I am developing a web application that is mainly divided into the following two parts.
- Website (UI): Node The JS Express application will be hosted at www.mysite.com
- Rest API: business logic (Atuhentiation, authorization, business logic) and will be hosted as some other domain, for example api.mysite.com
I want to implement OAuth2 for this application. I read OAuth2 and realized that these are different streams, and based on my understanding, I came to the conclusion that the "Password Owner Resource Owner stream " is a way, because the Client and the Service belong to me, and the user will also directly register in my application and thus they will provide username and password.
I have researched a lot of the "Credentials Owner Owner Credentials" thread, but this thread is very little discussed and documented. I have very few ideas close to ZERO that I should implement this thread in my application. I am developing a site and leisure API in Node JS. Please tell me how can I implement this? Any demos, documentation will be helpful.
Thanks in advance!
source
share