Almost all users have Google accounts, so most websites offer a "Login with Google" feature. It's simple and allows users to log in with just a few clicks.
In this guide, we’ll set up Google authentication in an Express app using Passport.js.
Why choose Passport.js?
There are many options for social login, such as Auth0, Firebase, and Clerk.
But Passport.js is:
- ✅ Simple and lightweight
- ✅ Supports multiple strategies (Google, GitHub, Facebook, etc.)
- ✅ Gives you manual control if needed
That’s why it’s a solid choice.
🚀 Let’s Start
Part 1: Get Google Client ID & Secret
Logging in with Google requires a Client ID and Client Secret (like an office ID card for authentication).
- Open Google Cloud Console, search for “Create Project”, and create one.
- Go to OAuth Consent Screen and configure it.
- Create credentials → OAuth Client ID.
- Select Web Application
- Enter redirect URLs (e.g.,
http://localhost:5000/auth/google/callback) - Save.
- Copy the Client ID and Client Secret.
Part 2: Setup Express + Passport.js
Now let’s integrate Google authentication into our Express app.
1. Install dependencies
npm install passport passport-google-oauth20
2. Configure Passport strategy (passport-config.js)
import passport from "passport";
import { Strategy as GoogleStrategy } from "passport-google-oauth20";
passport.use(
new GoogleStrategy(
{
clientID: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
callbackURL: process.env.GOOGLE_CALLBACK_URL,
},
function (accessToken, refreshToken, profile, done) {
return done(null, profile); // return raw profile info
}
)
);
export default passport;
3. Initialize Passport in Express
import express from "express";
import passport from "./passport-config.js";
const app = express();
app.use(passport.initialize());
4. Add Routes (auth.routes.js)
import { Router } from "express";
import passport from "passport";
import { googleAuth } from "../controllers/auth.controller.js";
const router = Router();
// Login with Google
router.get(
"/google",
passport.authenticate("google", {
scope: ["profile", "email"],
session: false,
})
);
// Google callback
router.get(
"/google/callback",
passport.authenticate("google", {
failureRedirect: "/login",
session: false,
failureMessage: "Failed to login with Google",
}),
googleAuth
);
export default router;
👉 We set session: false because we’ll use JWT tokens instead of in-memory sessions.
5. Google Auth Controller
export const googleAuth = async (req, res) => {
const {
id,
_json: { name, picture, email },
} = req.user;
let user = await userModel.findOne({ googleId: id });
if (!user) {
user = await userModel.create({
name,
email,
avatar: picture,
googleId: id,
});
}
// Generate tokens
const { accessToken, refreshToken } = await generateToken(user);
return res
.status(200)
.cookie("accessToken", accessToken, cookiesOptions)
.cookie("refreshToken", refreshToken, cookiesOptions)
.json({
success: true,
message: "User login successful",
user,
accessToken,
});
};
🎯 Conclusion
That’s it! 🚀 You now have Google authentication working with Express and Passport.js.
✅ Google OAuth setup in Cloud Console
✅ Passport strategy configured
✅ Express routes + controller created
✅ JWT tokens for authentication
Next step: Secure routes and refresh tokens.
Top comments (0)