grant icon indicating copy to clipboard operation
grant copied to clipboard

Published 20 hours ago verified publisher icon simov

What is grant? Why would I use it?

Open seiyria opened this issue 3 years ago • 4 comments

Heyo! Someone linked me to your project, and it looks great. I'll admit, though, that I have no idea what an oauth proxy is or why I would use it. I had hoped the README would shed some light on this, but it seems like it dives right into the technicals. Any chance someone could write out a little blurb in the readme? I think it would help future users who stumble across the project as well.

seiyria avatar Nov 06 '20 14:11 seiyria

Sure, the gist of it is that generally it's a bad practice to handle your user's email and password yourself, meaning having a form on your own website and storing that in your own database. For that reason people invented OAuth, which is framework to delegate the actual login (the web form) to a third-party provider, lets say Google or Facebook.

There are different ways to achieve that using OAuth, but the most secure one involves you having a server and doing some of the OAuth requests to the authorization server (Google, Facebook) on the backend. This module, Grant, helps you with that. And so if you have a server using any of the most popular HTTP frameworks for Node or a lambda on the cloud you can get social login to all of those providers with a little bit of JSON configuration. No code is required to use this module other than instantiating it and plugging it in your environment of choice.

That being said, Grant helps you with just that, getting the access token in response of the user logging in. What happens next is up to you and your implementation.

You can also check out my articles about it:

  • https://dev.to/simov/oauth-simplified-2pbd
  • https://dev.to/simov/oauth-like-a-boss-2m3b
  • https://dev.to/simov/serverless-oauth-proxy-1h84

simov avatar Nov 06 '20 15:11 simov

Thank you, that's really helpful! This is definitely the kind of information I was looking for, and the bonus articles help even more. Fantastic!

seiyria avatar Nov 06 '20 15:11 seiyria

I was having exactly the same issue. I can see grant being useful, but I wasn't sure how it fits into a big picture.

I think having that description and links in the README would solve this problem.

Thanks for the package. Looks great! :)

moltar avatar Feb 11 '21 05:02 moltar

Agree with @moltar looks like a super userful package. The readme should be more descriptive.

Maybe also link to a small video describing what is OAuth. I really liked this explaination. https://www.youtube.com/watch?v=SXDce0e3Ue4

hargup avatar May 24 '21 05:05 hargup