NodeJS & Express - Google OAuth2 using PassportJS
Вставка
- Опубліковано 26 лют 2021
- Learn how to protect your API routes using OAuth2 with Google as an identity provider.
We will be creating a REST API using NodeJS & Express. Then we will be protecting some API routes behind authentication. These routes will require the user to authenticate using OAuth2 with Google. We will be using PassportJS (www.passportjs.org/packages/pa....
Check out the code on Github: github.com/kriscfoster/node-g...
Don't forget to Subscribe here: / @krisfoster1 - Наука та технологія
Great video, have been struggling with this for the past few days, your the first one to tie in all the pieces, authentication, user session, and log out. Thank you good sir!
I have seen a lot and I am impressed by how you manage to get a confusing subject through and so consicely and simple to understand
Dude this is the best video I've ever seen about Google OAuth with passport you have no idea how many videos I watched to use Google OAuth with passport a big thank you from Brazil
Really amazing tutorial, actually the only one where I understood what each part of the code was doing.
Such a lack of videos explaining this topic , thank you man !
one of the best code tutorials I've ever watched. Clear, concise and simple. Fantastic video 👏
Thank you for the kind words!
@@KrisFoster1 hey Kris! sorry I sent you a question on twitter. How can I send the user object to the client? thank you!
try this one: ua-cam.com/video/5WehZTrgG8o/v-deo.html
Yeah I agree
Absolutely, straight to the point and no waste of time
This video was full of value. I was able to complete it, but even better, I was able to complete it, and now I feel comfortable with utilizing passport/google-oauth2 in my projects moving forward.
Had to comment.
Went from never working with passport or Oauth to implementing 5 different types of login on my test app. Amazing tutorial.
That's great to hear @Dev Dev Goose. Well done!
Damn 🙄
To the point, goes step by step. Well done!
Most helpful video I found about OAuth2 with Node.
Thank you
it helped me bro, always keep your tutorials as clear as this!!!
Other than him, no one was helpful to me for this particular problem, Thanks Man 👍
Simplest Code and Simplest explanation. awesome
Great video. Short and precise . Thanks alot
Best tutorial for Google OAuth2 using PassportJS
Thanks for this simple but clear video.
Glad you enjoyed!
You're the best explain for this mate.
Thanks bro for the detailed explanation. It was a great help
Your explanation is awesome dude thankyou very much for the knowledge ❤
Yo mate, great video.
Do you know if there is a way to get rid off the "#" at the end of the route?
I mean, redirecting without the slash sign at the end.
Ty!
Below seems to work for logout needing a funcion issue in latest version of express.
app.get('/logout', (req, res, next) => {
req.logout(function (err) {
if (err) {
return next(err);
}
// if you're using express-flash
// res.flash('success_msg', 'session terminated');
res.redirect('/');
});
});
very important comment here, thank you! kris foster should pin this!!!
Yes req.logout() needs a callback
Thank you, this helped me a lot
Thanks Kris for this video
Thank you so clear explaining
a very big big thanks to you sir for giving such an amazing explanation.............!!!!!!!!!!
Maybe you will like this also so much simpler: ua-cam.com/video/5WehZTrgG8o/v-deo.html
This is such a great tutorial Mr Kris
I can retrieve the email displayName with no problem, but how do I know the other Function? Like Retrieve the photo profile or other information?
I hope you see my question here, Cheers to you!
totally worth it 🔥🔥
the best work bro, thanks a lot...
the best video I’ve ever seen👍
Was so confused with Google Auth, Thank you so much for this wonderful tut
Thanks for your sharing. great tutorial.
best tutorial 2021
Very helpful video it is short and suit ❤❤🎉
Excellent tutorial 👍🏽
can we somehow edit this page with some better style? Like an Logout button on the top right corner and some general design instead of the white page?
I used your code, but did not get refresh token, I tried option access_type: 'offline', but still it is not giving refresh token. Could you please tell me how can I get the refresh token. It would be helpfull if you could make a video on it. The solution is not present on internet.
Great tutorial video😀😀
Thank you so much!!!
Good video! Thanks for sharing!
Wil you try this: ua-cam.com/video/5WehZTrgG8o/v-deo.html
Great video, made it so easy. Tnx
Thank you for the kind feedback & glad you enjoyed!
Subscribed!
Hey, what if I wanted to return a token instead of a session id?
