http://localhost:3001/auth/google/callback Google Auth
Ah, I've been developing an app doing other things with Google Auth, I need to understand how why is it normally for google Auth, why not 3000? is /auth/google/callback a reserved route?
I think so
8 Replies
Wohooo @A³Learn, you just became a Waspeteer level 11!
Hi @A³Learn. I'm kapa.ai, your friendly support bot. I will try to answer your question by searching through the knowledge base. :wave:
----------------------
In Wasp, the default setup is that the backend (API server) runs on port 3001 and the frontend (web client) runs on port 3000 during development. The route /auth/google/callback is not a "reserved" route in the sense of being special to Google or Wasp, but it is the standard endpoint where the backend expects to receive the OAuth callback from Google after a user authenticates.
Here's why http://localhost:3001/auth/google/callback is used:
- The OAuth flow with Google (and other providers) requires the backend to handle the callback, because it needs to securely process the authorization code and exchange it for tokens. This is why the callback URL points to the backend (port 3001), not the frontend (port 3000).
- In your Google OAuth app configuration, you must set the redirect URI to http://localhost:3001/auth/google/callback for local development, so Google knows where to send the user after authentication. This is documented in the Wasp docs:
Under Authorized redirect URIs, put in:Setting up Google Auth - The /auth/google/callback route is handled by Wasp's backend auth system, which processes the OAuth response and then redirects the user to the frontend as needed. So, to summarize: - Port 3001 is used because that's where the backend runs and handles OAuth callbacks. - /auth/google/callback is the standard route for the OAuth callback, but it's not "reserved"—it's just the convention used by Wasp's auth system. - The frontend (port 3000) is not involved in the OAuth callback directly; it receives the user after the backend finishes processing. If you change the backend port, you must update the redirect URI in your Google OAuth app settings accordingly. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @A³Learn, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?<http://localhost:3001/auth/google/callback>
@kapa.ai For a new app, for different permissions NOT dealing with login, getting other things from Google, would the port be then 3000? I get an auto log out though
Let me check the knowledge base for you again. One moment! :books:
----------------------
For a Wasp app, any OAuth callback (including those for permissions beyond login, such as accessing Gmail data) should still be handled by the backend server, which by default runs on port 3001 during development. The OAuth flow is designed so that sensitive operations—like exchanging authorization codes for tokens—are managed securely on the backend, not the frontend. Therefore, the redirect URI should continue to use port 3001, not 3000, even if you are requesting additional permissions from Google.
If you are experiencing auto logouts, this could be related to how authentication tokens are managed or a misconfiguration in your OAuth setup, but the knowledge sources do not provide specific troubleshooting steps for this scenario. If you are using an outdated template or have not set up your environment variables correctly (such as the Google client ID and secret), this could also cause issues with authentication and session persistence. The Discord thread suggests that using the latest OpenSaaS template and ensuring all environment variables are set can resolve many such issuesOauth redirects to localhost:3001 instead of 3000.
In summary:
- The backend (port 3001) should handle all OAuth callbacks, regardless of the permissions requested. - The frontend (port 3000) is not used for OAuth callbacks. - If you encounter auto logouts, double-check your environment variables and consider updating to the latest template if you are not already using it. If you need to change the backend port, remember to update the redirect URI in your Google OAuth app settings accordinglySetting up Google Auth. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @A³Learn, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
- The backend (port 3001) should handle all OAuth callbacks, regardless of the permissions requested. - The frontend (port 3000) is not used for OAuth callbacks. - If you encounter auto logouts, double-check your environment variables and consider updating to the latest template if you are not already using it. If you need to change the backend port, remember to update the redirect URI in your Google OAuth app settings accordinglySetting up Google Auth. ---------------------- Note: you can ask me a follow up question by @ mentioning me again :speech_balloon: ---------------------- Sorry @A³Learn, I seem to be having a bit of trouble. Don't worry though, I've pinged my support and they will try to fix me up! :technologist: Perhaps try again in 15mins?
!solved use an api, use :3001 I used a different route because I still have the inkling that route is reserved
The login/register happens on the server, that's why the PORT is 3001.
We return info we get from the OAuth provider to the server.
Ok I understand!
Is /auth/google/callback a reserved route?
On frontend we have:
/oauth/callback, on server we have: /auth/${providerName}/callback. So yes, since on those routes we expect some specific behavior.