OAuth Tech Design - liuninglin/pandama-ext GitHub Wiki

What is OAuth?

OAuth stands for Open Authentication, it is a way to allow users to login with their social accounts.

Implementation

I followed the documentation about OAuth of Google, Reddit, and GitHub.

• Google: https://developers.google.com/identity/protocols/oauth2
• Reddit: https://github.com/reddit-archive/reddit/wiki/OAuth2
• GitHub: https://docs.github.com/en/developers/apps/building-oauth-apps/authorizing-oauth-apps

Time Sequence Diagram

All the three identity providers have the same data flow:

1. When user clicks "Login with Google", the browser will send a request to the server indicating that the user wants to login with Google.
2. The server then send request to Google with client id of our webiste and some other information.
3. Google will then redirect the user to their own login page. This is where the user can login their Google account.
4. After successful login, Google will send callback request along with the user's information.
5. We will use this information to check if the customer already exists in our database.
   1. If no, then the user is a new user, we will create a customer object and store this customer in our database. Then login the user.
   2. If yes, then the user must have logged in before, we will retrieve the customer information and login the user.