Validate a Google client Sign in from the server side

React Client side (front):

//client functions

...
async function checkValidSignIn(decoded: any) {
        try {
//your api address to validate
            const endpoint = props.HOME_URL + '/api/w/after-google-signin'
            console.info("endpoint: ", endpoint)
            const response = await fetch(endpoint, {
                method: 'POST',
                headers: {
                    'Content-Type': 'application/json',
                },
                body: JSON.stringify(decoded),
            })
                .then(async (data) => {
                    // console.info('data: ', data)
                    const c = await data.json()
                    console.info('json: ', c)
                    if (c.success) {
                        alert("You are in")
                    } else {
                        alert(c.message)
                        googleLogout()
                    }

                })
                .catch((error) => {
                    const errorJson = JSON.stringify(error)
                    // console.info(errorJson)
                    alert(errorJson)
                })
            // setData(responseData);
        } catch (error) {
            console.error('Error fetching data:', error);
        }
    }
...

//The button
...
 <GoogleLogin
                                onSuccess={
                                    async function (credentialResponse: CredentialResponse): Promise<void> {
                                        if (credentialResponse && credentialResponse.credential) {

                                            console.log("credentialResponse: ", credentialResponse);

                                            var decoded = jwt_decode(credentialResponse.credential);

                                            console.log("decoded credentials: ",
                                                JSON.stringify(decoded));
                                            checkValidSignIn(credentialResponse);
                                        }

                                    }
                                }
                                onError={
                                    function (): void {
                                        console.log("Error happened");
                                        return
                                    }
                                }
                                auto_select
                                useOneTap
                            />
...

Server side (endpoint), in this case Next-Auth

export async function processing(req: NextApiRequest,
    res: NextApiResponse<Data>) {
    const query = req.query
    console.info("query: ", query)
    console.info("body: ", req.body)

    if (req.body && req.body.jti) {

    } else {
        res.statusMessage = "bad request"
        res.status(400)
    }

    
    var token = req.body.credential
    console.info("token: ", token)

    const { OAuth2Client } = require('google-auth-library');
    const client = new OAuth2Client(process.env.GOOGLE_CLIENT_ID);
    async function verify(token: any) {
        const ticket = await client.verifyIdToken({
            idToken: token,
            // idToken: token,
            audience: process.env.GOOGLE_CLIENT_ID,  // Specify the CLIENT_ID of the app that accesses the backend
            // Or, if multiple clients access the backend:
            //[CLIENT_ID_1, CLIENT_ID_2, CLIENT_ID_3]
        });
        const payload = ticket.getPayload();
        console.info("Verified!!!!!")
        res.status(200).json(payload)
        // const userid = payload['sub'];
    }
    await verify(token).catch((error) => {
        console.log("*****error adminInitiateAuth: ", error)
        console.log(JSON.stringify(error))
        res.status(500).json({ msg: "no" })
    })