The latest articles on Forem by Samip Poudel (@samippoudel). https://forem.com/samippoudel https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F451692%2F1b6b807d-79b0-415d-8cbf-17abad31cc71.png https://forem.com/samippoudel en Samip Poudel Tue, 02 Nov 2021 04:20:29 +0000 https://forem.com/samippoudel/google-oauth-using-typescript-expressjs-passportjs-mongodb-5el8 https://forem.com/samippoudel/google-oauth-using-typescript-expressjs-passportjs-mongodb-5el8 <p>OAuth (stands for Open Authorization) is a standard protocol that allows an app to get delegated access to resources of a 3rd party service like Google, Facebook, Github, etc. OAuth is one of the most popular ways to authorize users in modern web apps because of its:</p> <ul> <li> <strong>Security:</strong> OAuth doesn't share passwords, instead, it uses authorization tokens to identify users. So the consumer's password is safe from breaches.</li> <li> <strong>Better UX:</strong> It's more convenient for users to sign in with a few clicks than to fill out a giant form.</li> <li> <strong>Better DX:</strong> OAuth is simple to implement and developers don't have to worry about the complexity of authenticating users.</li> </ul> <p>In this article, we will build a Node.js app that uses Google OAuth to sign in users and we will use passport.js which will make the whole process simpler. You can reference the GitHub project linked below if you get stuck in any section. So, without further ado, let's start.</p> <blockquote> <p>Github Project Link: <a href="https://github.com/SamipPoudel58/nodejs-ts-google-oauth" rel="noopener noreferrer">https://github.com/SamipPoudel58/nodejs-ts-google-oauth</a></p> </blockquote> <h2> Initial Setup </h2> <p>Create a folder and initialize the application as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">mkdir </span>oauth-app <span class="nb">cd </span>oauth-app npm init <span class="nt">-y</span> </code></pre> </div> <p>Install all the necessary packages, we will be using these to build our app.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm i express mongoose ejs passport passport-google-oauth20 cookie-session dotenv </code></pre> </div> <p>We need <code>express</code> to create our server, <code>mongoose</code> to query our database, <code>ejs</code> as our templating engine to render HTML pages to the client, <code>passport</code> &amp; <code>passport-google-oauth20</code> to handle the whole OAuth process, <code>cookie-session</code> to store user session data in a cookie, and <code>dotenv</code> to manage environment variables.</p> <p>Besides these packages, we will need some more packages for our development process.</p> <ul> <li> <strong>typescript</strong> - We will need the typescript compiler to compile our <code>TypeScript</code> files into <code>JavaScript</code>.</li> <li> <strong>ts-node</strong> - ts-node can run typescript files directly without compiling them to a javascript file.</li> <li> <strong>nodemon</strong> - nodemon automatically refreshes the server as soon as it detects a change in the files.</li> <li> <strong>Type Definition files</strong> - Some of the packages that we installed need their respective "Type Definition" files to work with typescript.</li> </ul> <p>We can install these packages as dev dependencies (using -D flag)<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">-D</span> typescript ts-node nodemon @types/node @types/express @types/passport @types/passport-google-oauth20 </code></pre> </div> <p>We can configure typescript's behavior using <code>tsconfig.json</code>. To generate this file, use this command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>tsc <span class="nt">--init</span> </code></pre> </div> <p>We will set our root directory to be <code>./src</code> and the output directory to be <code>./dist</code> ( this is where typescript will output our javascript files ). In your <code>tsconfig.json</code> find "outDir" and "rootDir" and comment them out and edit them as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="nl">"outDir"</span><span class="p">:</span><span class="w"> </span><span class="s2">"./dist"</span><span class="err">,</span><span class="w"> </span><span class="nl">"rootDir"</span><span class="p">:</span><span class="w"> </span><span class="s2">"./src"</span><span class="w"> </span></code></pre> </div> <p>Inside the src folder create a file <code>app.ts</code>.<br> Now let's add scripts in <code>package.json</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="w"> </span><span class="nl">"start"</span><span class="p">:</span><span class="w"> </span><span class="s2">"node dist/app.js"</span><span class="err">,</span><span class="w"> </span><span class="nl">"dev"</span><span class="p">:</span><span class="w"> </span><span class="s2">"nodemon src/app.ts"</span><span class="err">,</span><span class="w"> </span><span class="nl">"build"</span><span class="p">:</span><span class="w"> </span><span class="s2">"tsc -p ."</span><span class="w"> </span></code></pre> </div> <h2> Importing Environment Variables </h2> <p>We will be using credentials and keys that should be secret from the public. We can store them in a <code>.env</code> file. Create a <code>.env</code> file at the root of your project.</p> <blockquote> <p>Make sure you add it in your <code>.gitignore</code> file, so you don't accidentally commit and push it for the whole world to see.</p> </blockquote> <p>Add these variables and their appropriate values.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>PORT = 3000 NODE_ENV = development MONGO_LOCAL = your_local_db_URI MONGO_PROD = your_production_db_URI </code></pre> </div> <p>These variables can be directly accessed using <code>process.env.VARIABLE</code> but I feel we can do better. We will create a file that will check if the required variables are available and valid and then export them.</p> <p>Create a <code>utils</code> folder inside <code>src</code>. Inside <code>utils</code> create a file <code>secrets.ts</code> which will look something like this.