-
Notifications
You must be signed in to change notification settings - Fork 260
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What is grant? Why would I use it? #202
Comments
Sure, the gist of it is that generally it's a bad practice to handle your user's email and password yourself, meaning having a form on your own website and storing that in your own database. For that reason people invented OAuth, which is framework to delegate the actual login (the web form) to a third-party provider, lets say Google or Facebook. There are different ways to achieve that using OAuth, but the most secure one involves you having a server and doing some of the OAuth requests to the authorization server (Google, Facebook) on the backend. This module, Grant, helps you with that. And so if you have a server using any of the most popular HTTP frameworks for Node or a lambda on the cloud you can get social login to all of those providers with a little bit of JSON configuration. No code is required to use this module other than instantiating it and plugging it in your environment of choice. That being said, Grant helps you with just that, getting the access token in response of the user logging in. What happens next is up to you and your implementation. You can also check out my articles about it: |
Thank you, that's really helpful! This is definitely the kind of information I was looking for, and the bonus articles help even more. Fantastic! |
I was having exactly the same issue. I can see grant being useful, but I wasn't sure how it fits into a big picture. I think having that description and links in the README would solve this problem. Thanks for the package. Looks great! :) |
Agree with @moltar looks like a super userful package. The readme should be more descriptive. Maybe also link to a small video describing what is OAuth. I really liked this explaination. https://www.youtube.com/watch?v=SXDce0e3Ue4 |
Heyo! Someone linked me to your project, and it looks great. I'll admit, though, that I have no idea what an oauth proxy is or why I would use it. I had hoped the README would shed some light on this, but it seems like it dives right into the technicals. Any chance someone could write out a little blurb in the readme? I think it would help future users who stumble across the project as well.
The text was updated successfully, but these errors were encountered: