Update OAuth2-Backend-Approach.md

2025-01-07 13:41:04 +02:00 · 2025-01-07 13:41:04 +02:00 · e6e6d60ff0
commit e6e6d60ff0
parent 5747b4078a
1 changed files with 5 additions and 7 deletions
--- a/OAuth2-Backend-Approach.md
+++ b/OAuth2-Backend-Approach.md
@ -44,7 +44,7 @@ A way for the `user` to tell `google` to give an access to `xorismesiti.gr` app
 1. Front **GET** to Google `https://accounts.google.com/o/oauth2` with callback url
 2. Google **302** to Back `https://xorismesiti.gr/api/auth/callback` with authorization code

-### Front **GET** to Google
+### 1. Front **GET** to Google

 ```sh
 GET https://accounts.google.com/o/oauth2/v2/auth?
@ -55,7 +55,7 @@ GET https://accounts.google.com/o/oauth2/v2/auth?
    state=xyz123                                           # A random string to protect against CSRF attacks.
 ```

-### Google **302** to Back
+### 2. Google **302** to Back

 ```bash
 HTTP/1.1 302 Found
@ -77,8 +77,6 @@ Content-Length: 0

 ### 1. Back **POST** the `code` to Google

-The Backend **POST** to Google
-
 ```sh
 POST https://oauth2.googleapis.com/token
 Content-Type: application/x-www-form-urlencoded
@ -90,7 +88,8 @@ client_id=ABC34JHS9D&
 client_secret=PASS1234
 ```

-The Google **response**
+### 2. Google **response** to Back
+

 ```json
 {
@ -101,8 +100,7 @@ The Google **response**
  "scope": "email profile"
 }
 ```
-
-The Backend Code 
+### 3. Back **response** to Front

 ```js
 // Backend callback URL: http://localhost:3000/auth/google/callback