# Google OAuth2 Domain Setup for bsa.madeamess.online ## 🔧 Current Configuration Your VIP Coordinator is now configured for your domain: - **Backend URL**: `https://bsa.madeamess.online:3000` - **Frontend URL**: `https://bsa.madeamess.online:5173` - **OAuth Redirect URI**: `https://bsa.madeamess.online:3000/auth/google/callback` ## 📋 Google Cloud Console Setup You need to update your Google Cloud Console OAuth2 configuration: ### 1. Go to Google Cloud Console - Visit: https://console.cloud.google.com/ - Select your project (or create one) ### 2. Enable APIs - Go to "APIs & Services" → "Library" - Enable "Google+ API" (or "People API") ### 3. Configure OAuth2 Credentials - Go to "APIs & Services" → "Credentials" - Find your OAuth 2.0 Client ID: `308004695553-6k34bbq22frc4e76kejnkgq8mncepbbg.apps.googleusercontent.com` - Click "Edit" (pencil icon) ### 4. Update Authorized Redirect URIs Add these exact URIs (case-sensitive): ``` https://bsa.madeamess.online:3000/auth/google/callback ``` ### 5. Update Authorized JavaScript Origins (if needed) Add these origins: ``` https://bsa.madeamess.online:3000 https://bsa.madeamess.online:5173 ``` ## 🚀 Testing the OAuth Flow Once you've updated Google Cloud Console: 1. **Visit the OAuth endpoint:** ``` https://bsa.madeamess.online:3000/auth/google ``` 2. **Expected flow:** - Redirects to Google login - After login, Google redirects to: `https://bsa.madeamess.online:3000/auth/google/callback` - Backend processes the callback and redirects to: `https://bsa.madeamess.online:5173/auth/callback?token=JWT_TOKEN` 3. **Check if backend is running:** ```bash curl https://bsa.madeamess.online:3000/api/health ``` ## 🔍 Troubleshooting ### Common Issues: 1. **"redirect_uri_mismatch" error:** - Make sure the redirect URI in Google Console exactly matches: `https://bsa.madeamess.online:3000/auth/google/callback` - No trailing slashes - Exact case match - Include the port number `:3000` 2. **SSL/HTTPS issues:** - Make sure your domain has valid SSL certificates - Google requires HTTPS for production OAuth 3. **Port access:** - Ensure ports 3000 and 5173 are accessible from the internet - Check firewall settings ### Debug Commands: ```bash # Check if containers are running docker-compose -f docker-compose.dev.yml ps # Check backend logs docker-compose -f docker-compose.dev.yml logs backend # Test backend health curl https://bsa.madeamess.online:3000/api/health # Test auth status curl https://bsa.madeamess.online:3000/auth/status ``` ## 📝 Current Environment Variables Your `.env` file is configured with: ```bash GOOGLE_CLIENT_ID=308004695553-6k34bbq22frc4e76kejnkgq8mncepbbg.apps.googleusercontent.com GOOGLE_CLIENT_SECRET=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 GOOGLE_REDIRECT_URI=https://bsa.madeamess.online:3000/auth/google/callback FRONTEND_URL=https://bsa.madeamess.online:5173 ``` ## ✅ Next Steps 1. Update Google Cloud Console with the redirect URI above 2. Test the OAuth flow by visiting `https://bsa.madeamess.online:3000/auth/google` 3. Verify the frontend can handle the callback at `https://bsa.madeamess.online:5173/auth/callback` The OAuth2 system should now work correctly with your domain! 🎉