Im trying to figure out how to implement Oauth2 sign in, e.g. google and github login via a React Single page login + phoenix backend combination.
Basically this is the flow i’m assuming:
- User clicks sign up/in
- React sends message to backend requesting url -> url is presented to user and opened?
- User signs in, via e.g. google and a token is sent directly from google back to the phoenix server (ueberauth).
- I then save that information back to the database including email, and token
- I then sign a JWT using something like guardian
Questions I’m struggling with are:
- How do I at step 5 get a message to the browser saying ‘here’s your token’
- What do I use the token I get back from google/github for? is there even a use for it? Am I suppose to hit google every request and make sure they are still logged in or do I just ignore it? I can’t see any use for it considering I’m using a JWT for app/server communication