2017 style express, niiiiice
how do we use(logIn with google) password js with express js in react native
Thanks for the tutorial
So, will the Node.js application use the email address as some Primary Key in the database to identify a user?
help, I get an error of type TokenError: client_secret is missing
Do you know how I can use this same session in my google extension, so that it automatically logs in the user to my extension?
is cookie saved in browser in case of token based authentication, i can't find cookie in my browser although when i am am using cookie based authentication , then only i can see cookie saved in my browser??
I love you for this.
Thank you, glad you enjoyed!
InternalOAuthError: Failed to obtain access token
why am i getting this?
bro if we login again after logged out ,then popup window did not appear ,why ?
man you are awesome
thx man
saved me
So no DB to save the session?
Great video.
10:21 The silence here killed me lol
When I click my auth link it just spins.
Hey kris thanks a lot man
Well done
nice tutorial !!.😁
great job! Thank you very much for the content ^^
A query, what is the difference between oauth2 and oauth20?
- Passport-google-oauth20
- Passport strategy for Google OAuth 2.0
Thank you so much for everything!
It's the same. It's 2.0 but abbreviated to 20
Cannot GET /auth/google/callback getting this error
You used your personal client google id, but how to get it from the user when he hit use button authenticate with Google on my website ?
This is simpler: ua-cam.com/video/5WehZTrgG8o/v-deo.html
Thanks man
Awesome
you are grate
Hi Kris. How can we send to mongodb? Thanks
👌
But show req.user=undefined
Question: why do you need to serialize or deserialize user data? stated at 8:47? Thanks
I haven't watched this vid yet but serialize means you are making cookie and deserialize means extracting data from that session cookie. The result of the serializeUser method is attached to the session as req.session.passport.user = {}.
I know this is 2 years old but just leaving it for someone here who is also curious,
the serialization defines how you want to attach the user data to the session, for instance if you wanted to filter the user data to like 3 attributes in you would define 'done' inside the serialization method as:
```
passport.serializeUser((user, done) => {
done(null, {
id: user.id,
email: user.email,
cover: user.cover
});
});
```
this reduces the size of your session data by excluding unecessary fields
in the video for the sake of simplicity the guy just attached the entire payload
your deserializeUser function would just assign the data in req.session.passport.user to req.user to make it easier for use
It works from browser, but I can't get it working from postman. Even after getting the access token and adding it to authorization header. Can anyone help?
As you have to use your google account which is supposedly the logged in google account in your browser but not in postman. That's the reason its not working in the postman
thankyou
15:08 What do you mean when you said we need to allow the user to be sent as part of the request? I don't really get it.
And how does express-session solve this?
Express-session allows to create a session (req.session object) and can store the session into a database. To store a session where an user is authenticated, Passport comes into play, it's Passport with the serializeUser function that saves inside the session created by Express-session, a property => passport: {user: id} and then Express-session can store the session + the authenticated user inside a db and the server send an http response with the header set-cookie and now the browser saves the cookie and the user is authenticated. If you want to undersand how it works in details, watch the local authentication with Passport here (the first 3 hours) ua-cam.com/video/F-sFp_AvHc8/v-deo.html.
@@artax5005 Wow this helps, thank you so much
i cant get it to work with private ip, how did you do that?.. google just blocks my request.
make sure you assign test accounts to OAuth consent screen in google cloud platform, if your application is still in testing and not production it may only allow test account access
Bro can you mentor me a little over discord? I am self taught. Just learnt mongoose node and express.
does this work in react ?
react works well with express, yes
does anyone elses logout not work?
I solved the logout problem with this :
app.get("/logout", (req, res) => {
req.logout(req.user, err => {
if(err) return next(err);
res.redirect("/");
});
});
20:04, I am still unable to login..
got it, had to change the callbackURL to not include auth
gracias bb
ua-cam.com/video/5WehZTrgG8o/v-deo.html
11:09 my nodemon keeps crashing for whatever reason. It doesn't like the passport.authenticate line
forgot to add const passport
this video is strangely high fps
ummmm, hello brother. Sorry i just have a small critic for you but its ok, its a good video. But you don't need to copy paste the code. You need to code it from scratch so i can understand step by step.
I just followed this and it was great but when it was time for the logout I had issues with just *req.logout();* and *req.session.destroy();*
As of 7/23 this worked instead
req.logout((err) => {
if (err) { res.send(err); }
else { req.session.destroy((err) => {
if (err) { res.send(err); }
else { res.send('Logging out...'); }
});
}
});
Thanks a lot!
I solved the logout problem with this :
app.get("/logout", (req, res) => {
req.logout(req.user, err => {
if(err) return next(err);
res.redirect("/");
});
});