How does authentication with oauth2 sessions work?

After reading over the documentation and tinkering a bit myself I'm still a bit confused on how I should be able to login using oauth2. I wanted to try to log in into an vue application but discord OAuth2 and I've gotten as far as that an user is being generated when I allow my application access. Now I'm stuck after this where I don't know how the system works because I can't seem to really find any authentication for the user.

You read this? https://appwrite.io/docs/authentication#oauth

ye I did

So after the create oauth2 session API flow is complete, you should be logged in. What's going on for you? And is your client app running on localhost?

no the app is not running on localhost right now and as for the point on what's going on or me I am really confused about the further authentication because I don't see any clues on that

Clues on what? What further authentication? Would you please describe what's going on? Maybe with a screen recording?

I'm sorry for all the confusion I'll start from the beginning. So I choose to create a web app where I want users to be able to authenticate themselves using discord through appwrite. I set up a new web project and in authentication I activate Discord as OAuth2 Provider with the correct settings. Meaning when I try out the example code from the docs on OAuth, I fill it with my project ID and createOAuth2Session with some other params I'll get an authentication link. when using the link and allowing my app through discord to access my data nothing happened except an user got created in appwrite with my username and email. that's the only thing I've seen so far what happends but I don't know how I should let the user authenticate himself on the web application with anthingof this now

Did you provide success and failure URLs to redirect the user back to your app after authentication? https://appwrite.io/docs/client/account?sdk=web-default#accountCreateOAuth2Session

yes I provided discord as provider, an redirect url for success and failure as well as some scopes

so they should be redirected back to your app and authenticated...

ye I know that the redirection works but how do I know that the authentication does? do I somehow obtain a session id or a jwt? I can't see anything that would tell me about the authentication

if you're redirected back to your success url, the session should be created. you can then call, account.get() to confirm you have a session.

This works because Appwrite sessions are stored in cookies. Right before the user is redirected to your app, a cookie is set in the browser: https://github.com/appwrite/appwrite/blob/953485299a2a4040406cfec290a68f69187ec5e8/app/controllers/api/account.php#L622. You can open your browser's dev tools and look at the network logs to verify the response header that sets the cookie.

hey is the cookie called a_session_console_legacy?

that's not for your app. that's for the console

there are 2 cookies and they have the format of:

a_session_[PROJECT ID]_legacy
a_session_[PROJECT ID]