raimohanska / ourboard

An online whiteboard
Other
763 stars 58 forks source link

Authentication #139

Closed raimohanska closed 3 years ago

raimohanska commented 3 years ago

There's currently a sort of Google authentication in place. Todo

[ ] Server should respond with success/failure and require a re-login in case of expired/invalid token

Here's how it looks on the server when the token is expired:

Google token validation failed Error: Token used too late, 1613900357.077 > 1613854352: {"iss":"accounts.google.com","azp":"571041917700-t0rlvuaurivliii27kf4cp2f2g4lr3b9.apps.googleusercontent.com","aud":"571041917700-t0rlvuaurivliii27kf4cp2f2g4lr3b9.apps.googleusercontent.com","sub":"116920735056341538420","hd":"reaktor.fi","email":"jpaanane@reaktor.fi","email_verified":true,"at_hash":"OuIdmAKFobK2QYHGNLunnA","name":"Juha Paananen","picture":"https://lh3.googleusercontent.com/a-/AOh14GhekAr5si0KuYma9qVr5deQFXQl7BikDRJpe0Zs=s96-c","given_name":"Juha","family_name":"Paananen","locale":"en","iat":1613850452,"exp":1613854052,"jti":"00b87b2073b5c94f800b5ddfc09ae4f778b7b56f"}
    at OAuth2Client.verifySignedJwtWithCertsAsync (/Users/jpaanane/reaktor/r-board/node_modules/google-auth-library/build/src/auth/oauth2clie
raimohanska commented 3 years ago

Implemented token refresh