mirror of
https://github.com/feathersjs/feathers.git
synced 2025-12-08 19:46:22 +00:00
ae85fa216f
* feat(docs) new docs site started * Minor page edits * feat(footer) fix spacing * empty guides template Co-authored-by: daffl <daff@neyeon.com>
115 lines
3.1 KiB
Markdown
115 lines
3.1 KiB
Markdown
---
|
|
outline: deep
|
|
---
|
|
|
|
# Google
|
|
|
|
To enable Google login, add the app id, app secret and scope property to `config/default.json`:
|
|
|
|
```js
|
|
{
|
|
"authentication": {
|
|
"oauth": {
|
|
"google": {
|
|
"key": "<App ID>",
|
|
"secret": "<App Secret>",
|
|
"scope": ["openid"]
|
|
}
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
According to the [documentation of Google](https://developers.google.com/identity/protocols/OpenIDConnect#scope-param):
|
|
"The scope value must begin with the string openid and then include profile or email or both.".
|
|
|
|
|
|
To also request the email address, add the string "email" to the array of the 'scope' property:
|
|
```js
|
|
{
|
|
"authentication": {
|
|
"oauth": {
|
|
"google": {
|
|
"key": "<App ID>",
|
|
"secret": "<App Secret>",
|
|
"scope": ["openid", "email"],
|
|
"nonce": true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
The property 'nonce', according to the documentation: "A random value generated by your app that enables replay protection.".
|
|
|
|
## Application client and secret
|
|
|
|
The client id (App ID) and secret can be acquired by creating a [OAuth client ID](https://console.developers.google.com/apis/credentials):
|
|
1. Click on 'OAuth client ID'
|
|
|
|
2. Select 'web application', fill in the information and click 'Create'
|
|
|
|
|
|
**Important**: Fill in the callback url, in a default Feathers setup it will be /oauth/google/callback.
|
|
|
|
3. Replace `<App ID>` and `<App Secret>` with the id and secret of the created OAuth client ID application
|
|
|
|
```js
|
|
{
|
|
"authentication": {
|
|
"oauth": {
|
|
"google": {
|
|
"key": "<client-id>.apps.googleusercontent.com",
|
|
"secret": "<client-secret>",
|
|
"scope": ["openid", "email"],
|
|
"nonce": true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
Note: Use the generated credentials of the OAuth client ID.
|
|
|
|
Note: `<client-id>` will be replaced by a string similar to **481298021138-hv27glb811ocr7pdon5lsg8hh5a6pgjv**.apps.googleusercontent.com.
|
|
|
|
Note: `<client-secret>` will be replaced by a string similar to **XkWl0witdP4ogeNIgyOi-CeS**.
|
|
|
|
## Using the data returned from the Google App through a custom OAuth Strategy
|
|
|
|
In `src/authentication.js`:
|
|
|
|
```js
|
|
const axios = require('axios');
|
|
const { OAuthStrategy } = require('@feathersjs/authentication-oauth');
|
|
|
|
class GoogleStrategy extends OAuthStrategy {
|
|
async getEntityData(profile) {
|
|
|
|
// this will set 'googleId'
|
|
const baseData = await super.getEntityData(profile);
|
|
|
|
// this will grab the picture and email address of the Google profile
|
|
return {
|
|
...baseData,
|
|
profilePicture: profile.picture,
|
|
email: profile.email
|
|
};
|
|
}
|
|
}
|
|
|
|
module.exports = app => {
|
|
const authentication = new AuthenticationService(app);
|
|
|
|
authentication.register('jwt', new JWTStrategy());
|
|
authentication.register('local', new LocalStrategy());
|
|
authentication.register('google', new GoogleStrategy());
|
|
|
|
app.use('/authentication', authentication);
|
|
app.configure(expressOauth());
|
|
};
|
|
```
|
|
**Important**: googleId, profilePicture and email are properties that should exist on the database model!
|
|
|
|
|