How does the Front End part work with OAuth 2.0?

0

I've done all the necessary part of the back end to use OAuth and api already returns the access_token and refresh_token, my question is, what do I need to do on the front end (if possible with examples).

Any requests first will have to verify that the token has not expired, if so, to generate a new token?

    
asked by anonymous 19.01.2018 / 11:23

1 answer

0

Depending on the way you use it, you do not need to authenticate every time it expires. 2 months ago I implemented the Gmail API (Gsuite) on my site. After the authentication process I was generated a file that saves the information so I do not have to renew it.

If you are going to use multiple access accounts, I believe you need to store one file for each user. In my case I only use one, which is my "bussines" account in Gmail.

I had the same question and I sent a ticket to Google, it follows the answer (it can be applied in your case because Oauth):

  

The Gmail access token has a validity of 3600 seconds, or an hour, and should be updated every time the token expires. So that the user does not have to be authenticating the application every hour, you can implement what is called Server-side Authorization that uses the saved information of the user to renew the access token and thus does not interrupt the application's functionality.

    
19.01.2018 / 12:23