Passport strategy for authentication with Google that meets the Migrating to Google Sign-In Guide.
The strategy will get access_token, refresh_token and email (with right scopes) of signed-in account by parsing JWT returned from Google OAuth. It does not get full Google profile, but it does not require Google + API enabled in Google Developer's Console. If you want to get a full one, please consider using passport-google-oauth.
$ npm install passport-google-oauth-jwt
var GoogleStrategy = require('passport-google-oauth-jwt').GoogleOauthJWTStrategy;
passport.use(new GoogleStrategy({
clientId: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET
}, function verify(accessToken, loginInfo, refreshToken, done) {
User.findOrCreate({
googleEmail: loginInfo.email
}, function (err, user) {
return done(err, user);
});
}));Use passport.authentication(), specifying the 'google-oauth-jwt' strategy, to authenticate requests.
For example, as route middleware in an Express application:
app.get('/auth/google', passport.authenticate('google-oauth-jwt', {
callbackUrl: 'http://localhost:3000/auth/google/callback',
scope: 'email'
}));
app.get('/auth/google/callback', passport.authenticate('google-oauth-jwt', {
callbackUrl: 'http://localhost:3000/auth/google/callback'
}), function onAuthenticate(req, res) {
// Successful authentication, redirect home
res.redirect('/');
});For a complete, working example, refer to the example.
$ npm install
$ npm start
$ npm install
$ npm test