javascript - Restrict login to specific domain using Node Passport with Google Auth -
i implementing google auth on internal service @ work. js client heavy application node backend. choosing use node module passport.js passport-google-oauth strategy.
i have got working 1 thing still confusing me. want ensure application allows company employees login. understand can restrict login domain using parameter called "hd", according official documentation.
firstly, send parameter in context of passport.js? don't understand in code put. if helps, have been following the example passport-google-oauth provides.
secondly, in theory how work? on google side, reject trying access app domain outside of our company. or on side, need check domain user logging in from?
here's example:
// first make sure have access proper scope on login route app.get("/login", passport.authenticate("google", { scope: ["profile", "email"] }); // set google oauth strategy elsewhere... passport.use(new googlestrategy({ clientid: "something", clientsecret: "something", callbackurl: "/something" }, function(token, refreshtoken, profile, done){ if(profile._json.hd === "yourdomain.com"){ // find or create user in database, etc user.find({ id: profile.id }).done(done); }else{ // fail done(new error("invalid host domain")); } });
and measure here's full variable dump of "profile" variable looks like.
{ provider: 'google', id: '12345678987654321', displayname: 'don draper', name: { familyname: 'whitman', givenname: 'richard' }, emails: [ { value: 'don@scdp.com' } ], _raw: 'a bunch of stringified json', _json: { id: '123456789', email: 'something@something.com', verified_email: true, name: 'don draper', given_name: 'don', family_name: 'draper', link: 'https://plus.google.com/123456789', picture: 'https://lh3.googleusercontent.com/xduiqdmkcwa/aaaaaaaaaai/aaaaaaaaaaa/123456789/photo.jpg', gender: 'male', locale: 'en', hd: 'yourdomain.com' } }
here detailed tutorials should answer question theory behind of this. you'll want combination of two.
Comments
Post a Comment