jaredhanson
commented
10 years ago Take a look at the OAuth 2-based strategy, and the various options that Google supports: https://github.com/jaredhanson/passport-google-oauth https://developers.google.com/accounts/docs/OAuth2WebServer
There's an approvalPrompt option that you can use to force reauthorization.
I have a scenario where I need the user to re-enter their password for a more sensitive part of an application. Is it possible to do this with passport-google? An alternative would be to log out completely and revoke all access to the application, then start again.
I might be reading the wrong article here but I think this is part of the developer policy? https://developers.google.com/+/web/signin/disconnect