passport google oauth on localhost
In most examples on the web, routing code is done like this:
app.get('/auth/google', passport.authenticate('google'));
According to the Express Reference, callbacks of the app.get method are given three arguments, request, response and 'next'. That means, the authenticate method in the above example returns a function object and it is executed with three the arguments request, response and 'next'.
So, if you would like do authentication in the callback function of the app.get method like this:
app.get('/auth/google', function() {
passport.authenticate('google', {scope: ['profile', 'email']});
});
then you should write:
app.get('/auth/google', function(request, response, next) {
passport.authenticate('google', {scope: ['profile', 'email']})(request, response, next);
});
Currently OAUTH2 protocol for authentication and autherization is well supported by google.So Its better to use the same . Here is google's documentation on it .Use 'passport-google-oauth' module . Here is the implementation.This should be the app objects configuration , also see that oauth2strategy object is used from passport-google-oauth module , also check out the scopes in the app.get route registration .
var googleStrategy = require('passport-google-oauth').OAuth2Strategy;
app.configure(function() {
app.set('views', './views');
app.set('view engine', 'jade');
app.use(express.favicon());
app.use(express.logger('dev'));
app.use(express.cookieParser());
app.use(express.bodyParser());
app.use(express.session({secret:'MySecret'}));
app.use(passport.initialize());
app.use(passport.session());
app.use(express.methodOverride());
app.use(app.router);
app.use(express.static('./public'));
});
app.get('/auth/google', select.passport.authenticate('google',{scope: 'https://www.googleapis.com/auth/plus.me https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile'}));
app.get('/auth/google/callback', function() {
passport.authenticate('google', {
successRedirect: '/profile',
failureRedirect: '/fail'
});
});
app.get('/logout', function (req, res) {
req.logOut();
res.redirect('/');
});
But before creating a new strategy go to googles developer console and get clientID and secret . Here are the steps
- go this link and create project , here is the snapshot of the same
- give a new project name and ID , here is the snapshot
- It'll roughly take a minute to create your new project , once your new project is created it'll redirect you to the application configuration of your app . In the redirected page select APIS AND AUTH -> API's , In the API's page enable the GOogle+ API , here is the snapshot of it
then go to credentials(below APIs), then click on Create New Client Id , and register the domains and callback for your app(configure the domain to be localhost ) , here is its snapshot !
5.Then u'll get your new ID and secret . Use them to create the new Strategy passport.use(new googleStrategy({ clientID: '<TheNewclientID>', clientSecret: '<The New Secret>', callbackURL: "http://locahost:8080/auth/google/callback" }, function (accessToken, refreshToken, profile, done) { console.log(profile); //profile contains all the personal data returned done(null, profile) } ));
6.now serialize and deserialize
passport.serializeUser(function(user, callback){
console.log('serializing user.');
callback(null, user.id);
});
passport.deserializeUser(function(user, callback){
console.log('deserialize user.');
callback(null, user.id);
});
run the server and go to localhost:8080/auth/google (dont use 127.0.0.1:8080 instead of locahost ) .This should be getting it working :)
[Other useful links: Check out the first comment by kvcrawford on the repo of the module in this page Passport-google is another popular module which is use to provide login using google , its kind of outdated now , here is the link with respect to its recent issues ]