@dtinth/google-sign-in-controller
Sometimes you build yourself a web application. You have the frontend and the backend. You don’t want other people to be able to access your backend, so you must protect it somehow.
This library provides a simple way to protect your backend with Google Sign-In.
-
On the frontend, use this library to authenticate user and get an ID token. Send this ID token to the backend.
-
On the backend, verify the ID token’s integrity to authenticate yourself. See Verify the integrity of the ID token on Google Sign-In for Websites documentation. Validate the
sub
claim to make sure it’s you. Here’s an example in the wild.
This library is a thin wrapper on top of Google Sign-In. It takes care of asynchronously loading the Google Platform Library and the Google Sign-In JavaScript API, and provides simple hooks to access the user ID token.
Set up
To create an OAuth 2.0 Client ID:
-
Click on
. -
Select
. -
Enter a name for the application.
-
In the Authorized JavaScript origins field, add an origin.
-
Click Create
-
Note the Client ID.
Usage
export const signInController = new GoogleSignInController(clientId)
For usage see API documentation.