Improved documentation of authorization code

auth/google.go

@@ -30,6 +30,10 @@ type GoogleUser struct {
 
 // InstallGoogleAuth enables Google login for the app.
 func InstallGoogleAuth(app *aero.Application) {
+	// OAuth2 configuration defines the API keys,
+	// scopes of required data and the redirect URL
+	// that Google should send the user to after
+	// a successful login on their pages.
 	config := &oauth2.Config{
 		ClientID:     arn.APIKeys.Google.ID,
 		ClientSecret: arn.APIKeys.Google.Secret,
@@ -43,14 +47,20 @@ func InstallGoogleAuth(app *aero.Application) {
 		Endpoint: google.Endpoint,
 	}
 
-	// Auth
+	// When a user visits /auth/google, we ask OAuth2 config for a URL
+	// to redirect the user to. Once the user has logged in on that page,
+	// he'll be redirected back to our servers to the callback page.
 	app.Get("/auth/google", func(ctx *aero.Context) string {
 		state := ctx.Session().ID()
 		url := config.AuthCodeURL(state)
 		return ctx.Redirect(url)
 	})
 
-	// Auth Callback
+	// This is the redirect URL that we specified in the OAuth2 config.
+	// The user has successfully completed the login on Google servers.
+	// Now we have to check for fraud requests and request user information.
+	// If both Google ID and email can't be found in our DB, register a new user.
+	// Otherwise, log in the user with the given Google ID or email.
 	app.Get("/auth/google/callback", func(ctx *aero.Context) string {
 		if !ctx.HasSession() {
 			return ctx.Error(http.StatusUnauthorized, "Google login failed", errors.New("Session does not exist"))