search

iamdanfox / ghupdate

Update GitHub pages with wysiwyg and no git commands
https://iamdanfox.github.io/ghupdate
5 stars 1 forks source link

Github auth #2

Closed iamdanfox closed 9 years ago

iamdanfox commented 10 years ago

Hopefully this will get round some of the auth problems

iamdanfox commented 10 years ago

https://github.com/settings/applications/new

iamdanfox commented 9 years ago

Should work with pure-web: https://developer.github.com/v3/oauth/#web-application-flow

  1. Redirect users to request GitHub access (scopes etc)
  2. GitHub redirects back to your site (with a temporary code parameter) - this can be exchanged for an Access Token (this is actually useful)
iamdanfox commented 9 years ago

Actually scratch that - the client_secret shouldn't be exposed to the world ... maybe hide inside a little heroku node app?

iamdanfox commented 9 years ago

https://ghupdate.herokuapp.com/ is in place, published from the heroku branch

Now just need to implement 'Step 1' on the frontend.

iamdanfox commented 9 years ago

Think there may be an origin problem (initial redirect comes from a different location to the access_token request)

iamdanfox commented 9 years ago

BOOM it works. access_token successfully acquired on the frontend. Turns out qwest wasn't passing the argument correctly.

iamdanfox commented 9 years ago

Re-implement this in the reflux world.