fix: request offline access on OAuth login so Google returns a refresh token

This commit is contained in:
npeter83 2026-06-11 01:14:06 +02:00
parent 10ef62bbad
commit 3a774cf7d6

View file

@ -22,18 +22,21 @@ oauth.register(
client_id=settings.google_client_id, client_id=settings.google_client_id,
client_secret=settings.google_client_secret, client_secret=settings.google_client_secret,
server_metadata_url="https://accounts.google.com/.well-known/openid-configuration", server_metadata_url="https://accounts.google.com/.well-known/openid-configuration",
client_kwargs={ client_kwargs={"scope": SCOPES},
"scope": SCOPES,
# access_type=offline + prompt=consent ensures we receive a refresh_token.
"access_type": "offline",
"prompt": "consent",
},
) )
@router.get("/login") @router.get("/login")
async def login(request: Request): async def login(request: Request):
return await oauth.google.authorize_redirect(request, settings.oauth_redirect_url) # access_type=offline + prompt=consent must be on the authorization URL so Google
# returns a refresh_token (required for background sync).
return await oauth.google.authorize_redirect(
request,
settings.oauth_redirect_url,
access_type="offline",
prompt="consent",
include_granted_scopes="true",
)
@router.get("/callback") @router.get("/callback")