From 870508fce437cacb7de7239d6dbf107fa134f847 Mon Sep 17 00:00:00 2001
From: Ste Vaidis <ste.vaidis@gmail.com>
Date: Sun, 15 Dec 2024 09:41:59 +0200
Subject: [PATCH] Update OAuth2.md

---
 OAuth2.md | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/OAuth2.md b/OAuth2.md
index dd7b5f8..c483632 100644
--- a/OAuth2.md
+++ b/OAuth2.md
@@ -1,7 +1,7 @@
 
 # 1. Authorization Request (User Initiates Login)
 
-A user visits the app `xorismesiti.gr` and clicks on the **Login with Google** button.
+A user clicks on the **Login with Google** button on the the app `xorismesiti.gr`.
 
 The app request permission to access certain Google APIs (like the user's email, profile, etc.).
 
@@ -19,3 +19,11 @@ GET https://accounts.google.com/o/oauth2/v2/auth?
 - `redirect_uri`: The URI Google will redirect to after the user consents.
 - `scope`: The permissions you're requesting (e.g., email, profile).
 - `state`: A random string to protect against CSRF attacks.
+
+# 2. User Login and Consent
+
+-The user is redirected to Google's login page.
+-If they're not already logged in, they will be prompted to enter their Google credentials.
+-After successful login, the user will be shown a consent screen where they can grant or deny permission for your app to access their Google account (e.g., email and profile information).
+
+**User Action**: The user clicks "Allow" to grant access.
\ No newline at end of file