Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google Oauth Integration #864

Open
22 tasks
jpaulet opened this issue Dec 9, 2024 · 0 comments
Open
22 tasks

Google Oauth Integration #864

jpaulet opened this issue Dec 9, 2024 · 0 comments
Assignees
@elboletaire @emmdim @lucasmenendez

Comments

@jpaulet
Copy link
Member

jpaulet commented Dec 9, 2024
edited
Loading

The voting SaaS platform should allow users to sign in and sign up using their Google accounts. When a user clicks the "Sign in with Google" button, the frontend will trigger the Google OAuth flow. Upon successful authentication, the system will process the user's email address.

If the user is new and does not already exist in the system, the backend will:
- Generate an ephemeral wallet associated with the user.
- Create a new account using the new wallet to sign a message and store it to the database
- The new user is created with the email validation status set to "true" and without sending the mail.

If the user already exists, the system will:
- Link the user's Google account to their existing credentials.
- Enable both email/password and Google OAuth login methods for future access.

This feature will streamline the login process, improve user experience, and reduce friction for new user onboarding while maintaining security and compatibility with the existing authentication system.

Tasks

Frontend Development

  • Add a "Sign in with Google" button on the login and sign-up pages.
  • Implement the Google OAuth flow using the appropriate SDK.
  • Ensure the button design aligns with platform styles and adheres to Google’s branding requirements.

OAuth Callback Handling

  • Implement a frontend process to handle Google OAuth callbacks and send the authentication response to the backend.

Backend: New User Creation

  • Implement logic to identify new users.
  • Generate an ephemeral wallet for new users based on their Google email.
  • Create a new user account with email validation set to "true."
  • Store the wallet signature securely in the database.

Backend: Existing User Linking

  • Implement logic to identify existing users based on the email provided by Google.
  • Link the Google OAuth credentials to the existing account.
  • Enable both login methods (email/password and Google OAuth).

Database Updates

  • Update the user schema to include fields for storing Google OAuth credentials and linking them to user accounts.

Error Handling

  • Define error messages and UI responses for OAuth flow issues (e.g., failure, cancellation, backend errors).

Security

  • Ensure all tokens and credentials from Google OAuth are securely handled and stored.
  • Comply with GDPR and other relevant data protection regulations.

Acceptance Criteria

  • The "Sign in with Google" button is functional and triggers the OAuth flow on both login and sign-up pages.
  • New users are created with an ephemeral wallet and have email validation set to "true."
  • Existing users can link their accounts to Google OAuth and log in using either method.
  • Users are informed of any OAuth issues with clear, actionable error messages.
  • Database schema changes are implemented to support OAuth credentials.
  • Security measures ensure that no sensitive data is exposed or mishandled.
  • The feature is tested and verified to work across all supported devices and browsers.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@elboletaire elboletaire

@emmdim emmdim

@lucasmenendez lucasmenendez

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@elboletaire @emmdim @jpaulet @lucasmenendez