22 lines
783 B
Markdown
22 lines
783 B
Markdown
|
|
# 1. Authorization Request (User Initiates Login)
|
|
|
|
A user visits the app `xorismesiti.gr` and clicks on the **Login with Google** button.
|
|
|
|
The app request permission to access certain Google APIs (like the user's email, profile, etc.).
|
|
|
|
```sh
|
|
GET https://accounts.google.com/o/oauth2/v2/auth?
|
|
response_type=code&
|
|
client_id=YOUR_GOOGLE_CLIENT_ID&
|
|
redirect_uri=https://xorismesiti.gr/callback&
|
|
scope=email%20profile&
|
|
state=xyz123
|
|
```
|
|
|
|
- `response_type=code`: This indicates you're using the "authorization code" flow.
|
|
- `client_id`: Your Google API client ID.
|
|
- `redirect_uri`: The URI Google will redirect to after the user consents.
|
|
- `scope`: The permissions you're requesting (e.g., email, profile).
|
|
- `state`: A random string to protect against CSRF attacks.
|