I am developing an application which is only going to be required to be used by a few people within the organisation. It is being developed using Yeoman and expressJS.
What i need to do is only authenticate a few users to use their google accounts as they require access to google calendars etc which they currently share within their organisation. The only difference is that it will be used within the application.
The users will need to login but trying to find out how i can use their google accounts to login and colloborate?
I only want to limit it to certain users.
Hope someone can assist.
Regards
Passport.js is a popular choice of authentication/authorisation library. You can easily integrate it with express. It has a strategy for google account using OAuth as passport-google-oauth.
I have never used it, but it seems very straightforward.
If you have ever used the google API the examples seem easy to understand.
https://github.com/google/google-api-nodejs-client/
Related
We are prototyping in dialogflow which is going well but I have what is more of a strategic question. Our app will interact with APIs in a third party system that requires user/password credentials, I am wondering if anyone can recommend an appropriate approach.
For example when I start the app in Google Assistant it knows who I am from my google account, this account however has no authorization for the target system - it needs an ID / password. I can prompt the user for these and they can type/say the values with which we can connect but this prompts more questions:
Is this secure? Clearly speaking my password isn't a great plan.
If this approach is reasonable is there a way to save my credentials within the app so that I don't have to enter them next time?
Are there other approaches to remote authentication you'd recommend? I have searched around but so far without any success.
Any tips would be much appreciated.
Chris.
Google provides build in authentication options for Google Assistant. Have a look at the documentation. If you wish to connect your Google Assistant app to your own login you want to have a look at the 0Auth or Google Sign-in + OAuth options. Depending on your requirements, one might be a better fit.
Accountlinking is a build in solution, if you implement this you will have done it in a secure way and it is integrated with the users Google Account, so when they come back into your app they won't have to enter any credentials again.
I am creating a web app and I have implemented authentication using Facebook, Google. Now I want to authenticate using weChat. I understand I need to use "passport-wechat-auth" but for that I need to create wechat account and that throws me failure each time. SO if anyone have better idea to implement it will be very helpful.
Basically you must have a official wechat account to implement. For authentication as like FB etc, you an use WeChat-oauth npm module to do it.
In-Case if you don't have a actual official account. You can use sandbox account for development.Wechat Sandbox
I would like to develop a system that can help any developer to create an application based to my API.
My problem is authentication.
I have see (for example) as work google with your services; I would like create an system of oauth (private) such as google (concept) that an developer, after sign to my portal, get APP ID and APP SECRET.
When developer self create these credentials, can use for call API based to https.
My API are developed by nodejs and express system.
I say which way is more stable for create an system robust for this scenario.
Thanks for any support. Any idea is appreciate
You can try http://passportjs.org/, it can work as a middleware with express.
I'm new to the concept of maintaining user accounts in a website. I read from this Google developers page that Google provides an authentication and an authorization service. I'm only interested in maintaining accounts on my website that users can log into using their Google account username and password. I have an Express.js server.
I've spent hours reading about this online and stumbled upon one thing: the passport-google-oauth module can be used to do this. But I was unable to find how to get this working with the latest version of Express. Please help.
I would also like to know how to create a project on the Google Developers Console so that the users do not need Google+ accounts to use oauth2 (to get the Client id and secret).
I want to be able to programmatically update a Youtube playlist using nodejs. In theory, this is possible using the Google API and jsonc.
As I want to do this without user interaction I have been battling with using a Google API Service Account on nodejs server.
Notice there is no API Client Library for Javascript listed on this page.
I then stumbled across this message in the Google documentation for using Service Accounts with Google Drive:
For security reasons service accounts are not supported in client-side Javascript. Service accounts for server-side Javascript is not yet supported.
Is this saying that what I want to achieve is not possible? I cannot use a Service Account on a NodeJS server to make changes to a playlist without user interaction?
Correct. Not yet supported. There have been security problems with service accounts. This may become possible in the future.
Since yet there is no integration via Javascript for security reasons , you maybe want to try implementing this library.
https://github.com/extrabacon/google-oauth-jwt