I am trying to implement the Google OAuth Passport.js strategy, but due to the lack of documentation and examples, I cannot answer some questions.
My application uses media, not cookies, for security and technological reasons.
The only example available on the passport-google-oauth GitHub page does not explain things like:
- How can implementing a migration strategy replace cookies in this scenario?
- How to get Google Token expiration time?
- What should I do with
accessTokenand refreshToken?
I really do not want to use cookies because this will create a second authorization system, which is already a duplicate of the bearer strategy.
This question can be applied to other OAuth passport strategies such as Twitter and Facebook.
source
share