Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Google OAuth support #1

Open
hugomd opened this issue Sep 10, 2016 · 0 comments
Open

Google OAuth support #1

hugomd opened this issue Sep 10, 2016 · 0 comments
Labels
enhancement

Comments

@hugomd
Copy link
Contributor

hugomd commented Sep 10, 2016

Reasoning

Currently, a user enters their student ID and Monash Ninja code. This allows them to abuse the system by claiming other codes using other student IDs, and potentially ruining it for everyone else. So, to remedy this, I propose requiring users to login with Google before entering in their student ID and code.

Having users would also let us add other components to the challenge, like an online game for instance, or allow users to be part of a 'special club' for finding a code.

We can perform a look up using their email to find their student ID, although this will have to be done manually. In the meantime, it will be easiest to record student ID and code, and have them login with Google beforehand.

Method

Using the googleapis.

  1. Use One Time Code to request an access token from Google.
  2. Use Access Token to request user profile from Google.
  3. Create or login user given profile information.

Authentication should work as follows:

                                 ┌───┐
                                 │ 1 │
                                 └───┘
    ┌────────────────┐                            ┌────────────────┐
    │                │          Requests          │                │
    │     Client     │ ──────────token───────────▶│     Google     │◀────────────┐
    │                │                            │                │             │
    └────────────────┘                            └────────────────┘             │
             ▲                                             │                     │
             │                                             │                     │
             │                                             │                     │
             │                          ┌───┐  Sends One Time Code (OTC)         │
             │                          │ 2 │    via redirect URI for        Requests ┌───┐
             │                          └───┘    accessing Google User         user   │ 3 │
             │                                          profile              profile  └───┘
             │                                             │                     │
┌───┐   Redirects user to                                  │                     │
│ 4 │   frontend, passing                                  │                     │
└───┘ token in the process                                 ▼                     │
             │                                    ┌────────────────┐             │
             │                                    │                │             │
             └────────────────────────────────────│      API       │─────────────┘
                                                  │                │
                                                  └────────────────┘
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hugomd