Oauth implementation via GitLab

As I had quiet a bad time figuring out how to combine redwoodjs with social auth from gitlab, I’ve decided to do a cleaned up version and post it online.

I would be keen to have it reviewed obviously, but I also think it will be helpful for people trying to do similar things.

I’m still not sure why restoreAuthState doesn’t seem to be documented and what getUserMetadata is supposed to do and why it’s fine to just return a token there.

In general, it’s pretty unclear, when which part get’s called but looking at the redwood source itself helps. Even if for some reason, the github search is very useless, as soon as anything is in the packages folder.

You will need a .env with:

GITLAB_CLIENT_ID=
GITLAB_REDIRECT_URI=
GITLAB_AUTHORITY=

Hey, Looks good! I see that youre sharing api/src/lib/gitlabAuth.ts on both the api and web sides.

1 Like

I also implemented refresh tokens somewhat later, but it’s still not perfect (and hasn’t been pushed to that repo)