H
Hono2w ago
igmtink

How to fully set up oauth provider in hono?

I have a Next.js project here for my frontend, and my backend uses Hono, Drizzle ORM, and Neon database. I've already finished setting up my session database authentication. Now, I want to set up Google login using the third-party middleware provided in the Hono documentation for the OAuth provider. Here's my setup: after logging in with Google, I want it to create a user in my Neon database so that I can also handle the user's session in the database. The problem I'm facing is that OAuth has its own session, which is the 'state'—it seems like an access token that lasts for 1 hour. I'm not sure how to apply it to my session database management. Here's my flow for login and create a session of the authentication: 
.post('/login', zValidator('json', loginSchema), async c => {
    const { username, password } = c.req.valid('json')

    const user = await getUserByUsernameOrEmail(username)

    if (!user) {
      return c.json(
        {
          error: 'Invalid username or password'
        },
        404
      )
    }

    const passwordMatch = await bcrypt.compare(password, user.password)

    if (!passwordMatch) {
      return c.json(
        {
          error: 'Invalid username or password'
        },
        404
      )
    }

    if (!user.emailVerified) {
      const emailVerificationToken = await generateEmailVerificationToken(
        user.email
      )

      await sendEmailVerification({
        email: emailVerificationToken.email,
        token: emailVerificationToken.token
      })

      return c.json(
        {
          success: 'A confirmation email has been sent.'
        },
        201
      )
    }

    const session = await createSession(user.id)

    setCookie(c, SESSION_COOKIE!, session, {
      path: '/',
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'strict',
      maxAge: 5 * 60
    })

    return c.json(
      {
        success: 'Logged in successfully'
      },
      200
    )
  })
.post('/login', zValidator('json', loginSchema), async c => {
    const { username, password } = c.req.valid('json')

    const user = await getUserByUsernameOrEmail(username)

    if (!user) {
      return c.json(
        {
          error: 'Invalid username or password'
        },
        404
      )
    }

    const passwordMatch = await bcrypt.compare(password, user.password)

    if (!passwordMatch) {
      return c.json(
        {
          error: 'Invalid username or password'
        },
        404
      )
    }

    if (!user.emailVerified) {
      const emailVerificationToken = await generateEmailVerificationToken(
        user.email
      )

      await sendEmailVerification({
        email: emailVerificationToken.email,
        token: emailVerificationToken.token
      })

      return c.json(
        {
          success: 'A confirmation email has been sent.'
        },
        201
      )
    }

    const session = await createSession(user.id)

    setCookie(c, SESSION_COOKIE!, session, {
      path: '/',
      httpOnly: true,
      secure: process.env.NODE_ENV === 'production',
      sameSite: 'strict',
      maxAge: 5 * 60
    })

    return c.json(
      {
        success: 'Logged in successfully'
      },
      200
    )
  })
No description
0 Replies
No replies yetBe the first to reply to this messageJoin
Want results from more Discord servers?
Add your server