diff --git a/backend/app/auth.py b/backend/app/auth.py index ee4e159..bc56522 100644 --- a/backend/app/auth.py +++ b/backend/app/auth.py @@ -22,18 +22,21 @@ oauth.register( client_id=settings.google_client_id, client_secret=settings.google_client_secret, server_metadata_url="https://accounts.google.com/.well-known/openid-configuration", - client_kwargs={ - "scope": SCOPES, - # access_type=offline + prompt=consent ensures we receive a refresh_token. - "access_type": "offline", - "prompt": "consent", - }, + client_kwargs={"scope": SCOPES}, ) @router.get("/login") async def login(request: Request): - return await oauth.google.authorize_redirect(request, settings.oauth_redirect_url) + # access_type=offline + prompt=consent must be on the authorization URL so Google + # returns a refresh_token (required for background sync). + return await oauth.google.authorize_redirect( + request, + settings.oauth_redirect_url, + access_type="offline", + prompt="consent", + include_granted_scopes="true", + ) @router.get("/callback")