Passport is generic module(googl,fb) and below one is specific to google accounts.
passport-google-oauth20: https://github.com/jaredhanson/passport-google-oauth2
https://medium.com/passportjs/google-api-shutdown-330c3b47e3df
in our project folder:
npm install --save passport passport-google-oauth20
oauth20-->one of strategies of passort-->1 is old and 20 is latest.short for 2.0
You can check your package.json to make sure below line is there with version number:
"passport-google-oauth20": "^2.0.0",
index.js
--------
const express =require('express'); const passport =require('passport'); const GoogleStrategy =require('passport-google-oauth20').Strategy; const keys = require('./config/keys'); const app = express(); passport.use(new GoogleStrategy({ clientID: keys.googleClientID, clientSecret: keys.googleClientSecret, callbackURL: '/auth/google/callback' },accessToken=>{ console.log(accessToken); } ) ); app.get( '/auth/google', passport.authenticate('google',{ scope: ['profile', 'email'] }) ); app.get('/auth/google/callback',passport.authenticate('google'));//so code sent by google will be part of url and used here. const PORT = process.env.PORT || 5000; app.listen(PORT);
-------
Will show how to enable the Google+ API. Since it does not exist anymore, this step can be ignored as we will be using the Passport library to instead source the Google profile from the "userinfo" endpoint.
clientid and clientsecret are provided by google oauth service.
so we need to signup with google oauth api.
The below steps might change a bit, see the document shared down.
open http://console.developers.google.com, sign with google account.
goto Developers console.on the top left there is username dropdown, click that and create a new project by clicking +.
click on "Enable API" on top middle link, search for "google+ api" click that and click on enable.
click on "create credentials" or on left side credentials tab and click on create button and select "oauth client id"
click on "configure" and provide details for consent screen(productname and other optional details),app type-web app,authorized javascript origins(http://localhost:5000) and authorized redirect URLs(http://localhost:5000/*).
Authorized redirect url should be complete, as we kept * we will get error, so keep http://localhost:5000/auth/google/callback
After clicking create, clientID(public token we can share with public) and clientSecret(private token) will be generated.
The above steps to generate client ID and secret might change see this document for furture reference: link
To secure the keys, create a separate file and don't commit that to git.
projectfolder\config\keys.js
---------
module.exports = {
googleClientID: '<clientID>',
googleClientSecret: '<clientSecret>'
};
.gitignore
---------
node_modules
keys.js
callbackURL: Route handler that user should sent to after google grants access
A bit of code change above to gather more details..
index.js
-------
const express =require('express');
const passport =require('passport');
const GoogleStrategy =require('passport-google-oauth20').Strategy;
const keys = require('./config/keys');
const app = express();
app.get('/',(req,res)=> {
res.send({hi: 'there'});
});
passport.use(new GoogleStrategy({
clientID: keys.googleClientID,
clientSecret: keys.googleClientSecret,
callbackURL: '/auth/google/callback'
},
(accessToken, refreshToken, profile, done)=>{
console.log('accessToken', accessToken);
console.log('refresh token', refreshToken);
console.log('profile', profile);
}
)
);
app.get(
'/auth/google',
passport.authenticate('google',{
scope: ['profile', 'email']
})
);
app.get('/auth/google/callback',passport.authenticate('google'));//so code sent by google will be part of url and used here.
const PORT = process.env.PORT || 5000;
app.listen(PORT);
Access token expires after sometime so to get access for some time more we use the refreshToken.
>node index.js
No comments:
Post a Comment