How does the Front-end part work with Oauth 2.0?

Asked

Viewed 225 times

0

I did all the necessary part of the back-end to use Oauth and the api already returns the access_token and refresh_token, my question is, what is necessary to do in front-end (if possible with examples).

Every request first I will have to check if the token has not expired, if yes, generate a new token?

1 answer

0


Depending on the way you use it is not necessary to stay authenticating every time it expires. 2 months ago I implemented the Gmail API(Gsuite) on my website. After the authentication process I was generated a file that saves the information so I don’t have to renew it.

In case you will use several access accounts, I believe it is necessary to store a file for each user. In my case I only use a ,which is my Gmail "bussines" account.

I had that same doubt and sent a ticket to Google, follow the answer(it can be applied in your case because Oauth):

The Gmail access token has a validity of 3600 seconds, or an hour, and should be updated every time the token expires. In order for the user not to have to authenticate the application every hour, you can implement what is called the Server-side Authorization that uses the user’s saved information to renew the access token and thus does not interrupt the functionality of the application.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.