I have a FastAPI application where I have google-auth (oauth2) implemented. Based on google auth, I'm creating my custom jwt token to access the endpoints.
My frontend lies on another server (vue app). From frontend side, I'm authenticating user by redirecting him to backend endpoint.
<v-list-item
v-if="!profileStore.is_authenticated"
prepend-icon="mdi-login-variant"
title="Log In"
value="login"
href="http://localhost:8000/login"
>
@app.get("/login")
async def login(request: Request):
redirect_uri = request.url_for("auth")
return await oauth.google.authorize_redirect(request, redirect_uri)
This endpoint pops up google window to provide email.
Then callback looks like this:
@app.get("/auth")
async def auth(
request: Request, users_repo: UsersRepository = Depends(SQLUsersRepository)
):
try:
access_token = await oauth.google.authorize_access_token(request)
except OAuthError as e:
raise CREDENTIALS_EXCEPTION
_data = access_token["userinfo"]
if get_or_create_user(data=_data, users_repo=users_repo):
_token = create_token(_data["email"])
return RedirectResponse(
url=f"http://localhost:5173/auth?token={_token}")
raise CREDENTIALS_EXCEPTION
It creates custom jwt and then redirects back to frontend server. As you can see, currently I'm passing jwt as url query to my callback view (I'm having the store logic there but it's not relevant in this question).
My jwt has encoded expiration time included but still I believe it's not elegant way to pass auth token this way, but this is the only working solution I have come up with.
I would prefer to pass it as a cookie or header, but I'm not calling any endpoint from frontend side, but redirecting straight to it from backend side so basically I do reverse operation.
Is it possible to read cookies/headers from frontend side, based on redirection in such a manner? I'd appreciate any hint.
