fix: update google auth

chertik77 · chertik77 · commit 63288b288acd · 2025-07-24T20:45:34.000+01:00
diff --git a/app/controllers/auth.controller.ts b/app/controllers/auth.controller.ts
@@ -6,10 +6,7 @@ import type {
 } from '@/schemas'
 import type { JwtPayload } from '@/types'
 import type { NextFunction, Request, Response } from 'express'
-import type {
-  TypedRequestBody,
-  TypedRequestQuery
-} from 'zod-express-middleware'
+import type { TypedRequestBody } from 'zod-express-middleware'
 
 import { prisma } from '@/prisma'
 import { hash, verify } from 'argon2'
@@ -95,21 +92,21 @@ class AuthController {
     res.json({ user: userWithoutPassword, ...tokens })
   }
 
-  googleRedirect = async (_: Request, res: Response) => {
+  getGoogleRedirectUrl = async (_: Request, res: Response) => {
     const url = this.googleClient.generateAuthUrl({
       access_type: 'offline',
       scope: ['profile', 'email']
     })
 
-    res.redirect(url)
+    res.json({ redirectUrl: url })
   }
 
   googleCallback = async (
-    req: TypedRequestQuery<typeof GoogleCodeSchema>,
+    req: TypedRequestBody<typeof GoogleCodeSchema>,
     res: Response,
     next: NextFunction
   ) => {
-    const { tokens } = await this.googleClient.getToken(req.query.code)
+    const { tokens } = await this.googleClient.getToken(req.body.code)
 
     if (!tokens.id_token) return next(Forbidden())
 
diff --git a/app/routes/api/auth.ts b/app/routes/api/auth.ts
@@ -26,11 +26,11 @@ authRouter.post(
   authController.signin
 )
 
-authRouter.post('/google/redirect', authController.googleRedirect)
+authRouter.get('/google/initiate', authController.getGoogleRedirectUrl)
 
-authRouter.get(
+authRouter.post(
   '/google/callback',
-  validateRequest({ query: GoogleCodeSchema }),
+  validateRequest({ body: GoogleCodeSchema }),
   authController.googleCallback
 )
 
diff --git a/swagger.json b/swagger.json
@@ -87,41 +87,36 @@
         }
       }
     },
-    "/auth/google/redirect": {
-      "post": {
+    "/auth/google/initiate": {
+      "get": {
         "tags": ["Auth"],
-        "summary": "Redirect to Google for OAuth authentication",
+        "summary": "Get redirect url for Google authentication",
         "responses": {
-          "302": {
-            "headers": {
-              "Location": {
-                "description": "The URL to which the client should be redirected for Google authentication.",
-                "schema": {
-                  "type": "string",
-                  "format": "uri",
-                  "example": "https://accounts.google.com/o/oauth2/v2/auth?access_type=offline&scope=profile%20email&response_type=code&client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URI"
-                }
-              }
-            }
-          }
+          "200": { "$ref": "#/components/responses/GoogleInitiateResponse" }
         }
       }
     },
     "/auth/google/callback": {
-      "get": {
+      "post": {
         "tags": ["Auth"],
         "summary": "Handle Google OAuth callback and sign-in/sign-up",
-        "parameters": [
-          {
-            "name": "code",
-            "in": "query",
-            "required": true,
-            "schema": {
-              "type": "string",
-              "example": "4/0AT5xKif_S_..."
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "required": ["code"],
+                "properties": {
+                  "code": {
+                    "type": "string",
+                    "example": "4/0AT5xKif_S_..."
+                  }
+                }
+              }
             }
           }
-        ],
+        },
         "responses": {
           "200": { "$ref": "#/components/responses/GoogleResponse" },
           "400": { "$ref": "#/components/responses/BadRequestError" },
@@ -1044,6 +1039,22 @@
           }
         }
       },
+      "GoogleInitiateResponse": {
+        "content": {
+          "application/json": {
+            "schema": {
+              "type": "object",
+              "properties": {
+                "redirectUrl": {
+                  "type": "string",
+                  "format": "url",
+                  "example": "https://accounts.google.com/o/oauth2/v2/auth?client_id=YOUR_CLIENT_ID&redirect_uri=YOUR_REDIRECT_URI&response_type=code&scope=email%20profile&access_type=offline"
+                }
+              }
+            }
+          }
+        }
+      },
       "GoogleResponse": {
         "content": {
           "application/json": {

Original file line number	Diff line number	Diff line change
`@@ -26,11 +26,11 @@ authRouter.post(`
`26`	`26`	`authController.signin`
`27`	`27`	`)`
`28`	`28`
`29`		`-authRouter.post('/google/redirect', authController.googleRedirect)`
	`29`	`+authRouter.get('/google/initiate', authController.getGoogleRedirectUrl)`
`30`	`30`
`31`		`-authRouter.get(`
	`31`	`+authRouter.post(`
`32`	`32`	`'/google/callback',`
`33`		`- validateRequest({ query: GoogleCodeSchema }),`
	`33`	`+ validateRequest({ body: GoogleCodeSchema }),`
`34`	`34`	`authController.googleCallback`
`35`	`35`	`)`
`36`	`36`