-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Google auth added #93
Conversation
Signed-off-by: Naresh <chandanbatven@gmail.com>
Signed-off-by: Naresh <chandanbatven@gmail.com>
Someone is attempting to deploy a commit to a Personal Account owned by @UBA-GCOEN on Vercel. @UBA-GCOEN first needs to authorize it. |
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
session({ | ||
secret: process.env.SESSION_SECRET, | ||
resave: false, | ||
saveUninitialized: true | ||
}) |
Check failure
Code scanning / CodeQL
Missing CSRF middleware High
request handler
This cookie middleware is serving a
request handler
This cookie middleware is serving a request handler without CSRF protection.
session({ | ||
secret: process.env.SESSION_SECRET, | ||
resave: false, | ||
saveUninitialized: true | ||
}) |
Check warning
Code scanning / CodeQL
Clear text transmission of sensitive cookie Medium
Signed-off-by: Naresh <chandanbatven@gmail.com>
Signed-off-by: Naresh <chandanbatven@gmail.com>
@Naresh-chandanbatve Please fix this |
if user uses /auth/google route
first it will check the db for user if it exist it will return the userdata
if it does not exist then it will create new user with the data and then return the
new user data in response as well as add the data in the session with token
also removed redundant imports and models