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">dotenv</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">dotenv</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">fs</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">fs</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// checking if .env file is available</span> <span class="k">if </span><span class="p">(</span><span class="nx">fs</span><span class="p">.</span><span class="nf">existsSync</span><span class="p">(</span><span class="dl">"</span><span class="s2">.env</span><span class="dl">"</span><span class="p">))</span> <span class="p">{</span> <span class="nx">dotenv</span><span class="p">.</span><span class="nf">config</span><span class="p">({</span> <span class="na">path</span><span class="p">:</span> <span class="dl">"</span><span class="s2">.env</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">"</span><span class="s2">.env file not found.</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="c1">// checking the environment, so that we can setup our database accordingly</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">ENVIRONMENT</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NODE_ENV</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">prod</span> <span class="o">=</span> <span class="nx">ENVIRONMENT</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">production</span><span class="dl">"</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">PORT</span> <span class="o">=</span> <span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">||</span> <span class="mi">3000</span><span class="p">)</span> <span class="k">as</span> <span class="kr">number</span><span class="p">;</span> <span class="c1">// selecting the database URI as per the environment</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">MONGO_URI</span> <span class="o">=</span> <span class="nx">prod</span> <span class="p">?</span> <span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">MONGO_PROD</span> <span class="k">as</span> <span class="kr">string</span><span class="p">)</span> <span class="p">:</span> <span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">MONGO_LOCAL</span> <span class="k">as</span> <span class="kr">string</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">MONGO_URI</span><span class="p">)</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">prod</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span> <span class="dl">"</span><span class="s2">No mongo connection string. Set MONGO_PROD environment variable.</span><span class="dl">"</span> <span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span> <span class="dl">"</span><span class="s2">No mongo connection string. Set MONGO_LOCAL environment variable.</span><span class="dl">"</span> <span class="p">);</span> <span class="p">}</span> <span class="nx">process</span><span class="p">.</span><span class="nf">exit</span><span class="p">(</span><span class="mi">1</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>Now we are ready to create our server.</p> <h2> Setting up the server </h2> <p>Let's create a basic express server, connect it to the DB (database). We will also set our <code>view engine</code> to be <code>ejs</code> so that we can render pages to our client. Your <code>app.ts</code> should look as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">MONGO_URL</span><span class="p">,</span> <span class="nx">PORT</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./utils/secrets</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">"</span><span class="s2">view engine</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">ejs</span><span class="dl">"</span><span class="p">);</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nf">connect</span><span class="p">(</span><span class="nx">MONGO_URI</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">connected to mongodb</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="nx">PORT</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">App listening on port: </span><span class="dl">"</span> <span class="o">+</span> <span class="nx">PORT</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Now, let's create our homepage. Create a <code>views</code> folder in the root, this <code>views</code> folder is where our app will look for when it has to render a page. Next, create a <code>home.ejs</code> file which you can fill with basic HTML as follows<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="cp">&lt;!DOCTYPE html&gt;</span> <span class="nt">&lt;html</span> <span class="na">lang=</span><span class="s">"en"</span><span class="nt">&gt;</span> <span class="nt">&lt;head&gt;</span> <span class="nt">&lt;meta</span> <span class="na">charset=</span><span class="s">"UTF-8"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;meta</span> <span class="na">http-equiv=</span><span class="s">"X-UA-Compatible"</span> <span class="na">content=</span><span class="s">"IE=edge"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;meta</span> <span class="na">name=</span><span class="s">"viewport"</span> <span class="na">content=</span><span class="s">"width=device-width, initial-scale=1.0"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;title&gt;</span>Oauth App<span class="nt">&lt;/title&gt;</span> <span class="nt">&lt;/head&gt;</span> <span class="nt">&lt;body&gt;</span> <span class="nt">&lt;h1&gt;</span>This is home<span class="nt">&lt;/h1&gt;</span> <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/auth/login"</span><span class="nt">&gt;</span>Go to login page<span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;/body&gt;</span> <span class="nt">&lt;/html&gt;</span> </code></pre> </div> <p>We want this home page to be rendered when clients visit the <code>/</code> route. So let's set up the home route and see if the page is rendered. In <code>app.ts</code> add the following route handler.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">render</span><span class="p">(</span><span class="dl">"</span><span class="s2">home</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>If you go to <code>http://localhost:3000</code> you should be able to view the homepage. Yay!</p> <p>Next up, to set up our authentication routes let's create a folder <code>routes</code> inside the <code>src</code> folder and add a file <code>authRoutes.ts</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">router</span> <span class="o">=</span> <span class="nx">express</span><span class="p">.