nickredmark / ooth

User identity/authentication/accounts management microservice for node.js
https://nmaro.github.io/ooth/
MIT License
605 stars 65 forks source link

Support Google authentication #4

Closed nickredmark closed 7 years ago

detrohutt commented 7 years ago

I'm glad to see you're planning on supporting this. Do you have an estimate of when it'll be ready(days, weeks, months)?

swyxio commented 7 years ago

looking forward to this too. i am still not there yet to begin contributing but i will put my hand up to help out when i can.

nickredmark commented 7 years ago

Hey guys, thanks for writing. It definitely helps to hear that people want a feature to motivate me implementing it. I'll try to get it done within this or next week.

By the way, since I'd like to get a feel as to whether anyone other than me is actually using ooth, so if I may ask: are you using it? Have you tried it out? How did you hear about it? What are your general impressions?

detrohutt commented 7 years ago

I haven't tried it yet. I'm actually waiting on Google(or Facebook) authentication in order to use it because I've stopped using password authentication after being convinced by a few different sources that it's obsolete. I believe I found out about ooth by just searching Medium for "javascript authentication" or something similar a few months ago and reading your ooth article.

Although I haven't used it yet, I did look at most of the source code in this repo to try to get a feel for how it all works and fits together. I was impressed with how clean it all is.

It may help if I tell you my use case... I'm working on a text adventure game with a friend who is not a programmer(he's a writer) so I built a world editor for him to use. We're collaborating remotely so I want to just put the editor online where we can both use it, but I don't want anyone who comes across the site to go deleting our whole world lol. So I just basically want to whitelist 2 accounts using Google or Facebook authentication and otherwise not allow registration.

Also, on an unrelated note, I noticed you use GraphQL and Next.js together.. you may want to check out my babel-plugin, which allows you to use .gql/.graphql files with Next.js.

swyxio commented 7 years ago

as for me, i am personally working through implementing auth with passportjs right now and facing some difficulty with all the configuration (even though this is not my first time with passportjs.. i just got rusty). I do come from the Meteor world so thats why i like the concept of ooth so much but being honest i havent really tried it yet (i last had that node version issue, which is now moot since i upgraded to node 8). I will try it tomorrow. regardless you should do what makes you happy at this early stage in this project as you will def be the #1 user of it

wmertens commented 7 years ago

I am in the process of setting up auth and I came to realize that for a SPA, passportjs is a bad fit. A component like react-google-login is trivial to add and gives you the token in a callback. You can then send the token to the server via whatever mechanism you like (graphql in my case) so the server can verify it and log you in. Passportjs cannot help with any of those steps.

On Mon, Aug 7, 2017, 6:24 PM shawn wang notifications@github.com wrote:

as for me, i am personally working through implementing auth with passportjs right now and facing some difficulty with all the configuration (even though this is not my first time with passportjs.. i just got rusty). I do come from the Meteor world so thats why i like the concept of ooth so much but being honest i havent really tried it yet (i last had that node version issue, which is now moot since i upgraded to node 8). I will try it tomorrow. regardless you should do what makes you happy at this early stage in this project as you will def be the #1 https://github.com/nmaro/ooth/issues/1 user of it

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/nmaro/ooth/issues/4#issuecomment-320711190, or mute the thread https://github.com/notifications/unsubscribe-auth/AADWltHVbVbFSxW-A2EOo004iYWjSrIwks5sVzofgaJpZM4OuNrP .

nickredmark commented 7 years ago

@wmertens your observation is correct, though Passport.js can actually help with the last step (where the server verifies and logs you in). You just have to pick the right package (i.e. not the one that does the whole oauth process). See https://github.com/jmreyes/passport-google-id-token for google, or https://github.com/drudge/passport-facebook-token for facebook. I used these two in ooth-google and ooth-facebook respectively.

nickredmark commented 7 years ago

Implemented as a package here: https://github.com/nmaro/ooth/tree/master/packages/ooth-google Example server-side usage here: https://github.com/nmaro/staart/blob/master/examples/staart/server/ooth.js Example client-side usage here: https://github.com/nmaro/staart/blob/master/packages/staart/src/components/login-google.js Working live example: staart.nmr.io/login

wmertens commented 7 years ago

Very nice! I'll check these out soonish.

On Tue, Aug 15, 2017, 6:38 PM Nick Redmark notifications@github.com wrote:

Closed #4 https://github.com/nmaro/ooth/issues/4.

— You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub https://github.com/nmaro/ooth/issues/4#event-1206776490, or mute the thread https://github.com/notifications/unsubscribe-auth/AADWlgRl62fg3845zD4h3aEJA--SJhA5ks5sYcljgaJpZM4OuNrP .