strapi-googleauth-extended v0.0.2
Strapi plugin strapi-googleauth-extended
strapi-googleauth-extended
strapi-googleauth-extended is a Strapi plugin that simplifies Google OAuth authentication for your users. With seamless integration into Strapi's user management system, this plugin helps you manage user login and profile information efficiently. The plugin uses Google's OAuth 2.0 authorization to retrieve user details and ensures secure JWT-based authentication. It's an enhanced version of the strapi-google-auth plugin by storing the registered users in the strapi
Features
- Official Google API integration
- Strapi's default user-permission collection integration
- JWT authentication for secure access
- Automatic handling of first-time registrations
- User-friendly and customizable
- Secure and sanitized responses
FlowChart
Installation
Install the plugin via npm or yarn:
npm install strapi-googleauth-extendedor
yarn add strapi-googleauth-extendedActivate the plugin by adding the following lines to your config/plugins.js file:
module.exports = {
"strapi-google-auth-extended": {
enabled: true,
},
};Configuration
Setting up Google OAuth
Create a Google Cloud Project:
. Go to the Google Cloud Console. . Create a new project or select an existing one.
Create OAuth Consent Screen:
. In the left navigation menu, go to APIs & Services > OAuth consent screen. . Set up your consent screen by providing the required information, such as application name, support email, and scopes.
Create OAuth Client ID:
. Navigate to Credentials. . Click Create Credentials and select OAuth Client ID. . Configure the OAuth Client by choosing "Web Application" and specifying your Authorized redirect URIs.
Obtain Client ID and Client Secret:
. After creating the OAuth client, you will receive a Client ID and Client Secret. Save these details for later use.
Set Up Redirect URL and Scopes:
. Add your redirect URL (e.g., https://yourapp.com/callback) in the OAuth Client configuration. . Define the scopes required for your application (e.g., email, profile).
Plugin Configuration in Strapi
. In the Strapi Admin panel, navigate to the plugin settings page.
. Enter your Client ID, Client Secret, Redirect URL, and the required scopes in the respective fields.
. Save your settings.Usage
Step 1: Initialize Google Authentication
To initiate Google login, make a GET request to the following endpoint:
{
method: 'GET',
path: 'STRAPI_BACKEND_URL/strapi-googleauth-extended/init',
}This will redirect your users to the Google login page. After a successful login, Google will redirect the user back to your specified redirect URL with an authorization code as a query parameter:
arduino Copy code https://REDIRECT_URL?code=AUTH_CODE
Step 2: Authenticate User
Use the received authorization code to authenticate the user by making a POST request to the following endpoint:
{
method: 'POST',
path: 'STRAPI_BACKEND_URL/strapi-googleauth-extended/user-profile',
data: {
code: AUTH_CODE
}
}This will generate a JWT token for the authenticated user.
Step 3: Get Authenticated User Details
To retrieve the authenticated user's details, use the JWT token obtained in the previous step:
{
method: 'GET',
path: 'STRAPI_BACKEND_URL/strapi-googleauth-extended/me',
headers: {
Authorization: 'Bearer <TOKEN>'
}
}Step 4: Update User Password
If you need to allow users to update their passwords, send a POST request with the JWT token and new password:
{
method: 'POST',
path: 'STRAPI_BACKEND_URL/strapi-googleauth-extended/update-password',
headers: {
Authorization: 'Bearer <TOKEN>'
},
data: {
"password": "<NEW_PASSWORD>"
}
}Video Documentation
User Management
The plugin will automatically store new users in Strapi's Users content manager when they log in for the first time. If the user already exists, they will not be added again.
Security and Best Practices
Ensure that your Strapi installation is secure by using HTTPS. Regularly update your Google OAuth credentials and monitor your Google Cloud project for security alerts.