</span><span class="nc">Router</span><span class="p">();</span> <span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/login</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// this will render login.ejs file</span> <span class="nx">res</span><span class="p">.</span><span class="nf">render</span><span class="p">(</span><span class="dl">"</span><span class="s2">login</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> <span class="k">export</span> <span class="k">default</span> <span class="nx">router</span><span class="p">;</span> </code></pre> </div> <p>Import this route in <code>app.ts</code> and use it as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">authRoutes</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./routes/authRoutes</span><span class="dl">"</span><span class="p">;</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/auth</span><span class="dl">"</span><span class="p">,</span> <span class="nx">authRoutes</span><span class="p">);</span> </code></pre> </div> <p>This will render a login page when someone visits the route <code>/auth/login</code> as all the routes in <code>authRoutes.ts</code> will be prefixed with <code>/auth</code>.<br> So, let's create a <code>login.ejs</code> file inside the views folder.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="cp">&lt;!DOCTYPE html&gt;</span> <span class="nt">&lt;html</span> <span class="na">lang=</span><span class="s">"en"</span><span class="nt">&gt;</span> <span class="nt">&lt;head&gt;</span> <span class="nt">&lt;meta</span> <span class="na">charset=</span><span class="s">"UTF-8"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;meta</span> <span class="na">http-equiv=</span><span class="s">"X-UA-Compatible"</span> <span class="na">content=</span><span class="s">"IE=edge"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;meta</span> <span class="na">name=</span><span class="s">"viewport"</span> <span class="na">content=</span><span class="s">"width=device-width, initial-scale=1.0"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;title&gt;</span>Login<span class="nt">&lt;/title&gt;</span> <span class="nt">&lt;/head&gt;</span> <span class="nt">&lt;body&gt;</span> <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/"</span><span class="nt">&gt;</span>Homepage<span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;h3&gt;</span>Login to Continue<span class="nt">&lt;/h3&gt;</span> <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/auth/google"</span><span class="nt">&gt;</span>Login with Google<span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;/body&gt;</span> <span class="nt">&lt;/html&gt;</span> </code></pre> </div> <h2> Google Developer Console Setup </h2> <p>Before we continue with our app, we will need to register our app through the Google developer console and get <code>CLIENT_ID</code> &amp; <code>CLIENT_SECRET</code>. Follow these steps:</p> <ol> <li><p>Visit <a href="https://console.cloud.google.com/apis/dashboard" rel="noopener noreferrer">Google Developer Console</a></p></li> <li><p>From the navigation bar at the top, create a new project.</p></li> <li><p>Now click on <code>Enable APIs &amp; Services</code>, scroll down and choose Google+ API and click "Enable".<br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1634917456938%2FVfvXiGek6.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1634917456938%2FVfvXiGek6.png" alt="image.png"></a></p></li> <li><p>Navigate to the <code>OAuth consent screen</code> tab, where will set up our consent screen. You will be asked to choose the user type, choose <code>External</code>, and hit <code>Create</code>.</p></li> <li><p>Under App Information, add your app name, email, and logo (optional)<br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1634917949086%2FoUYKhjvfr.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1634917949086%2FoUYKhjvfr.png" alt="image.png"></a></p></li> <li><p>Under App domain, add application homepage (it can be <a href="http://localhost:3000" rel="noopener noreferrer">http://localhost:3000</a> for now, later you can change it when you have deployed it). Navigate to the bottom of the page add your email in the "Developer contact information" field and click "SAVE AND CONTINUE".</p></li> <li><p>You will be directed to the scopes page, click on "Add or Remove Scopes" and check the first two ie. <code>userinfo.email</code> &amp; <code>userinfo.profile</code>.<br> Scope means what data do we want to access from the user's Google account. Here we want just the email and profile, if you need more or less data check the boxes accordingly. Now, save and continue.<br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1634919881566%2Fw3Tf-6q25.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1634919881566%2Fw3Tf-6q25.png" alt="image.png"></a></p></li> <li><p>Check the summary and see if you've filled the details right and click on "Back to dashboard".</p></li> <li><p>Go to the "Credentials" tab and click on "Create Credentials" and choose the "OAuth Client ID" option. Choose the application type to be "Web Application" and give it a name. In Authorized Javascript Origin, use the current URL of the application i.e <code>http://localhost:3000</code>. In the authorized redirect URI, put<br> </p></li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>http://localhost:3000/auth/google/redirect </code></pre> </div> <blockquote> <p>🚨 Make sure the route is precisely "/auth/google/redirect" because we will set up our routes accordingly.<br> Now hit create.<br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1634921476935%2F_udtxE2s-.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1634921476935%2F_udtxE2s-.png" alt="image.png"></a></p> </blockquote> <ol> <li>You will be provided with <code>client ID</code> and <code>client Secret</code> copy those into your .env as </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>GOOGLE_CLIENT_ID = your_google_client_id GOOGLE_CLIENT_SECRET = your_google_client_secret </code></pre> </div> <ol> <li>Now, in your <code>secrets.ts</code>, export these credentials as </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">GOOGLE_CLIENT_ID</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">GOOGLE_CLIENT_ID</span> <span class="k">as</span> <span class="kr">string</span><span class="p">;</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">GOOGLE_CLIENT_SECRET</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">GOOGLE_CLIENT_SECRET</span> <span class="k">as</span> <span class="kr">string</span><span class="p">;</span> </code></pre> </div> <p>Now that we have our credentials, we can start setting up passport.js strategy in our app.