Update OAuth2-Front-Approach.md

OAuth2-Front-Approach.md

@@ -7,12 +7,13 @@ A way for the `user` to tell `google` to give an access token to `xorismesiti.gr
 ### OAuth2 Frontend/Backend Flow:
 
 1. Frontend **Redirect** the user to Google's OAuth authorization endpoint `accounts.google.com/o/oauth2`
-2. Google **Redirect** the user back to `xorismesiti.gr/callback` including the authorization `code`
+2. User **Login in** to Google and grant permissions
-3. Frontend **Send** the authorization `code` to the Backend
+3. Google **Redirect** the user back to `xorismesiti.gr/callback` including the authorization `code`
-4. Backend **Exchange** the authorization `code` for an `access_token` and `refresh token`
+4. Frontend **Send** the authorization `code` to the Backend
-5. Backend **Send** `access_token` and `refresh token` to Frontend
+5. Backend **Exchange** the authorization `code` for an `access_token` and `refresh token`
-6. Frontend **Store** `access_token` and `refresh token` to secure cookie
+6. Backend **Send** `access_token` and `refresh token` to Frontend
-7. Frontend **Use** `access_token` to get user data from Google
+7. Frontend **Store** `access_token` and `refresh token` to secure cookie
+8. Frontend **Use** `access_token` to get user data from Google
 
 <br><br><br>
 
@@ -312,9 +313,7 @@ res.cookie('access_token', accessToken, {
 
 <br>
 
-1. The frontend receives the tokens from the Backend response
+Make authenticated requests directly to Google API using the token stored in a secure cookie
-2. Store them in a secure cookie
-3. Make authenticated requests directly to Google API
 
 <br>