From 55ab14313ba03720a65dd3acb0085609ee83563d Mon Sep 17 00:00:00 2001
From: Ste Vaidis <ste.vaidis@gmail.com>
Date: Wed, 8 Jan 2025 09:44:02 +0200
Subject: [PATCH] Update OAuth2-Backend-Approach.md

---
 OAuth2-Backend-Approach.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/OAuth2-Backend-Approach.md b/OAuth2-Backend-Approach.md
index 164366a..3e08c36 100644
--- a/OAuth2-Backend-Approach.md
+++ b/OAuth2-Backend-Approach.md
@@ -141,10 +141,15 @@ Set-Cookie: access_token=ya29.a0AfH6SMC8Op6zkVX-VoA; HttpOnly; Secure; Max-Age=3
 ```js
 app.get('/callback', async (req, res) => {
   try {
+
+    //
     // 1. Get the authorization code from Google's redirect
+    //
     const { code } = req.query;
     
+    //
     // 2. POST the authorization code to Google
+    //
     const tokenResponse = await fetch('https://oauth2.googleapis.com/token', {
       method: 'POST',
       headers: {
@@ -159,10 +164,14 @@ app.get('/callback', async (req, res) => {
       }),
     });
     
+    //
     // 3. Get Response tokens from Google
+    //
     const { access_token, refresh_token } = await tokenResponse.json();
     
+    //
     // 4. Redirect to Fronend success page with a cookie contains the access token
+    //
     res.cookie('access', access_token, {
       httpOnly: true,              // Cannot be accessed by client-side JavaScript
       secure: true,                // Only sent over HTTPS