</p> <h2> Passport Setup </h2> <p>Passport is an authentication middleware that will handle most of the complexity of implementing OAuth through different strategies. Passport provides a wide variety of strategies to implement different types of authentication. Here we will set up the <code>passport-google-oauth20</code> strategy.</p> <p>First, create a <code>config</code> folder inside <code>src</code> and create a <code>passport.ts</code> inside it which should look as follows:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">passport</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">passport</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">passportGoogle</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">passport-google-oauth20</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">GOOGLE_CLIENT_ID</span><span class="p">,</span> <span class="nx">GOOGLE_CLIENT_SECRET</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../utils/secrets</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">GoogleStrategy</span> <span class="o">=</span> <span class="nx">passportGoogle</span><span class="p">.</span><span class="nx">Strategy</span><span class="p">;</span> <span class="nx">passport</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span> <span class="k">new</span> <span class="nc">GoogleStrategy</span><span class="p">(</span> <span class="p">{</span> <span class="na">clientID</span><span class="p">:</span> <span class="nx">GOOGLE_CLIENT_ID</span><span class="p">,</span> <span class="na">clientSecret</span><span class="p">:</span> <span class="nx">GOOGLE_CLIENT_SECRET</span><span class="p">,</span> <span class="na">callbackURL</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/auth/google/redirect</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">(</span><span class="nx">accessToken</span><span class="p">,</span> <span class="nx">refreshToken</span><span class="p">,</span> <span class="nx">profile</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// get profile details</span> <span class="c1">// save profile details in db</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> </code></pre> </div> <p>Now import the <code>passport.ts</code> in your <code>app.ts</code>;<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="dl">"</span><span class="s2">./config/passport</span><span class="dl">"</span><span class="p">;</span> </code></pre> </div> <p>In <code>login.ejs</code>, you can see we had an anchor tag that links to the route <code>/auth/google</code>, we will use this route to redirect users to the Google consent screen. So let's set up that route in <code>authRoutes.ts</code>. Add these following lines<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">passport</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">passport</span><span class="dl">"</span><span class="p">;</span> <span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span> <span class="dl">"</span><span class="s2">/google</span><span class="dl">"</span><span class="p">,</span> <span class="nx">passport</span><span class="p">.</span><span class="nf">authenticate</span><span class="p">(</span><span class="dl">"</span><span class="s2">google</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">scope</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">profile</span><span class="dl">"</span><span class="p">],</span> <span class="p">})</span> <span class="p">);</span> </code></pre> </div> <p>You can see we use <code>passport.authenticate()</code> which accepts 2 arguments, first one is the "strategy" we want to use i.e Google in our case, the second is an object that defines the scope.<br> Scopes are the pieces of data that we want from the user's account.</p> <p>Now if you go to <code>http://localhost:3000/auth/login</code> and click on login with google, you will hit the route <code>/auth/google</code> which will take you to the consent screen, and if you try to login you will get an error<br> <code>Cannot GET /auth/google/redirect</code><br> This is because, after we login with google, it redirects us to this callback route (which we configured in our developer console ) but we have not yet set up this route in our app. So let's do it.</p> <p>In the same <code>authRoutes.ts</code> file just below <code>/google</code> route handler, create a handler for <code>/google/redirect</code> as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/google/redirect</span><span class="dl">"</span><span class="p">,</span> <span class="nx">passport</span><span class="p">.</span><span class="nf">authenticate</span><span class="p">(</span><span class="dl">"</span><span class="s2">google</span><span class="dl">"</span><span class="p">),</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">This is the callback route</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>This will get rid of the error but you might have noticed the consent screen is stuck, this is because the callback function in our passport.ts file is empty. Inside this callback function, we receive data from Google about the user, so this is where we can store the user data in our database.