วีดีโอ

Popup never comes unless i use useGoogleLogin

Alligator Brackets

Will this series ever be finished?

I have a problem, in the backend once I get the access token how do I return it to the front (since the request to the back is made by "google" so that the back exchanges the code for the tokens, I have no way to "send" the access token to the front before doing the redirection with: res. redirect (303, "localhost:5173/");) so that later the front in each request that it makes to the back includes the access token that the back previously set

I have a problem, in the backend once I get the access token how do I return it to the front (since the request to the back is made by "google" so that the back exchanges the code for the tokens, I have no way to "send" the access token to the front before doing the redirection with: res. redirect (303, "localhost:5173/");) so that later the front in each request that it makes to the back includes the access token that the back previously set

More svelte thx

I like your video. It was informative to see how you implemented the solution. Have you considered implementing this without JavaScript? I found that using the svelte fail function from the server actions basically allows me to redirect form data back to a form from the server with additional data. For example, the form starts with one team, but when the user clicks to add a team, the form is submitted with a query of team count +1. The server sees the team count, then returns fail(409, …formData, team count: 2)… on the form, you just have an each block for teams to loop over the number of team forms. It basically adds the additional team for, and will gracefully fail if JS is not enabled. You just include use:enhance on the form. I have found it to be a good way to maintain server-side validations and form responsiveness on multipart forms. On item id’s, just use the each index to differentiate input groups.

The video was very helpful. I have noticed that you used express but seems like you have used a boilerplate that already had cors and other staff setup for you already, if soo can you please the name of it soo that i also look into it?

How can Google access the 'localhost' domain on your computer?

That was a good video, thanks!

It was a great tutorial thanks

cool vid, but slugs are molluscs

Wow so easy. Thanks

Thanks man! You gave me hope for tomorrow, to fix OAuth2 flow in my project :)

why wouldn't we need the csrf verification when we go the js callback route that give us the credentials? How is the csrf taken care of then?

I have a WARM "WARN DNS checks failed" :(

Hi! Just in case you read this, can you help me? I added a catch (error) to the +page.server.ts of the login page, and whenever I try logging in, I get that error message. Not really sure what's going wrong. Link to repo: github.com/jay-marvel/website

its actually not clean coded in my opinion

Update : In getUserData function in the url add "=" after access_token Eg: /userinfo?access_token=${access_token} Don't know if anyone else faceed this problem, but in my case i required this modification.

Thank you so much

why is it borderline impossible to send the token in a cookie to the frontend? im so close to breaking my laptop rn

Does this apply to sveltekit 5, and as well. How do you save it and maintain the same operation after "build" especially when its on a server like vercel.

Sveltekit should run in a protected environment with ssl and the connection with pocketbase also with ssl, pocketbase already does the job for hashing the password. So this is adding unnecessary complexity. Nowadays you can’t run websites without ssl 🤷🏻‍♂️

How can i fetch users data after they have logged in, in my react app?

great video, but how i can send a json response with the user on front end if i'm redirecting in oauth get route?

The reloads all 200 records each time a single record is added..

Can you please comment on the security of this approach. Is this setup not vulnerable for CSFR?

i watched the previous oauth google + sveltekit tutorial and now this one. thanks, but you kind of skipped over where you got the JWT key and installing jsonwebtoken.

Email verification is incomplete without FilterBounce. Their API for contact form verification is a lifesaver. Trust me, you would not be disappointed with the accuracy!

I was blown away by the accuracy of FilterBounce compared to other email verification tools. My email marketing efforts have been elevated since using FilterBounce. Try it out now!

Stop wasting leads with unreliable email verification tools. FilterBounce is the real deal - accurate, affordable, and easy to use. Give it a try and see the difference!

I used to struggle with inaccurate email verification tools until I discovered FilterBounce. Now my bounce rate is under 1% and my email reputation is pristine. cannot recommend it enough!

Started with FilterBounce is free plan and was amazed by the accuracy and efficiency. Now I use their API for all my contact form verifications. FilterBounce is truly a cut above the rest!

What about github oauth ? Can you make a video about that one ?

Hey I have implemented google auth using passportjs. Now, locally it's working fine, but after I deployed it to vercel, then ven though consent screen is shown, I am not getting back the cookie, and therefore use is not getting authenticated. Please tell me what could I be doing wrong. I am stuck on this for more than two days.

I prefer svelte-routing. SvelteKit doesn't make sense

What cookie library did you use? I tried with cookie-parser but they were never sent to my client side :( I don't know why

I can totally agree, google's documentation is the worst!

i got those info , but since im in a redirect url , how am i suppose to set cookie inside browser , i got stuck there , i cannot send those info or token in front , i saved it in data base , but again i don't have a unique identifier to find that user , i just stuck with those info in redirect url , two days and i haven't find a solution ,

Not Svelte! Is Sveltkit !

Camelcase for variables, lowercase for form values, but that's just me. Almost a year old and this is still the best SvelteKit JWT tut on youtube, along with the Authentication video. Just stopping by for a refresher. Thanks!

Thank you for the insightful video. I have a query regarding the implementation of complete authentication, this is for both sign-in and sign-up functionalities. What steps should I take after this? Should I opt for JWT implementation, utilize sessions, or consider other options?

why when i logout and login again and it get 500 error code? tysm

Thanks for the video. Once the authentication is successful, google redirects the flow back to the application with the 'signin-google' route.But im getting 500 Internal Server error and the request fails every time.

hey i did the google login just like you explained and i am getting the most part except for the users actual data in the final reaponse in the oauth.js file do you have any idea about why that is happening this is the data object i recieved to my /oauth route data: { error: 'invalid_request', error_description: 'Invalid Credentials' } if anyone knows the solution please help

Love this! Awesome tutorial and easy for dummies like me. :) The only thing I wanted to point out is, that I do not believe/I am unsure if the video explains how to redirect the user back to the original page after the completion of oauth. I got stuck in a "forever loop" after the ouath until I added res.redirect(303, 'localhost:5173/'); at the end of the oauth/ end point. I managed to find the solution by looking at the source code you provided. If it's missing from the video, are you able to add a note? Or am I just blind? Otherwise, thank you!!!!!!!!!1

It works on localhost, but fails in live site, i have added live site link also live site backend route to credentials, i am getting invalid_grant error when i try from live site after the user selects the account

how to do it with cropping image and send the crop image to form action? :)

if you store it in cookie then you need csrf token to prevent unwanted request, am i right ?

Would the “/“ path be protected under this user login or would one have to use a page.server.ts or a hooks.server.ts to check if the user is 1. Not using a stale session or 2. Directly trying to access the url by manually typing it