109 lines
3.3 KiB
Markdown
109 lines
3.3 KiB
Markdown
# Google OAuth Setup Guide
|
|
|
|
## Overview
|
|
Your VIP Coordinator now includes Google OAuth authentication! This guide will help you set up Google OAuth credentials so users can log in with their Google accounts.
|
|
|
|
## Step 1: Google Cloud Console Setup
|
|
|
|
### 1. Go to Google Cloud Console
|
|
Visit: https://console.cloud.google.com/
|
|
|
|
### 2. Create or Select a Project
|
|
- If you don't have a project, click "Create Project"
|
|
- Give it a name like "VIP Coordinator"
|
|
- Select your organization if applicable
|
|
|
|
### 3. Enable Google+ API
|
|
- Go to "APIs & Services" → "Library"
|
|
- Search for "Google+ API"
|
|
- Click on it and press "Enable"
|
|
|
|
### 4. Create OAuth 2.0 Credentials
|
|
- Go to "APIs & Services" → "Credentials"
|
|
- Click "Create Credentials" → "OAuth 2.0 Client IDs"
|
|
- Choose "Web application" as the application type
|
|
- Give it a name like "VIP Coordinator Web App"
|
|
|
|
### 5. Configure Authorized URLs
|
|
**Authorized JavaScript origins:**
|
|
```
|
|
http://bsa.madeamess.online:5173
|
|
http://localhost:5173
|
|
```
|
|
|
|
**Authorized redirect URIs:**
|
|
```
|
|
http://bsa.madeamess.online:3000/auth/google/callback
|
|
http://localhost:3000/auth/google/callback
|
|
```
|
|
|
|
### 6. Save Your Credentials
|
|
- Copy the **Client ID** and **Client Secret**
|
|
- You'll need these for the next step
|
|
|
|
## Step 2: Configure VIP Coordinator
|
|
|
|
### 1. Access Admin Dashboard
|
|
- Go to: http://bsa.madeamess.online:5173/admin
|
|
- Enter the admin password: `admin123`
|
|
|
|
### 2. Add Google OAuth Credentials
|
|
- Scroll to the "Google OAuth Credentials" section
|
|
- Paste your **Client ID** in the first field
|
|
- Paste your **Client Secret** in the second field
|
|
- Click "Save All Settings"
|
|
|
|
## Step 3: Test the Setup
|
|
|
|
### 1. Access the Application
|
|
- Go to: http://bsa.madeamess.online:5173
|
|
- You should see a Google login button
|
|
|
|
### 2. First Login (Admin Setup)
|
|
- The first person to log in will automatically become the administrator
|
|
- Subsequent users will be assigned the "coordinator" role by default
|
|
- Drivers will need to register separately
|
|
|
|
### 3. User Roles
|
|
- **Administrator**: Full system access, user management, settings
|
|
- **Coordinator**: VIP and schedule management, driver assignments
|
|
- **Driver**: Personal schedule view, location updates
|
|
|
|
## Troubleshooting
|
|
|
|
### Common Issues:
|
|
|
|
1. **"Blocked request" error**
|
|
- Make sure your domain is added to authorized JavaScript origins
|
|
- Check that the redirect URI matches exactly
|
|
|
|
2. **"OAuth credentials not configured" warning**
|
|
- Verify you've entered both Client ID and Client Secret
|
|
- Make sure you clicked "Save All Settings"
|
|
|
|
3. **Login button not working**
|
|
- Check browser console for errors
|
|
- Verify the backend is running on port 3000
|
|
|
|
### Getting Help:
|
|
- Check the browser console for error messages
|
|
- Verify all URLs match exactly (including http/https)
|
|
- Make sure the Google+ API is enabled in your project
|
|
|
|
## Security Notes
|
|
|
|
- Keep your Client Secret secure and never share it publicly
|
|
- The credentials are stored securely in your database
|
|
- Sessions last 24 hours as requested
|
|
- Only the frontend (port 5173) is exposed externally for security
|
|
|
|
## Next Steps
|
|
|
|
Once Google OAuth is working:
|
|
1. Test the login flow with different Google accounts
|
|
2. Assign appropriate roles to users through the admin dashboard
|
|
3. Create VIPs and schedules to test the full system
|
|
4. Set up additional API keys (AviationStack, etc.) as needed
|
|
|
|
Your VIP Coordinator is now ready for secure, role-based access!
|