Skip to content

Commit

Permalink
Edit understanding login flow to be more readable
Browse files Browse the repository at this point in the history 
- Edit steps 2 and 4 to make it more readable. The previous one is quite confusing when I read it.
- Edit assumption `Let's say...` to be more readable
- Change github to GitHub for consistency

Signed-off-by: Rud Wangrungarun <rudwna@gmail.com>
  • Loading branch information
@rudwna
rudwna committed Sep 12, 2020
1 parent 66bffcb commit c66d10f
Showing 1 changed file with 4 additions and 5 deletions.
9 changes: 4 additions & 5 deletions docs/v3.x/plugins/users-permissions.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,13 +160,12 @@ For better understanding, you may find as follows the description of the login f

#### Understanding the login flow

Let's say that strapi's backend is located at: strapi.website.com.
Let's say that your app frontend is located at: website.com.
Let's say that strapi's backend is located at: strapi.website.com and your app frontend is located at: website.com.

1. The user goes on your frontend app (`https://website.com`) and click on your button `connect with Github`.
2. The frontend redirect the tab to `https://strapi.website.com/connect/github` that calls the backend.
3. The backend redirects the tab to the github login page where the user logs in.
4. Once done, Github redirects the tab to `https://strapi.website.com/connect/github/callback?code=abcdef` that calls the backend
2. The frontend redirect the tab to the backend URL: `https://strapi.website.com/connect/github`.
3. The backend redirects the tab to the GitHub login page where the user logs in.
4. Once done, Github redirects the tab to the backend URL:`https://strapi.website.com/connect/github/callback?code=abcdef`.
5. The backend uses the given `code` to get from Github an `access_token` that can be used for a period of time to make authorized requests to Github to get the user info (the email of the user of example).
6. Then, the backend redirects the tab to the url of your choice with the param `access_token` (example: `http://website.com/connect/github/redirect?access_token=eyfvg`)
7. The frontend (`http://website.com/connect/github/redirect`) calls the backend with `https://strapi.website.com/auth/github/callback?access_token=eyfvg` that returns the strapi user profile with its `jwt`. <br> (Under the hood, the backend asks Github for the user's profile and a match is done on Github user's email address and Strapi user's email address)
Expand Down

0 comments on commit c66d10f

Please sign in to comment.