simov
commented
3 years ago Sure, the gist of it is that generally it's a bad practice to handle your user's email and password yourself, meaning having a form on your own website and storing that in your own database. For that reason people invented OAuth, which is framework to delegate the actual login (the web form) to a third-party provider, lets say Google or Facebook.
There are different ways to achieve that using OAuth, but the most secure one involves you having a server and doing some of the OAuth requests to the authorization server (Google, Facebook) on the backend. This module, Grant, helps you with that. And so if you have a server using any of the most popular HTTP frameworks for Node or a lambda on the cloud you can get social login to all of those providers with a little bit of JSON configuration. No code is required to use this module other than instantiating it and plugging it in your environment of choice.
That being said, Grant helps you with just that, getting the access token in response of the user logging in. What happens next is up to you and your implementation.
You can also check out my articles about it:
seiyria
moltar
hargup
Heyo! Someone linked me to your project, and it looks great. I'll admit, though, that I have no idea what an oauth proxy is or why I would use it. I had hoped the README would shed some light on this, but it seems like it dives right into the technicals. Any chance someone could write out a little blurb in the readme? I think it would help future users who stumble across the project as well.