stevaidis/dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update OAuth2-Front-Approach.md

Browse Source
This commit is contained in:
Ste Vaidis 2024-12-15 19:11:20 +02:00
parent e186b2ee0c
commit 26e6566b01
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
OAuth2-Front-Approach.md
View File

@ -279,7 +279,11 @@ app.listen(3000, () => {
#### 2.3 Front
The frontend gets the tokens from the backend response, and saves them somewhere secure. Now its ready to use the tokens to get the user data from Google
The frontend gets the tokens from the backend response,
and saves them in a cookie marked as `HTTP-only` and `Secure`
Now its ready to use the tokens to get the user data from Google
<details>
<summary><h3>HTTP Response from Backend to Frontend</h3></summary>
@ -298,6 +302,22 @@ The frontend gets the tokens from the backend response, and saves them somewhere
<details>
<summary><h3>Frontend Code:</h3></summary>
```js
// Set an HTTP-only, Secure cookie on the backend
res.cookie('access_token', accessToken, {
httpOnly: true,
secure: true,
maxAge: 3600000 // 1 hour expiry
});
```
</details>
<br><br><br>