svelte-social-auth icon indicating copy to clipboard operation
svelte-social-auth copied to clipboard

Published 20 hours ago verified publisher icon beyonk-group

Upgrade Google Auth

Open dextermb opened this issue 3 years ago • 7 comments
trafficstars

Resolves #25

Upgrades from using gapi.auth2 to google.accounts.id (https://developers.google.com/identity/gsi/web).

Screenshot 2022-07-22 at 16 33 00

This change, however, is breaking as the outputs from the events are different.

  • auth-success now returns an object with user properties:
    • name
    • email
    • picture
  • auth-failure now returns a basic string
  • init-error is no longer used

dextermb avatar Jul 22 '22 15:07 dextermb

Once people are happy with the implementation then I will look at updating the documentation

dextermb avatar Jul 22 '22 15:07 dextermb

Note that we don't validate the jwt signature, so it might be better to get rid of the new dependency and just bade64 decode the unencrypted part of the jwt

https://stackoverflow.com/questions/38552003/how-to-decode-jwt-token-in-javascript-without-using-a-library

antony avatar Jul 23 '22 08:07 antony

Note that we don't validate the jwt signature, so it might be better to get rid of the new dependency and just bade64 decode the unencrypted part of the jwt

https://stackoverflow.com/questions/38552003/how-to-decode-jwt-token-in-javascript-without-using-a-library

Certainly if you're happy with having the suggested browser function in the codebase. I'll update this

dextermb avatar Jul 23 '22 08:07 dextermb

Certainly if you're happy with having the suggested browser function in the codebase. I'll update this

Removed jwt-decode dependency and added the answer-marked implementation from stackoverflow ✅

dextermb avatar Jul 25 '22 09:07 dextermb

lets pnpm link this to the app to try it first before we merge and release.

antony avatar Jul 27 '22 11:07 antony

lets pnpm link this to the app to try it first before we merge and release.

👋🏻 Hey, just getting back to this today. I've done a decent amount of testing and reading through our internal use-cases.

@antony with minor changes to our login screen I've got this working as we would expect. I've exposed the whole token through the auth-success callback.

It's worth noting the GSI does not like running on non-https domains, other than localhost, so this will throw some complications for us and potentially other development workflows.

dextermb avatar Aug 01 '22 15:08 dextermb

I've also noticed that button is now being respected on our login/sign up screens- e.g. not width: 100% by default which is correct. Potentially something else has changed in our platform but to match the same styles as previously seen I updated the styles:

  :global(.social-auth-button button) {
    width: 100%;
    font-family: 'Cabin', sans-serif;
    border-radius: 5px;
  }

But I don't think this is anything to do with this pull request as looking at the code I have not changed anything relating to styles.

dextermb avatar Aug 10 '22 12:08 dextermb

Thanks for the PR! I installed from this commit and importing failed, but copying over the GoogleAuth.svelte file and using it like any other component seems to work

:)

TheOnlyWayUp avatar Oct 07 '22 18:10 TheOnlyWayUp

lets also consider this https://github.com/beyonk-adventures/svelte-social-auth/pull/14 when we merge

antony avatar Oct 17 '22 10:10 antony