We’ve recently published a node.js client library to let the node community to talk to Google APIs in a more pleasant way. As a quick starter demo, I’ve implemented a middleware for Connect that helps you to easily add Google+ Sign In to your Connect-powered projects (such as express web apps) with a few lines of code.
The sample middleware is called plussignin and available on burcu/node-plussignin. Assume you have an existing express project or creating a new one. There are two additional steps to enable Google+ sign-in:
- Add express.cookieParser, express.session and plussignin middlewares to your app.
- Configure plussignin with your client ID, client secret, redirect URI and required scopes. (Client ID and secret are available on API Console.
plussignin will add the following routes to your application and will handle OAuth 2.0 flow for your app automagically.
/login: Redirects user to the authorization dialog and ask for confirmation./logout: Will remove the user and his/her profile from the session, logs the user out./pluscallback: When a user grants permissions to your app on the auth dialog, this end-point will be hooked. plussign will exchange tokens with Google OAuth 2.0 endpoints to retrieve an access token. Once an access token is acquired, it will make a request to retrieve user’s profile. Once this flow is executed successfully, it will put the user and user’s profile into the session and redirect the logged-in user to the homepage./error: If an error occurs during OAuth 2.0 flow, user will be redirected to /error.
The following snippet illustrates a sample usage.
var express = require('express'),
plussignin = require('./plussignin.js'),
MemoryStore = express.session.MemoryStore,
app = express();
var CLIENT_ID = 'YOUR_CLIENT_ID_HERE',
CLIENT_SECRET = 'YOUR_CLIENT_SECRET_HERE',
REDIRECT_URI = 'http://localhost:3000/pluscallback',
SCOPES = [
'https://www.googleapis.com/auth/plus.login'];
app.use(express.cookieParser('something secret'));
app.use(express.session({ secret: 'yet another secret', store: new MemoryStore() }));
app.use(plussignin({ clientId: CLIENT_ID, clientSecret: CLIENT_SECRET, redirectUri: REDIRECT_URI, scopes: SCOPES }));
// renders the homepage
app.get('/', function(req, res) {
res.render('index', { plus: req.plus });
});
app.listen(3000);
console.log('Im listening you on port 3000...');
Some more good news: req objects are extended with several utilities.
req.plus.isLoggedInis true, if there is a user in the session.req.plus.oauth2is a googleapis.OAuth2Client.req.plus.profileis user profile object.req.plus.people.get({ userId: '' });returns a regular googleapis Request object.
Note: Many asked why this is not a module. Answer: It’s not prod ready. I’m willing to clean it up, provide some other essential features, and release it as a module.
Burcu Dogan 
But couln’t one just use Passport.js strategy?
It has a Google strategy, which (AFAIK) is the same as Google+ Sign In.
@jmendeth, as for auth, you are right. Google+ Sign In is based on OAuth 2.0 and this module is somehow identical to what has been implemented for Passport’s Google Strategy.
Passport is a mature middleware, this snippet is obviously not a direct alternative, but it allows you to make requests to Google+ API and injects an API client [1] into req objects. In the short-term, I’m planning to add features to allow you to speak multiple Google APIs once you are authenticated. So, if you’re building an app around Google APIs, this may be a better solution.
[1] https://github.com/google/google-api-nodejs-client
Aah, OK. I understand.
Good idea, then!