From 46ed7541d63ce09c9fbc23b141f84e758b80546b Mon Sep 17 00:00:00 2001
From: Ste Vaidis <ste.vaidis@gmail.com>
Date: Sun, 15 Dec 2024 18:59:10 +0200
Subject: [PATCH] Update OAuth2-Front-Approach.md

---
 OAuth2-Front-Approach.md | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/OAuth2-Front-Approach.md b/OAuth2-Front-Approach.md
index a3db58c..3e474b4 100644
--- a/OAuth2-Front-Approach.md
+++ b/OAuth2-Front-Approach.md
@@ -130,20 +130,6 @@ Content-Type: application/json
 
 </details>
 
-<br><br>
-
-
-
-#### 2.2 Backend
-
-1. The backend **receives** the authorization `code` form the frontend POST at `xorismesiti.gr/api/auth/exchange-token`
-2. The backend **POST** Authorization `code` to Google API
-3. The Google API respond to backend POST with the tokens `access_token` and `refresh_token`
-4. The backend **response** to frontends POST with the the tokens 
-
-*Security: The backend never expose the client_secret to the frontend. This step should always be handled on the backend.*
-
-<br>
 
 <details>
 <summary><h3>Frontend Code</h3></summary>
@@ -186,6 +172,21 @@ export default Callback;
 
 </details>
 
+<br><br>
+
+
+
+#### 2.2 Backend
+
+1. The backend **receives** the authorization `code` form the frontend POST at `xorismesiti.gr/api/auth/exchange-token`
+2. The backend **POST** Authorization `code` to Google API
+3. The Google API respond to backend POST with the tokens `access_token` and `refresh_token`
+4. The backend **response** to frontends POST with the the tokens 
+
+*Security: The backend never expose the client_secret to the frontend. This step should always be handled on the backend.*
+
+<br>
+
 <details>
 <summary><h3>HTTP POST Request from Backend to Google</h3></summary>