 3., how to we know the back-end got the access-token. user logged in?
Upvotes: 0
Views: 115
Answers (0)
Related Questions
- OAuth code grant flow for internal auth token issuing
- Django Rest Framework authentication and user session
- how to use default django auth model in react , i want to access api that needs authentication in react?
- Django+React rest-auth
- How to use Reactjs to authenticate user login using oauth2 Password Grant?
- Implementation of JWT correctly
- How to add change password functionality to Django / React app
- How do I authenticate users with Django REST framework and React.js frontend?
- How to make authentication with OAuth2 and React Native using REST API?
- How to get authentication to the api