</p> <h2> Storing User Data </h2> <p>Now, we need to set up our database to store the user data. Let's build the user model. Create a folder "models" inside the src folder and inside it create a <code>User.ts</code> file where we can define the schema as:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">mongoose</span><span class="p">,</span> <span class="p">{</span> <span class="nx">Document</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">mongoose</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">Schema</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nx">Schema</span><span class="p">;</span> <span class="k">export</span> <span class="kd">type</span> <span class="nx">UserDocument</span> <span class="o">=</span> <span class="nx">Document</span> <span class="o">&amp;</span> <span class="p">{</span> <span class="na">username</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">email</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">googleId</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">userSchema</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">Schema</span><span class="o">&lt;</span><span class="nx">UserDocument</span><span class="o">&gt;</span><span class="p">({</span> <span class="na">username</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">googleId</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">User</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nx">model</span><span class="o">&lt;</span><span class="nx">UserDocument</span><span class="o">&gt;</span><span class="p">(</span><span class="dl">"</span><span class="s2">User</span><span class="dl">"</span><span class="p">,</span> <span class="nx">userSchema</span><span class="p">);</span> <span class="k">export</span> <span class="k">default</span> <span class="nx">User</span><span class="p">;</span> </code></pre> </div> <p>As you can see we will only store the username, email, and googleId which will help us to identify users. We are also exporting a type "UserDocument".<br> Now let's complete our callback function in <code>passport.ts</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">passport</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span> <span class="k">new</span> <span class="nc">GoogleStrategy</span><span class="p">(</span> <span class="p">{</span> <span class="na">clientID</span><span class="p">:</span> <span class="nx">GOOGLE_CLIENT_ID</span><span class="p">,</span> <span class="na">clientSecret</span><span class="p">:</span> <span class="nx">GOOGLE_CLIENT_SECRET</span><span class="p">,</span> <span class="na">callbackURL</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/auth/google/redirect</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="k">async </span><span class="p">(</span><span class="nx">accessToken</span><span class="p">,</span> <span class="nx">refreshToken</span><span class="p">,</span> <span class="nx">profile</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">User</span><span class="p">.</span><span class="nf">findOne</span><span class="p">({</span> <span class="na">googleId</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">id</span> <span class="p">});</span> <span class="c1">// If user doesn't exist creates a new user. (similar to sign up)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">user</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">newUser</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">User</span><span class="p">.</span><span class="nf">create</span><span class="p">({</span> <span class="na">googleId</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">id</span><span class="p">,</span> <span class="na">name</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">displayName</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="nx">profile</span><span class="p">.</span><span class="nx">emails</span><span class="p">?.[</span><span class="mi">0</span><span class="p">].</span><span class="nx">value</span><span class="p">,</span> <span class="c1">// we are using optional chaining because profile.emails may be undefined.</span> <span class="p">});</span> <span class="k">if </span><span class="p">(</span><span class="nx">newUser</span><span class="p">)</span> <span class="p">{</span> <span class="nf">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">newUser</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nf">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">user</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> </code></pre> </div> <p>This callback function receives an accessToken and refreshToken</p> <ul> <li> <strong>accessToken</strong> - accessToken allows the application to make API requests to access or modify users' data on their behalf.</li> <li> <strong>refreshToken</strong> - accessToken expire after a certain time, so we use refreshToken to refresh them.</li> </ul> <blockquote> <p>We won't be needing these two tokens in our current app for now.</p> </blockquote> <p>This callback function also receives a profile as you can see. Using the google id we get from the "profile", we will check if the user exists in our database, if it does we will pass it using the "done" function that we received otherwise we will first create &amp; save the user and then pass it using the "done" function. What this "done" function does is, it passes the user information so that it can be accessed by <code>passport.serializeUser</code> for login sessions</p> <h2> Serialize &amp; Deserialize User </h2> <p>Passport has a <code>serializeUser</code> method which receives user data from the passport callback function i.e from <code>done(null, user)</code> and stores it in a cookie, (when done function is called). Here we are storing only <code>user.id</code> which will help us identify the user. Let's add this method in <code>passport.ts</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">passport</span><span class="p">.</span><span class="nf">serializeUser</span><span class="p">((</span><span class="nx">user</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">user</span><span class="p">.</span><span class="nx">id</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Passport has a <code>deserializeUser</code> method that reads the cookie and gets the stored user id, here we use that Id to find the user in our database and after we call done function it attached that user data into our request, which can be accessed through <code>req.user</code>. Let's add this method in <code>passport.ts</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">passport</span><span class="p">.</span><span class="nf">deserializeUser</span><span class="p">(</span><span class="k">async </span><span class="p">(</span><span class="nx">id</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">User</span><span class="p">.