jargons.dev icon indicating copy to clipboard operation
jargons.dev copied to clipboard

Published 20 hours ago verified publisher icon jargonsdev

Auth Feature - Fourth Iteration

Open babblebey opened this issue 10 months ago • 0 comments

The third iteration of the auth feature should focus on enhancing the OAuth flow and adding a signout/disconnect feature.

This is a follow up to the initial iterations...

  • First Iteration - https://github.com/babblebey/jargons.dev/pull/8
  • Second Iteration - https://github.com/babblebey/jargons.dev/pull/28
  • OAuth App type refactoring - https://github.com/babblebey/jargons.dev/pull/33

Tasks

  1. Store OAuth Flow State Object in Cookies: Implement the todo that suggests storing the OAuth flow state object to cookies. This stored state should be compared with the state param returned from the GitHub OAuth flow in the github/oauth/callback handler to prevent CSRF attacks.

  2. Implement Signout/Disconnect Feature: Create a helper function that can be exported from the doAuth action to handles signout/disconnect functionality. This function should:

    • Clear the token data saved in the cookie for jargons.dev:token.
    • Redirect the user to the homepage of the web app.

Related Files

  • github/oauth/callback.js
  • lib/actions/do-auth.js

Acceptance Criteria

  • OAuth flow state object is stored in cookies and compared with the state param.
  • Signout/disconnect feature is implemented and accessible through the doAuth action

Additional Notes

  • Nothing much... just ask a question or share ideas, if you've got any 😉

babblebey avatar Apr 04 '24 17:04 babblebey