simplyjuanc
commented
7 months ago -
[ ] From initial login, retrieve userId. How does this work with JWT tokens?
-
[ ] Pass UserId to methods and route as argument.
-
[ ] Add UserID to search params or similar
-
[ ] In the Discogs login view (or before), try to retrieve discogs tokens
-
[ ] If success, then skip login and jump in.
-
[ ] Add auth middleware, so that it checks for a session id on every logged screen.
-
[ ] If not logged in, then return to login screen.
-
[ ] Add auth middleware to discogs methods,
-
[ ] If not logged in, force reoauth workflow.
A successful request will return a response that contains an OAuth access token (oauth_token) and an OAuth access token secret (
oauth_token_secret). These tokens do not expire (unless the user revokes access from your app), so you should store these tokens in a database or persistent storage to make future requests signed with OAuth. All requests that require OAuth will require these two tokens to be sent in the request.