Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Account management with OAuth #60

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Account management with OAuth #60

wants to merge 7 commits into from

Conversation

AlanAnxinChen
Copy link
Contributor

@AlanAnxinChen AlanAnxinChen commented Dec 21, 2024
edited
Loading

Overview

In this PR, I add user account management. It includes a backend script that runs the server handling client requests, as well as a setup script to create the database. I also added a client library that the game can use to fulfill user account requests. The user account management system uses OAuth to authenticate users. It supports persistent login sessions with access and refresh tokens. Account information (e.g. username) can be queried and updated from the client.

Changes Made

We use OAuth for our login. When the user requests to login, the client creates a webserver and opens a webpage to Google OAuth. After the user logs in, the access credentials are send to the client webserver. The client then forwards these credentials to the backend server, which exchanges them for account information. The backend server then creates its own credentials using JWT and gives them to the client. This forms the login session. The client can now makes requests authorized by its JWTs. Refresh tokens are used to limit the lifetime of access tokens.

Relevant user information includes:

  • id
  • name
  • email
  • stars
  • level
  • picture (as textual reference)

Account/client

  • Added oauth.py, which offers account information functionality as a library. Functionality is encapsulated in the OAuthManager class.
  • Offers login and logout methods.
  • Logins are persisted with a file in the app directory.
  • User information can be queried.
  • Username and picture can be updated.
  • User information and tokens can be manually refreshed.
  • Script test.py offers a command line interface for testing the library.

Account/server

  • Server script in backend.py handles account requests
  • Security enforced with JWT access and refresh tokens
  • Username and picture can be updated
  • Gets configurations from files .env and config.yml
  • configuration.py hosts configuration boilerplate
  • .env contains sensitive credentials (should not be exposed)
  • Script setup_db.py sets up the Postgres server for the backend

Test Coverage

Tested by running an instance of the server and running test.py to verify expected behavior.

Next Steps

  • Incorporate updates from games (e.g. update stars after a completed game).
  • Add HTTPS between client and backend

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@AlanAnxinChen