feat: implement Google OAuth authentication

- Add Google OAuth 2.0 login flow with passport-google-oauth20 - Create User and RefreshToken entities for session management - Implement JWT access tokens (15min) + HttpOnly refresh cookies (7 days) - Add auth endpoints: /google, /google/callback, /refresh, /me, /logout - Create LoginPage with Google sign-in button (shadcn/ui) - Add AuthGuard for protected routes with redirect preservation - Implement silent token refresh on app mount - Add UserMenu component with avatar and sign-out Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-29 13:05:18 -03:00
parent fe2c861007
commit 130f35c4f8
32 changed files with 2477 additions and 98 deletions
--- a/backend/.env.example
+++ b/backend/.env.example
@@ -15,3 +15,16 @@ YOUTUBE_API_KEY=YOUR_YOUTUBE_API_KEY_HERE
 # Upload
 UPLOAD_DIR=./uploads
 MAX_FILE_SIZE=5242880
+
+# Google OAuth
+GOOGLE_CLIENT_ID=your-google-client-id.apps.googleusercontent.com
+GOOGLE_CLIENT_SECRET=your-google-client-secret
+GOOGLE_CALLBACK_URL=http://localhost:4000/api/auth/google/callback
+
+# JWT Configuration
+JWT_SECRET=your-secure-random-secret-min-32-characters-long
+JWT_ACCESS_EXPIRATION=15m
+JWT_REFRESH_EXPIRATION=7d
+
+# Frontend URL (for OAuth redirects)
+FRONTEND_URL=http://localhost:3000