A Node.js authentication service that implements Google OAuth 2.0 with JWT token generation and verification. This service provides secure authentication using Google's OAuth flow and issues JWT tokens for subsequent API requests.
- 🔐 Google OAuth 2.0 authentication
- 🎫 JWT token generation and verification
- 🛡️ Secure token-based authentication
- 🚀 Express.js REST API
- 📱 CORS enabled for cross-origin requests
- ⚡ Passport.js integration for OAuth strategies
- Node.js - Runtime environment
- Express.js - Web framework
- Passport.js - Authentication middleware
- Google OAuth 2.0 - OAuth strategy
- JWT (jsonwebtoken) - Token generation and verification
- CORS - Cross-origin resource sharing
- dotenv - Environment variable management
Before running this project, make sure you have:
- Node.js (v14 or higher)
- npm or yarn package manager
- Google Cloud Console account for OAuth credentials
- Clone the repository:
git clone <repository-url>
cd Oauth-JWT- Install dependencies:
npm install- Create a
.envfile in the root directory and add the following environment variables:
PORT=5000
GOOGLE_CLIENT_ID=your_google_client_id
GOOGLE_CLIENT_SECRET=your_google_client_secret
GOOGLE_CALLBACK_URL=http://localhost:5000/auth/google/callback
JWT_SECRET=your_jwt_secret_key- Go to Google Cloud Console
- Create a new project or select an existing one
- Enable the Google+ API
- Go to "Credentials" and create OAuth 2.0 Client IDs
- Add authorized redirect URIs:
- For development:
http://localhost:5000/auth/google/callback - For production:
https://yourdomain.com/auth/google/callback
- For development:
- Copy the Client ID and Client Secret to your
.envfile
For development:
npm run devFor production:
npm startThe server will start on http://localhost:5000 (or the port specified in your .env file).
GET /
Returns a simple message confirming the service is running.
GET /auth/google
Initiates the Google OAuth flow. Users will be redirected to Google's consent screen.
GET /auth/google/callback
Handles the OAuth callback from Google. Returns a JWT token and user information upon successful authentication.
Response:
{
"success": true,
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"user": {
"id": "google_user_id",
"name": "User Name",
"email": "[email protected]",
"picture": "https://profile-picture-url"
}
}GET /auth/verify
Authorization: Bearer <jwt_token>
Verifies a JWT token and returns the decoded user information.
Response:
{
"success": "true",
"user": {
"id": "google_user_id",
"name": "User Name",
"email": "[email protected]",
"picture": "https://profile-picture-url"
}
}Oauth-JWT/
├── controllers/
│ └── authController.js # Authentication logic
├── routes/
│ └── authRoutes.js # API routes
├── utils/
│ ├── jwtUtils.js # JWT token utilities
│ └── passportSetup.js # Passport configuration
├── index.js # Main application file
├── package.json # Dependencies and scripts
└── readme.md # Project documentation
| Variable | Description | Required |
|---|---|---|
PORT |
Server port number | No (default: 5000) |
GOOGLE_CLIENT_ID |
Google OAuth Client ID | Yes |
GOOGLE_CLIENT_SECRET |
Google OAuth Client Secret | Yes |
GOOGLE_CALLBACK_URL |
OAuth callback URL | Yes |
JWT_SECRET |
Secret key for JWT signing | Yes |
- Keep your JWT secret secure and use a strong, random string
- Use HTTPS in production
- Implement proper CORS policies for production
- Consider implementing token refresh mechanisms for long-lived sessions
- Validate and sanitize all user inputs
The service includes basic error handling for:
- Missing or invalid JWT tokens
- OAuth authentication failures
- Invalid token verification
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add some amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.