How do I generate and store the state parameter for OAuth?
https://authorization-server.com/oauth/authorize ?client_id=a17c21ed &response_type=code &state=5ca75bd30 &redirect_uri=https%3A%2F%2Fexample-app.com%2Fauth &scope=photos
The above is a standard format for OAuth authorization URL, and how do I generate and store the
state parameter? I understand that you can encode information inside for redirect purposes and it's also for CSRF prevention, but does this mean I need to have a column in my database to store the
state? Do I need to invalidate it after 30 mins to keep it "unguessable"? It seems very overkill, and I am utterly confused as to what's a good way to do this.
Thank you so much for this. I was into this iss https://vidmate.onl/download/ ue and tired to tinker around to check if its possible but couldnt get it done. Now that i have seen the way you did it, thanks guys