</span><span class="nf">findById</span><span class="p">(</span><span class="nx">id</span><span class="p">);</span> <span class="nf">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">user</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>In the serialize method, You might have encountered a typescript error:</p> <blockquote> <p>Property 'id' does not exist on type 'User'</p> </blockquote> <p>To understand this error, let's look at the type definition file of passport.js.<br> In VS Code you can press Ctrl and click on the package name from any of the import statements, or simply navigate to<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>node_modules &gt; @types &gt; passport &gt; index.d.ts </code></pre> </div> <p>You should see something like this<br> Note: This is just a small portion of the code<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kr">declare</span> <span class="nb">global</span> <span class="p">{</span> <span class="k">namespace</span> <span class="nx">Express</span> <span class="p">{</span> <span class="c1">// tslint:disable-next-line:no-empty-interface</span> <span class="kr">interface</span> <span class="nx">AuthInfo</span> <span class="p">{}</span> <span class="c1">// tslint:disable-next-line:no-empty-interface</span> <span class="kr">interface</span> <span class="nx">User</span> <span class="p">{}</span> <span class="kr">interface</span> <span class="nx">Request</span> <span class="p">{</span> <span class="nl">authInfo</span><span class="p">?:</span> <span class="nx">AuthInfo</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">;</span> <span class="nl">user</span><span class="p">?:</span> <span class="nx">User</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>As you can see, this type definition file overrides the interface of Request and adds a property user whose type is an empty interface, so that's the reason, for the error because there is no property <code>id</code> in User.</p> <p>So to solve this, create a <code>typings</code> folder inside <code>src</code> folder. Inside the <code>typings</code> folder create an <code>express</code> folder and inside it create a file <code>index.d.ts</code>. This is where we will override the type of User.<br> Your index.d.ts should look something like this<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">UserDocument</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">../../models/User</span><span class="dl">"</span><span class="p">;</span> <span class="kr">declare</span> <span class="nb">global</span> <span class="p">{</span> <span class="k">namespace</span> <span class="nx">Express</span> <span class="p">{</span> <span class="kr">interface</span> <span class="nx">User</span> <span class="kd">extends</span> <span class="nx">UserDocument</span> <span class="p">{}</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>Here we are setting the <code>User</code> interface to extend <code>UserDocument</code> interface which we created in the <code>UserModel.ts</code>.<br> Now go to your <code>tsconfig.json</code> file and add typeRoots value as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="nl">"typeRoots"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"./src/typings"</span><span class="p">,</span><span class="w"> </span><span class="s2">"./node_modules/@types"</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <p>Now the error should be fixed, so let's move on.</p> <h2> Setting up cookies </h2> <p>To store session data in a cookie, we will use the package "cookie-session" and also initialize passport to use sessions. We can do that using the following code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">cookieSession</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">cookie-session</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">passport</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">passport</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">COOKIE_KEY</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./utils/secrets</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// setting up cookieSession</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span> <span class="nf">cookieSession</span><span class="p">({</span> <span class="na">maxAge</span><span class="p">:</span> <span class="mi">24</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">,</span> <span class="na">keys</span><span class="p">:</span> <span class="p">[</span><span class="nx">COOKIE_KEY</span><span class="p">],</span> <span class="p">})</span> <span class="p">);</span> <span class="c1">// initialize passport</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">passport</span><span class="p">.</span><span class="nf">initialize</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">passport</span><span class="p">.</span><span class="nf">session</span><span class="p">());</span> </code></pre> </div> <p>As you can see "cookieSession" requires a secret key that will be used to encrypt the cookies, which we are importing from "utils/secrets.ts". But we haven't really exported it. so let's do that.</p> <p>First, add the secret key in your <code>.env</code> file, the value can be literally any random string you want:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>COOKIE_KEY = any_long_and_random_string </code></pre> </div> <p>And then, In your <code>secrets.ts</code> add this line:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">const</span> <span class="nx">COOKIE_KEY</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">COOKIE_KEY</span> <span class="k">as</span> <span class="kr">string</span><span class="p">;</span> </code></pre> </div> <p>That was a lot, wasn't it? Just to check if you got everything correctly setup, your <code>app.ts</code> should look something like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">mongoose</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">mongoose</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">COOKIE_KEY</span><span class="p">,</span> <span class="nx">MONGO_URI</span><span class="p">,</span> <span class="nx">PORT</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./utils/secrets</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">authRoutes</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./routes/authRoutes</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="dl">"</span><span