DEV Community

Discussion on: Oauth2 with Google in Go

Collapse
 
douglasmakey profile image
Douglas Makey Mendez Molero

You can use JWT for protected your endpoints, in the function oauthGoogleCallback when the login is succeeded you can create the user in your DB and generate the token and return to the user.

JWT: github.com/dgrijalva/jwt-go

Collapse
 
egor58461029 profile image
Egor Yudin

So it's okay to get tokens from 3rd party, read user's email from them, add user to database, generate my own tokens, with payload I need, and send them to the client? I thought that it's necessary to send 3rd party's tokens to the client, because they have their own expiration time.