I am working on an SPA written in Elm with an Elixir/Phoenix back end.
I am trying to implement Ueberauth/google for authentication and it is working when I hit the auth/request route with a normal request (I go to google, agree to share my data, get redirected back to my app with the google data, from there I can create a new user, if not existing, generate a JWT token with Guardian, put the token and user data into a response body and send the response).
I am confused about how to do this from Elm though. If I try to make an Elm.http request to initiate the workflow, I get a CORS error from chrome on the redirect.
I could start the login routine with a normal
<a href=.... > tag, but I don’t think it is possible to read the response headers on the final redirect (the one back to my app, where I can add the JWT).
The only thing that I can think of is to put the model into local storage, then add the jwt to the url and parse it with Elm during init, and then recover the model from local storage. This just seems heinous though. I have done a ton of googling, but only find tutorials for Ueberauth and non-spa’s (ie, the token is put in the session) or SPAs where the user enters email and password into a form, which Elm then sends to the back-end and gets the token in the response.
Any ideas on how to use Uauth2 from Elm?