The React dashboard needs to be able to authenticate its users, and perform authorized calls on some microservices. It also needs to let the user grant access to Strava.
We make the assumption that the dashboard only works when you are authenticated, and that there are two kinds of users: first-time user and returning user.
Following is the user story for first-time users:
As a first-time user, when I visit the dashboard, there's a "login" link. When I click on it, the dashboard redirects me to Strava to grant access to my resources. Strava then redirects me back to the dashboard, and I am connected. The dashboard then starts to fill with my data.
As described, our Flask app performs an OAuth2 dance with Strava to authenticate users. Connecting to Strava also means we need to store the access token into the Runnerly user profile...