From 38078fb48559728fea1fe8e3709918bbacb0796d Mon Sep 17 00:00:00 2001 From: listiclehub1 <114046524+listiclehub1@users.noreply.github.com> Date: Wed, 25 Dec 2024 01:38:50 +0530 Subject: [PATCH 1/2] Added api contract for github auth --- auth/README.md | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) diff --git a/auth/README.md b/auth/README.md index b2cf5c2..7cb063c 100644 --- a/auth/README.md +++ b/auth/README.md @@ -6,6 +6,8 @@ |-------|--------|-------------| | [/auth/google/login](#get-authgooglelogin) | GET | Initiates the Google OAuth authentication | | [/auth/google/callback](#get-authgooglecallback) | GET | Handles the callback from Google after the user authenticates | +| [/auth/github/login](#get-authgithublogin) | GET | Initiates the GitHub OAuth authentication | +| [/auth/github/callback](#get-authgithubcallback) | GET | Handles the callback from GitHub after the user authenticates | ## GET /auth/google/login @@ -64,6 +66,97 @@ Handles the callback from Google after the user authenticates, exchanges the aut ### Response +- **Success Response**: + - **Code**: 302 + - **Content**: Redirects to the specified redirectURL or https://my.realdevsquad.com/new-signup if user details are incomplete. + + ``` + Location: {redirectURL} + ``` + - **Cookie**: A secure JWT authentication token (rds-session) is set as a cookie to maintain the user's session. + ``` + Set-Cookie: rds-session=; Domain={realdevsqual.com}; Expires={expirationTime}; HttpOnly; Secure; SameSite=Lax + ``` + +- **Error Response:** + - **Code:** 401 + - **Content:** + + ```json + { + "statusCode": 401, + "error": "Unauthorized", + "message": "User cannot be authenticated" + } + ``` + - **Code:** 500 + + - **Content:** + + ```json + { + "statusCode": 500, + "error": "Internal Server Error", + "message": "An internal server error occurred" + } + ``` +## GET /auth/github/login + +Initiates the GitHub OAuth authentication process by redirecting the user to GitHub's consent screen. + +- **Params** + None + +- **Query** + - Optional: `redirectURL=[string]` (The URL to redirect the user to after authentication is successful. It should be a valid URL.) + +### Response + +- **Success Response**: + - **Code:** 302 + + - **Content:** Redirects to GitHub's OAuth 2.0 consent screen for user authentication. + + ```text + Location: Location: https://github.com/login/oauth/authorize?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&scope=user:email&state={state} + ``` + +- **Error Response:** + - **Code:** 401 + - **Content:** + + ```json + { + "statusCode": 401, + "error": "Unauthorized", + "message": "User cannot be authenticated" + } + ``` + - **Code:** 500 + + - **Content:** + + ```json + { + "statusCode": 500, + "error": "Internal Server Error", + "message": "An internal server error occurred" + } + ``` + +## GET /auth/github/callback + +Handles the callback from GitHub after the user authenticates, exchanges the authorization code for an access token, and completes the user login process. + +- **Params** + None + +- **Query** + - Required: `code=[string]` (The authorization code returned by GitHub after the user grants consent.) + - Required: `state=[string]` (The state parameter returned by GitHub, used to verify the request’s legitimacy and ensure security.) + +### Response + - **Success Response**: - **Code**: 302 - **Content**: Redirects to the specified redirectURL or https://my.realdevsquad.com/new-signup if user details are incomplete. From dab263f3465ec60d5b13ce7ce6d15227caf47572 Mon Sep 17 00:00:00 2001 From: listiclehub1 <114046524+listiclehub1@users.noreply.github.com> Date: Wed, 25 Dec 2024 01:56:30 +0530 Subject: [PATCH 2/2] Added dev=true to google auth login route --- auth/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/auth/README.md b/auth/README.md index 7cb063c..9ee0716 100644 --- a/auth/README.md +++ b/auth/README.md @@ -17,6 +17,7 @@ Initiates the Google OAuth authentication process by redirecting the user to Goo None - **Query** + - Required: `dev=[boolean]` (Must be set to true for this feature to work.) - Optional: `redirectURL=[string]` (The URL to redirect the user to after authentication is successful. It should be a valid URL.) ### Response