New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

gplus-web-auth

Package Overview
Dependencies
Maintainers
2
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

gplus-web-auth

Google Plus Login module for Node.js

latest
Source
npmnpm
Version
0.3.3
Version published
Weekly downloads
1
Maintainers
2
Weekly downloads
 
Created
Source

gplus-web-auth

Google+ login and authentication with client-side sessions for Node.js

Installation

Available via npm, to install it simply run the following line in your project:

npm install gplus-web-auth

Configuration

The module takes three parameters,

  • Google+ credentials
  • A client ID. Create one on Google+ Developer Console and also configure whitelisted domains.
  • Configure the scope of permissions to ask for.
  • (optional) Configure a custom oauth2callback path, default is /oauth2callback.
  • Session details
  • Configure the name of the cookie to use.
  • A random string to encrypt the cookies.
  • Duration of the token expiry
  • In case token is about to expire, extend the session for.
  • Authorization method
  • A function that gets the user object from Google+ as the first parameter and a callback as second parameter. Simply return a truthy value on the callback method to authorise the user.
var auth = require('gplus-web-auth')({
  google: {
    client_id: "applicationid123.apps.googleusercontent.com",
    scope: ['profile', 'email'],
    callbackPath: "/custom/oauth2callback"
  },
  session: {
    cookieName: "gplusauth", // cookie name dictates the key name added to the request object
    secret: "secret", // should be a large unguessable string
    duration: 24 * 60 * 60 * 1000, // how long the session will stay valid in ms
    activeDuration: 1000 * 60 * 5 // if expiresIn < activeDuration, the session will be extended by activeDuration milliseconds
  },
  authorize: function(req, user, done){
    var authorized = (user.email.split('@')[1] === "application.com");
    done(authorized);
  }
});

Usage

Now simply use the auth object as a middleware on your app:

app.use(auth);

and use auth.verify middleware on routes that you wish should require authentication.

app.get('/admin', auth.verify, function(req, res) {
  res.render('index');
});

Calling app.use(auth) sets up this route on your app: /oauth2callback to use for authentication callbacks.

Caveats

Because this module uses client-side sessions - you do not need a session store on the server - hence easy to get up and running. But also you should not use Express's session middleware as it might conflict.

Author

Sunil Pai, threepointone@gmail.com
Param Aggarwal, paramaggarwal@gmail.com

License

gplus-web-auth is available under the MIT license.

Keywords

google
plus
web
auth
login

FAQs

Package last updated on 04 May 2015

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Security News

Axios Maintainer Confirms Social Engineering Attack Behind npm Compromise

Axios compromise traced to social engineering, showing how attacks on maintainers can bypass controls and expose the broader software supply chain.

By Sarah Gooding  -  Apr 02, 2026