diff --git a/OAuth2-Front-Approach.md b/OAuth2-Front-Approach.md
index 7900726..b401b65 100644
--- a/OAuth2-Front-Approach.md
+++ b/OAuth2-Front-Approach.md
@@ -102,10 +102,12 @@ const loginWithGoogle = () => {
-# 2. Use Authorization Code
+# 2. Exchange Code with Token
### Frontend ⇢ Backend ⇢ Google ⇢ Backend ⇢ Frontend
+#### 2.1 Frontend
+
Now that the frontend has the Authorization `code` on th callback url https://xorismesiti.gr/api/auth/callback`?code=AAAABCX4XfWgyVyziyLg0QHHHHH` it can send it to the backend with POST to `xorismesiti.gr/api/auth/exchange-token`, in order the backend to exchange the `code` for an `access_token` and optionally an `refresh_token`
@@ -122,73 +124,14 @@ Content-Type: application/json
-#### Step 3 takes place here, Backend exchanges the Code with the Tokens
-
-
-Backend HTTP Response to Frontend
-
-```json
-{
- "access_token": "ya29.a0AfH6SMC8Op6zXZkHi2XITkDoOVzYXt3hTY6sny54UlWlxrnKlX5Xv78is7BEHekVX-VoA",
- "token_type": "Bearer",
- "expires_in": 3600,
- "refresh_token": "1//04d5XHqmn6Hdy3wTf5OYDP1SyBa74zEFURjddQ2A1cFw78PY13pQyWhlD2A6XhDQtKlrjAqU4kS3vGdMvckw",
- "scope": "email profile"
-}
-```
-
-
-
-
-Frontend Code
-
-```js
-// On the backend callback URL, the frontend receives the authorization code
-import { useEffect } from 'react';
-import { useRouter } from 'next/router';
-
-const Callback = () => {
- const router = useRouter();
-
- useEffect(() => {
- const { code, state } = router.query;
-
- // Send the authorization code to the backend for token exchange
- fetch('/api/auth/exchange-token', {
- method: 'POST',
- body: JSON.stringify({ code }),
- headers: {
- 'Content-Type': 'application/json',
- },
- })
- .then(response => response.json())
- .then(data => {
- // Handle success (store token, update UI, etc.)
- console.log(data); // Typically, you'll store the access token here or manage the user session.
- router.push('/dashboard'); // Redirect the user to their dashboard or home page.
- })
- .catch(error => {
- console.error('Error exchanging token:', error);
- });
- }, []);
-
- return Loading...
;
-};
-
-export default Callback;
-```
-
-
-
-
+
-# 3. Exchange Code with Token
-### Frontend ⇢ Backend ⇢ Google ⇢ Backend ⇢ Frontend
+#### 2.2 Backend
1. The backend **receives** the authorization `code` form frontend (Frontend POST at `xorismesiti.gr/api/auth/exchange-token`)
2. The backend **POST** Authorization `code` to Google API
@@ -287,12 +230,73 @@ app.listen(3000, () => {
+
+
+Backend HTTP Response to Frontend
+
+```json
+{
+ "access_token": "ya29.a0AfH6SMC8Op6zXZkHi2XITkDoOVzYXt3hTY6sny54UlWlxrnKlX5Xv78is7BEHekVX-VoA",
+ "token_type": "Bearer",
+ "expires_in": 3600,
+ "refresh_token": "1//04d5XHqmn6Hdy3wTf5OYDP1SyBa74zEFURjddQ2A1cFw78PY13pQyWhlD2A6XhDQtKlrjAqU4kS3vGdMvckw",
+ "scope": "email profile"
+}
+```
+
+
+
+
+Frontend Code
+
+```js
+// On the backend callback URL, the frontend receives the authorization code
+import { useEffect } from 'react';
+import { useRouter } from 'next/router';
+
+const Callback = () => {
+ const router = useRouter();
+
+ useEffect(() => {
+ const { code, state } = router.query;
+
+ // Send the authorization code to the backend for token exchange
+ fetch('/api/auth/exchange-token', {
+ method: 'POST',
+ body: JSON.stringify({ code }),
+ headers: {
+ 'Content-Type': 'application/json',
+ },
+ })
+ .then(response => response.json())
+ .then(data => {
+ // Handle success (store token, update UI, etc.)
+ console.log(data); // Typically, you'll store the access token here or manage the user session.
+ router.push('/dashboard'); // Redirect the user to their dashboard or home page.
+ })
+ .catch(error => {
+ console.error('Error exchanging token:', error);
+ });
+ }, []);
+
+ return Loading...
;
+};
+
+export default Callback;
+```
+
+
+
+
+
+#### 2.3 Front
+
+
+
+
+
-
-
-
-
# 4. Use the Token
### Frontend ⇢ Google ⇢ Frontend