class="s2">./config/passport</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">cookieSession</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">cookie-session</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="nx">passport</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">passport</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">set</span><span class="p">(</span><span class="dl">"</span><span class="s2">view engine</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">ejs</span><span class="dl">"</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span> <span class="nf">cookieSession</span><span class="p">({</span> <span class="na">maxAge</span><span class="p">:</span> <span class="mi">24</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">,</span> <span class="na">keys</span><span class="p">:</span> <span class="p">[</span><span class="nx">COOKIE_KEY</span><span class="p">],</span> <span class="p">})</span> <span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">passport</span><span class="p">.</span><span class="nf">initialize</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">passport</span><span class="p">.</span><span class="nf">session</span><span class="p">());</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nf">connect</span><span class="p">(</span><span class="nx">MONGO_URI</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">connected to mongodb</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/auth</span><span class="dl">"</span><span class="p">,</span> <span class="nx">authRoutes</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">render</span><span class="p">(</span><span class="dl">"</span><span class="s2">home</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="nx">PORT</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">App listening on port: </span><span class="dl">"</span> <span class="o">+</span> <span class="nx">PORT</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Now, if try to login, you will successfully get a message "This is the callback route" which means your login is complete.</p> <h2> Setting up the profile page </h2> <p>Instead of just giving a message let's redirect the user to something meaningful, like a profile page.</p> <p>So, in <code>authRoutes.ts</code>, navigate to <code>/google/redirect</code> route and change the controller function as:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/google/redirect</span><span class="dl">"</span><span class="p">,</span> <span class="nx">passport</span><span class="p">.</span><span class="nf">authenticate</span><span class="p">(</span><span class="dl">"</span><span class="s2">google</span><span class="dl">"</span><span class="p">),</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">"</span><span class="s2">/profile</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Now as the user signs in, they will be redirected to the <code>/profile</code> route, but we have not created it yet. So, let's create a <code>profileRoutes.ts</code> file in your <code>src/routes</code> folder.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">router</span> <span class="o">=</span> <span class="nx">express</span><span class="p">.</span><span class="nc">Router</span><span class="p">();</span> <span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">render</span><span class="p">(</span><span class="dl">"</span><span class="s2">profile</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">user</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">user</span> <span class="p">});</span> <span class="p">});</span> <span class="k">export</span> <span class="k">default</span> <span class="nx">router</span><span class="p">;</span> </code></pre> </div> <p>Here we are rendering a profile page (i.e <code>profile.ejs</code> which we have not created yet) and passing in an object that contains the user's data, which we can use in our markup in <code>profile.ejs</code></p> <p>So, now create a <code>profile.ejs</code> file in the <code>views</code> folder. Ejs helps us embed javascript in our markup, so we can use the user data that we passed and render it to the browser.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="cp">&lt;!DOCTYPE html&gt;</span> <span class="nt">&lt;html</span> <span class="na">lang=</span><span class="s">"en"</span><span class="nt">&gt;</span> <span class="nt">&lt;head&gt;</span> <span class="nt">&lt;meta</span> <span class="na">charset=</span><span class="s">"UTF-8"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;meta</span> <span class="na">http-equiv=</span><span class="s">"X-UA-Compatible"</span> <span class="na">content=</span><span class="s">"IE=edge"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;meta</span> <span class="na">name=</span><span class="s">"viewport"</span> <span class="na">content=</span><span class="s">"width=device-width, initial-scale=1.0"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;title&gt;</span>Profile Page<span class="nt">&lt;/title&gt;</span> <span class="nt">&lt;/head&gt;</span> <span class="nt">&lt;body&gt;</span> <span class="nt">&lt;h1&gt;</span>Profile Page<span class="nt">&lt;/h1&gt;</span> <span class="nt">&lt;</span><span class="err">%</span> <span class="na">if</span> <span class="err">(</span><span class="na">user</span><span class="err">)</span> <span class="err">{</span> <span class="err">%</span><span class="nt">&gt;</span> <span class="nt">&lt;h3&gt;</span>Username : <span class="nt">&lt;</span><span class="err">%=</span> <span class="na">user.username</span> <span class="err">%</span><span class="nt">&gt;&lt;/h3&gt;</span> <span class="nt">&lt;h3&gt;</span>Email : <span class="nt">&lt;</span><span class="err">%=</span> <span class="na">user.email</span> <span class="err">%</span><span class="nt">&gt;&lt;/h3&gt;</span> <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/"</span><span class="nt">&gt;</span>Homepage<span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/auth/logout"</span><span class="nt">&gt;</span>Logout<span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;</span><span class="err">%</span> <span class="err">}</span> <span class="err">%</span><span class="nt">&gt;</span> <span class="nt">&lt;/body&gt;</span> <span class="nt">&lt;/html&gt;</span> </code></pre> </div> <p>Now, to use this route in our app, we need to import it in our app.ts and use it as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">profileRoutes</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">./routes/profileRoutes</span><span class="dl">"</span><span class="p">;</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/profile</span><span class="dl">"</span><span class="p">,</span> <span class="nx">profileRoutes</span><span class="p">);</span> </code></pre> </div> <p>The next problem we need to tackle is that anyone can access the <code>/profile</code> route. We don't want that, we only want those users who are logged in to access that page.