Welcome to Code Park

Blog Post #4 – Login

The main goal of this week was for me to get user login to communicate to the back-end. As a team, we agreed that Google Login method would be a good start to this. There are a couple ways to do this, and after a lot of discussion our team came up with three different options to do this. Out of three options, we narrowed it down to two (Option A and Option C). This was a great visual by our team member Ali:

Option A was basically following this method: https://petercoding.com/firebase/2021/05/24/using-google-sign-in-with-firebase-in-flutter/.

  • Request: The person asks for access to a server or protected resource. That could involve a login with a password, or it could involve some other process you specify.
  • Verification: The server determines that the person should have access. That could involve checking the password against the username, or it could involve another process you specify.
  • Tokens: The server communicates with the authentication device, like a ring, key, phone, or similar device. After verification, the server issues a token and passes it to the user.
  • Storage: The token sits within the user’s browser while work continues.

This is the easiest method and would simply be a matter of passing the user’s name, email, and whatever else data points we would be sending to the backend for storage.

Option C is the most difficult to set up for front-end, but back-end had already been pretty much set-up this way. I’ve started to review the youtube videos and text about OAuth, Deep Linking, and redirection from mobile to web browser.

  • https://www.youtube.com/watch?v=t18YB3xDfXI
  • https://www.youtube.com/watch?v=hHRFjbGTEOk
  • https://docs.flutter.dev/development/ui/navigation/deep-linking
  • https://www.oauth.com/oauth2-servers/oauth-native-apps/redirect-urls-for-native-apps/
  • https://www.oauth.com/oauth2-servers/mobile-and-native-apps/
  • https://www.okta.com/identity-101/what-is-token-based-authentication/

Going with option C is requiring some more review and study from me, and tbh I’m a bit nervous because there’s not really a guide on how to codify and implement Option C, whereas Option A has everything written up and ready to implement. I’m also starting to feel uneasy because I haven’t actually written viable code yet and have only been reviewing and studying, and I don’t want this to impact or block any of my team’s work and the timing of our project in any way.

I won’t give up on Option C just yet because we already have back-end somewhat set-up for this, and this is something I do want and need to learn. So I’ll do my best with it but if I feel like I won’t be able to get a PR in a timely manner, at least our team will have Option A.

Print Friendly, PDF & Email

Esther Park

Leave a Reply

Your email address will not be published. Required fields are marked *