Google Sign In OAuth2 Security Flaw
Closed this issue · 10 comments
Hey @himanshusharma89
I was going through the app and came across the following issue:
- I pressed sign in with google on the sign-up page.
- Didn't select an account and pressed back.
- The app redirected me to the Dashboard with null values with though I wasn't authenticated.
I am attaching a screenshot of the app being logged in without auth.
I would like to work on this issue as well along with the Github auth implementation during Hacktoberfest.
We shall look into this issue. Thanks for bringing it to our notice!
Go ahead @rish07. Assigning this issue to you.
Any update @rish07?
Hey @himanshusharma89,
I actually have an exam tomorrow so I'll fix it by tomorrow evening.
Okay, @rish07. Good luck.
Also, the null value is still there after successful sign-up, but it doesn't occur if we restart the app. I checked the mapping methods, it is fine but still, the issue is there. Have a look into this also.
Sure
@himanshusharma89, I would like to solve this issue if @rish07 is facing any problems.
@arbazdiwan, @rish07 will work on it and update us soon