This commit fixes a number of authentication issues:
1) Fix intermittent ouath falures on signin
passport-ouath has a dependency on node-oauth which does not handle connections to Google's
endpoint gracefully. This commit updates the package-lock.json to override this dependency's
version.
2) Fix failing access token refresh
Changed the server implementation to provide 401 responses when the access token expires and
changes the client's auth interceptor to handle the refresh/retry request chain properly.
3) Fix broken user lookup
The user model stored user IDs as number. However, Google profile IDs are larger than the
number range and profile IDs were truncated. Changed the user model to have ID as strings.
This commit also centralizes all Google-specific authn/authz implementation into two places,
one for the server (auth/google-auth.ts) and one for the client (app/services/auth-service.ts).
This will make it easier to find auth-related implementation in the future.
This commit fixes a number of authentication issues:
1) Fix intermittent ouath falures on signin passport-ouath has a dependency on node-oauth which does not handle connections to Google's endpoint gracefully. This commit updates the package-lock.json to override this dependency's version.
2) Fix failing access token refresh Changed the server implementation to provide 401 responses when the access token expires and changes the client's auth interceptor to handle the refresh/retry request chain properly.
3) Fix broken user lookup The user model stored user IDs as number. However, Google profile IDs are larger than the number range and profile IDs were truncated. Changed the user model to have ID as strings.
This commit also centralizes all Google-specific authn/authz implementation into two places, one for the server (auth/google-auth.ts) and one for the client (app/services/auth-service.ts). This will make it easier to find auth-related implementation in the future.