Episode 6 of 21

Google Strategy Setup

Register your app with Google and configure the OAuth credentials — get the Client ID and Client Secret from the Google Developer Console.

Google Strategy Setup

To use Google OAuth, you need to register your application with Google and get authentication credentials. Let us walk through the setup.

Step 1: Google Developer Console

  1. Go to console.developers.google.com
  2. Create a new project (e.g., "OAuth Tutorial")
  3. Go to Credentials in the left sidebar
  4. Click Create CredentialsOAuth client ID
  5. Select Web application
  6. Add http://localhost:3000 to Authorized JavaScript origins
  7. Add http://localhost:3000/auth/google/redirect to Authorized redirect URIs
  8. Click Create

Google gives you a Client ID and Client Secret. Keep the secret safe — never commit it to version control.

Step 2: Enable the API

  1. Go to Library in the sidebar
  2. Search for "Google+ API" or "Google People API"
  3. Click Enable

Step 3: Configure the Strategy

// config/passport-setup.js
const passport = require('passport');
const GoogleStrategy = require('passport-google-oauth20').Strategy;
const keys = require('./keys');

passport.use(
    new GoogleStrategy({
        clientID: keys.google.clientID,
        clientSecret: keys.google.clientSecret,
        callbackURL: '/auth/google/redirect'
    }, function(accessToken, refreshToken, profile, done) {
        console.log(profile);
    })
);

Step 4: Update the Auth Route

// routes/auth-routes.js
const passport = require('passport');

// Auth with Google
router.get('/google', passport.authenticate('google', {
    scope: ['profile', 'email']
}));

// Callback
router.get('/google/redirect', passport.authenticate('google'),
    function(req, res) {
        res.send('You reached the callback');
    }
);

The scope array tells Google what data you want access to. profile gives you the user's name and photo; email gives you their email address.

Key Takeaways

  • Register your app in the Google Developer Console to get a Client ID and Secret
  • The Redirect URI must match exactly — including the path and protocol
  • Enable the Google+ API or People API for profile access
  • passport.authenticate('google', { scope }) triggers the redirect to Google