Skip to content

feat: implement OAuth2 Google and Apple authentication (#142)#227

Merged
llinsss merged 2 commits intoDogStark:mainfrom
spiffamani:feat/oauth2-google-apple
Mar 26, 2026
Merged

feat: implement OAuth2 Google and Apple authentication (#142)#227
llinsss merged 2 commits intoDogStark:mainfrom
spiffamani:feat/oauth2-google-apple

Conversation

@spiffamani
Copy link
Copy Markdown

@spiffamani spiffamani commented Mar 26, 2026

Closes #142

Summary

Implemented OAuth2 authentication flows for Google and Apple Sign In with user profile mapping and account linking.

New Files

backend/src/auth/entities/oauth-user.entity.ts

  • New entity to store OAuth provider links per user
  • Supports google and apple providers via enum
  • Stores provider user ID, access token, and refresh token

backend/src/auth/dto/oauth.dto.ts

  • GoogleOAuthDto — validates Google OAuth profile data
  • AppleOAuthDto — validates Apple Sign In profile data
  • OAuthCallbackDto — validates OAuth callback code and state

backend/src/auth/services/oauth.service.ts

  • Handles user profile mapping on first OAuth login
  • Automatically creates new user account if email not found
  • Links OAuth account to existing user if email already exists
  • Generates JWT access and refresh tokens on successful OAuth login

backend/src/auth/strategies/google.strategy.ts

  • Passport Google OAuth2 strategy using passport-google-oauth20
  • Scopes: email, profile
  • Reads credentials from environment variables

backend/src/auth/strategies/apple.strategy.ts

  • Passport Apple Sign In strategy using passport-apple
  • Validates Apple ID token and maps profile data
  • Reads credentials from environment variables

Updated Files

backend/src/auth/auth.module.ts

  • Registered GoogleStrategy, AppleStrategy, OAuthService
  • Added OAuthUser entity to TypeORM feature list

backend/src/auth/auth.controller.ts

  • Added GET /auth/google — initiates Google OAuth2 flow
  • Added GET /auth/google/callback — handles Google callback
  • Added GET /auth/apple — initiates Apple Sign In flow
  • Added POST /auth/apple/callback — handles Apple callback

Environment Variables Required

GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
GOOGLE_CALLBACK_URL=http://localhost:3000/auth/google/callback
APPLE_CLIENT_ID=
APPLE_TEAM_ID=
APPLE_KEY_ID=
APPLE_PRIVATE_KEY=
APPLE_CALLBACK_URL=http://localhost:3000/auth/apple/callback

@drips-wave
Copy link
Copy Markdown

drips-wave bot commented Mar 26, 2026

@spiffamani Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@llinsss llinsss merged commit 71bc3e7 into DogStark:main Mar 26, 2026
1 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Auth] OAuth2 Integration (Google & Apple)

2 participants

@spiffamani @llinsss