</p> <p>So to handle this let's create a middleware function, in your <code>profileRoutes.ts</code> create a function "checkAuth".<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">checkAuth</span> <span class="o">=</span> <span class="p">(</span><span class="nx">req</span><span class="p">:</span> <span class="nx">Request</span><span class="p">,</span> <span class="nx">res</span><span class="p">:</span> <span class="nx">Response</span><span class="p">,</span> <span class="nx">next</span><span class="p">:</span> <span class="nx">NextFunction</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">req</span><span class="p">.</span><span class="nx">user</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">"</span><span class="s2">/auth/login</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nf">next</span><span class="p">();</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <p>Now let's add this middleware function in our <code>/profile</code> route handler that we created previously<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="nx">checkAuth</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">render</span><span class="p">(</span><span class="dl">"</span><span class="s2">profile</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">user</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">user</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> <p>Now that we have a login system in place, let's add a way for users to log out. In <code>authRoutes.ts</code> add a logout route as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/logout</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">req</span><span class="p">.</span><span class="nf">logout</span><span class="p">();</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Our app now has a good authentication system. Now let's improve a few more things.</p> <h2> Tackling a few concerns </h2> <p>Currently, our <code>/auth/login</code> route can be accessed even by logged-in users, which doesn't need to happen, so let's redirect users to the profile page if they try to access the login page.</p> <p>In <code>authRoutes.ts</code>, change the <code>/login</code> handler as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">router</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/login</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">user</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">"</span><span class="s2">/profile</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="nx">res</span><span class="p">.</span><span class="nf">render</span><span class="p">(</span><span class="dl">"</span><span class="s2">login</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Here we are doing a simple if check to see if <code>req.user</code> exists and redirect them to the <code>/profile</code> route.</p> <p>Now, on our homepage too, there is a link to go to the login page even for the logged-in user which is unnecessary, so let's add a link to the profile page if the user is logged in.</p> <p>To do that we have to pass user data to our view, in <code>app.ts</code> change the <code>/</code> route handler as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">render</span><span class="p">(</span><span class="dl">"</span><span class="s2">home</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">user</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">user</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> <p>Now in <code>home.ejs</code> file, add an if check to render different anchor tags as per the auth state.<br> Here's what the body should look like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;body&gt;</span> <span class="nt">&lt;h1&gt;</span>This is home<span class="nt">&lt;/h1&gt;</span> <span class="nt">&lt;</span><span class="err">%</span> <span class="na">if</span> <span class="err">(</span><span class="na">user</span><span class="err">)</span> <span class="err">{</span> <span class="err">%</span><span class="nt">&gt;</span> <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/profile"</span><span class="nt">&gt;</span>Go to Profile Page<span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;</span><span class="err">%</span> <span class="err">}</span> <span class="na">else</span> <span class="err">{</span> <span class="err">%</span><span class="nt">&gt;</span> <span class="nt">&lt;a</span> <span class="na">href=</span><span class="s">"/auth/login"</span><span class="nt">&gt;</span>Go to login page<span class="nt">&lt;/a&gt;</span> <span class="nt">&lt;</span><span class="err">%</span> <span class="err">}</span> <span class="err">%</span><span class="nt">&gt;</span> <span class="nt">&lt;/body&gt;</span> </code></pre> </div> <h2> Conclusion </h2> <p>There you have it. We have successfully built an app with complete authentication. I hope this tutorial was helpful. If you had any problems following the tutorial or just wanna compare your code with mine, you can check out the project on github.</p> <blockquote> <p>Github Link: <a href="https://github.com/SamipPoudel58/nodejs-ts-google-oauth" rel="noopener noreferrer">https://github.com/SamipPoudel58/nodejs-ts-google-oauth</a></p> </blockquote> <p>If you have any other questions, hit me up on Twitter.</p> <blockquote> <p>Twitter Link: <a href="https://twitter.com/samip4sure" rel="noopener noreferrer">https://twitter.com/samip4sure</a></p> </blockquote> typescript node mongodb webdev