REST-Interface with OAuth and NodeJS
Currently, I am working on an open source project. I have a server which uses NodeJS and Express. This Server also has some REST-Interfaces.
Now, I want that other people should be able to use the REST-Interfaces after logging in with OAuth. This already works in combination with PassportJS. The only problem I have is that, the main Application which uses the same REST-Interfaces also has to go through the "An Application wants to use you data. Do you allow or deny" process.
I think this is not a very good solution. When I look at Github, Microsoft, Google, which use OAuth I don't have to allow access to my Data when I login. This is needed only when external applications want to use their Interfaces.
Now the question is that how can I say that the main application can access the Interfaces when the user logs in but external persons can only access the Interfaces when they login with OAuth.
Greetz