Skip to main content

Passport Package for Authentication in NodeJS

I watched a video and learnt about the passport package to handle the authentication and save the user data in MongoDB from Google.

Passport is the middleware for NodeJS. It can be used to authenticate using a username and password, Facebook, Twitter, Google and more. It is simple to use and flexible.

Steps to use passport package for google authentication:-
  1. install passport npm i passport passport-google-oauth20 --save
  2. I used the below code to handle the authentication. 
1. This file has Google strategy to fetch the user's profile from user's Google profile and saving it in my MongoDB.
const GoogleStrategy = require('passport-google-oauth20');
const User = require('../models/User');

module.exports = function (passport) {
passport.use(new GoogleStrategy({
clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: '/auth/google/callback'
async (accessToken, refreshToken, profile, done) => {
const newUser = {
displayName: profile.displayName,
try {
let user = await User.findOne({
if (!user) {
user = await User.create(newUser);
done(null, user);
} catch (err) {
passport.serializeUser((user, done) => {

passport.deserializeUser((id, done) => {
User.findById(id, (err, user) => done(err, user));

Google client id and client secret can be obtain from Goole Cloud Console by creating a new project.

2. I used MongoDB to save the user details using mongoose package.

const mongoose = require('mongoose');

const UserSchema = new mongoose.Schema({
googleId: {
type: String,
required: true
displayName: {
type: String,
required: true
firstName: {
type: String,
required: true
image: {
type: String
createdAt: {
type: Date,

module.exports = mongoose.model('User', UserSchema);

3. I created a route file to handle the authentication.
const express = require('express');
const passport = require('passport');
const router = express.Router();
const User = require('../models/User');

//@route GET /auth/google
router.get('/google', passport.authenticate('google', {
scope: ['profile']

//@route GET /auth/google/callback
router.get('/google/callback', passport.authenticate('google', {
failureRedirect: '/'
}), (req, res) => {
res.render('dashboard', {
layout: 'main'

module.exports = router;

4. I initialized the passport in app.js file
const path = require('path');
const express = require('express');
const dotenv = require('dotenv');
const exphbs = require('express-handlebars');
const passport = require('passport');
const connectDB = require('./config/db');
//dotenv config
path: './config/config.env'

//Passport config

const app = express();

app.engine('.hbs', exphbs({
defaultLayout: 'main',
extname: '.hbs'
app.set('view engine', 'hbs');

//Passport middleware

//Static folder
app.use(express.static(path.join(__dirname, 'public')));

app.use('/', require('./routes/index'));
app.use('/auth', require('./routes/auth'));
const PORT = process.env.PORT || 3000;
app.listen(PORT, console.log(`Server running on ${process.env.NODE_ENV} mode on ${PORT}`));

Note: I'll upload the above project on Github very soon.


Popular posts from this blog

Blockchain in Theory - Blockchain, Bitcoin, Mining

   Blockchain is the software protocol that tell the Internet how to transfer money and assets. Blockchain is the layer and Bitcoin is the application. Just one of many cryptocurrency kinds of applications. When one user send email to another then both users do not have to know about the underlaying process except email address. Similarly,  User don't need to know anything other than other user's wallet address to send some bitcoin or other cryptocurrencies.  Any file on Internet may have multiple copies but money is something that should not be copied multiple times. This has been a longstanding problem in computing networks namely the double spend problem. Satoshi Nakamoto introduced white paper for digital cash system in 2008 to resolve the double spending problem and fortified by a ledger which enforces the money is only spent once. It took 15 years alone for corporate email as the main application to be a standard thing in our lives. And similarly the money Internet block

How to kill a process running on particular port in Linux

  If port 8080 needs to be kill use below single command: kill -9 $(lsof -t -i:8080) Note: remove -9 from the command, if you don't want to kill the process violently. To list any process listening to the port 8080: lsof -i:8080 Use any port number that you want to kill.

Nudge Notes - Python Language Basics

  1. Datatypes in Python: None Numeric float -> 1.5 int -> 5 complex -> 2+5j bool -> True/false Sequence List -> [3,5,6,7,1] Tuple -> (3,5,6,7,1) Set -> {3,5,6,7,1} String -> "Akshay" Range  range(5) -> range(0, 5)  list(range(5)) -> [0,1,2,3,4] list(range(2,10,2)) -> [2,4,6,8] Dictonary product_price = {'book': 50, 'pen': 300, 'eraser': 10}  product_price.get('book') -> 50 2. Number Conversion in Python bin( 28 ) -> 0b 11100 oct( 28 ) -> 0o 34  hex( 28 ) ->  0x 1c 3. Swap two numbers in Python           a = 5       b = 6 Method #1:             a, b = b, a Method #2            a = a + b         b = a - b         a = a - b 4. "math" module in python     import math math.sqrt(25) -> 5.0 math.floor(2.5) -> 2.0 math.ceil(2.5) -> 3.0 math.pow(2, 3) -> 8.0 math.pi -> 3.141592653589793 math.e -> 2.718281828459045 5. How to import a module in python import math import math as