- I'm done setting up the server by following steps given here.
- OAuth does work with google but only for web-client
- On iOS client, I've followed steps to integrate google sign-in by following steps given here
Let's say there is a get route localhost:8080/api/v1/movies should be accessed by users who are logged in, how do I achieve that?
- User has already logged in, on iOS client.
- How do I pass iOS client's google authorisation information to server?
I believe that once your client has completed sign-in, you will have a
GIDGoogleUserthat provides access to an ID token (JWT) that you can supply to your server. Your server can then validate the token (that it was issued by Google) and extract the user's identity.See: https://developers.google.com/identity/sign-in/ios/backend-auth
You may be able to use the Kitura-CredentialsJWT middleware to decode the token. Note that as of writing, the plugin only supports Codable routes, but there is an open pull request that adds support for 'raw' routing (using the Kitura-Credentials plugin mechanism).
Update: Kitura-CredentialsJWT support has now been released in tag
1.0.0.