Commit
Implement OAuth state management with database fallback and enhance CSRF protection
Commit details
Commit notes
This commit introduces a new OAuthState model to manage temporary state for OAuth flows in the database, providing an alternative to cookie-based state validation. The OAuthHandler is updated to utilize this model, improving CSRF protection and user creation logic. Additionally, the GoogleLoginDB and GoogleCallbackDB methods are added to handle OAuth flows using database storage, ensuring robust state management and error handling during the authentication process. These changes enhance security and user experience in the OAuth workflow.
- Files changed
- 5
- Lines added
- +355
- Lines removed
- −12