google company domain oauth for express
uses
passport
andpassport-google-oauth
and checks if user's email belongs to the domain
Config
var express = var companyAuth = var app = var config = CLIENT_ID: processenvCLIENT_ID // use dotenv or similar to populate ENV variables CLIENT_SECRET: processenvCLIENT_SECRET CALLBACK_URL: 'http://localhost:3000/auth/google/callback' // whole url { // optional return profile_jsondomain === 'example.com' && profileemails0value !== 'test@example.com' // filter out specific emails } DOMAIN: 'example.com' // if CHECK above not set will only compare to "example.com" AUTH_PATH: '/auth/google' CALLBACK_PATH: '/auth/google/callback' SUCCESS_CALLBACK_PATH: '/' FAILURE_CALLBACK_PATH: '/401' SCOPE: 'email' // optional
There is another dependency (express-session
) – for working example see test.js.