Flutter Facebook/Google login with phoenix as backend server

I want to add facebook/google login to my flutter app. If i understand it correctly i should:

  1. Auth with either facebook or google to get accessToken(using flutter package like flutter_facebook_login)
  2. get token from auth response(inside the app)
  3. send token to phoenix rest api endpoint
  4. check token for validity against google/facebook api and get back data like email or avatar(from the server)
  5. create user in db
  6. return back my own auth and refresh tokens created by pow library?
  7. subsequent requests use my own tokens and not provider ones?
    is this how it should work? Is my understanding correct or are there other/better ways to accomplish what i want? where does pow_assent fit in steps 4-6? Any resources describing such flow?

The flow you have is correct. I have not worked with POW so can’t comment on that

1 Like

does google even support pkce?