GitHub authentication

[Fis-ayo]

Summary

Updated server flow to verify login through GitHub OAuth 2.0 is functional. When login in authenticated via GitHub, it redirects to the home page.

Test Verification Flow

• Start server and confirm it is working
• Create a GET request http://localhost:3001/auth/login/success without cookies using Postman or Insomnia
  • Expected result: 401 with not authenticated message
• In a browser, open http://localhost:3001/auth/github and complete GitHub login.
• In browser devtools, copy the connect.sid cookie for localhost:3001.
  • Steps to Copy connect.sid (Chrome/Edge):
  • Navigate to http://localhost:3001 in your browser.
  • Open DevTools: (right-click anywhere and select Inspect)
  • .Go to the Application tab in the top menu.
  • In the left sidebar, expand Storage > Cookies.
  • Select http://localhost:3001.
  • Locate connect.sid in the list, double-click the value, and press Ctrl+C (or Cmd+C) to copy it.
• In Postman or Insomnia, call GET http://localhost:3001/auth/login/success with header:
  • Cookie: connect.sid=your_cookie_value
  • Expected result: 200 with success true and user object
• In Postman, call GET http://localhost:3001/auth/logout with the same cookie.
  • Expected result: success true and logout status.
• Call GET http://localhost:3001/auth/login/successagain with the same cookie.
  • Expected result: 401 (session is gone).

Test Artifacts

First check without session cookies

Login Authentication Via Github

Screen.Recording.2026-04-13.at.2.15.25.PM.mov

Login Okayed via Insomnia

Values are blurred out for security purposes

Notes for Testing

When testing for login ensure files are not changed in server or server does not restart. If not you would have to complete the login process again.