-
Notifications
You must be signed in to change notification settings - Fork 1
/
index.js
104 lines (82 loc) · 2.59 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
const express = require("express");
const app = express();
const jwt = require("jsonwebtoken");
const cookieParser = require("cookie-parser");
require("dotenv").config();
app.use(cookieParser());
const { OAuth2Client } = require("google-auth-library");
const CLIENT_ID = process.env.GOOGLE_CLIENT_ID;
const CLIENT_SECRET = process.env.GOOGLE_CLIENT_SECRET;
const REDIRECT_URI = "http://localhost:3000/auth/google/callback";
const client = new OAuth2Client(CLIENT_ID, CLIENT_SECRET, REDIRECT_URI);
// callback from google
app.get("/auth/google/callback", async (req, res) => {
const { code } = req.query;
try {
const { tokens } = await client.getToken(code);
client.setCredentials(tokens);
// get user informations
const { data } = await client.request({
url: "https://www.googleapis.com/oauth2/v1/userinfo?alt=json",
method: "GET",
});
// console.log("google data : ", data);
// use JWT to create token and store it in session or cookies
const token = jwt.sign(
{
...data,
},
process.env.JWT_SECRET,
{
expiresIn: "1h",
}
);
res.cookie("token", token, {
httpOnly: true,
secure: process.env.NODE_ENV === "production",
});
res.redirect("/");
} catch (error) {
console.error(error);
res.status(500).send("Server error");
}
});
app.get("/auth/google", (req, res) => {
// Generate the url that will be used for the consent dialog.
const authUrl = client.generateAuthUrl({
access_type: "offline",
scope: ["email", "profile"],
});
res.redirect(authUrl);
});
const jwtAuthMiddleware = (req, res, next) => {
const cookies = req.cookies;
// console.log("Cookies:", cookies);
// no cookies or no token provide send status 401 unauthorized
if (!cookies || !cookies.token) {
return res.status(401).send("Unauthorized");
}
const token = req.cookies.token;
try {
const decoded = jwt.verify(token, process.env.JWT_SECRET);
// sent user data through request
req.user = decoded;
next();
} catch (err) {
console.error("Error verifying JWT token:", err);
return res.status(401).json({ message: "Unauthorized", err });
}
};
app.get("/", jwtAuthMiddleware, (req, res) => {
// console.log(req.user);
res.send(`Hello ${req.user.name}!`);
});
app.get("/logout", (req, res) => {
// clear token in cookie to make user logout
res.clearCookie("token");
// redirects the request back to the referrer, "/" by default
res.redirect("back");
// avoid web request hanging
res.end();
});
app.listen(3000, () => console.log("Listening at port 3000"));