I am still a newcomer to both the Vue.js as well as the Flask framework. I have created a simple todo app that consumes JSON endpoints from Flask and uses Vue.js to display the UI.
My app has a TODO, PROJECT and USER model. I have successfully implemented a "normal login" through my own user model. The flow for this one:
- The user fills in username and password.
- POST request to Flask API that saves the user with a hashed password in the database.
- The user can log in through an /auth endpoint and receives a JSON web token in return.
- When the user logs out, the token is destroyed.
Now I want to implement a google sign in along with the existing user model. I could successfully create a call to the google API and have retrieved the user data from google in the vue.js client. But this is where I am stuck.
- What should I save in my database now? I don't have a password for the user, but only a token to identify later when I have sent the data to the Flask server.
- Should I save both Google Auth users and the normal users in the same database table? How can I differentiate between them when I retrieve their information to check if the user exists?
As I am very concerned about building safe applications in the future, I would like to really understand what the best practice in such a situation is.
Thanks for your help!
