►
From YouTube: Svelte-GoogleOAuth
Description
This is a screencast on Svelte with Google OAuth, we create a api server using express js and protect the server using Googles OAuth Library. Then we create a Svelte Store and manage the auth workflow within a Svelte Application.
Blog Post
https://blog.hyper63.com/svelte-google-oauth/
Github Repo
https://github.com/hyper63/google-auth-demo
A
So
authentication
is
a
pain
and
in
this
screencast
we're
going
to
show
you
how
to
do
authentication
with
google's
api
a
lot
of
people
log
into
google
and
actually
have
a
client
that
has
g
suite
and
building
an
app
so
that
they
can
log
into
google.
A
And
what
I
wanted
to
do
is
kind
of
go
through
that
and
show
a
demo
on
how
you
can
kind
of
set
that
up.
What's
felt
so
this
screencast
we'll
walk
through
that
sort
of
just
a
simple
example:
we'll
build
a
express
web
server.
We'll
show
you
how
to
verify
your
api
through
the.
A
A
A
Cool
so
beat
or
bite.
However,
you're
supposed
to
announce
it
is
a
new
kind
of
build
framework,
bundler
kind
of
thing
it
uses.
A
Some
very
fast
build
times
and
development
by
just
taking
advantage
of
just
standard
esm
modules,
and
then
it
uses,
I
think,
roll
up
to
build.
A
Build
the
the
bundle
to
ship
to
production
so
anyway,
it's
supposed
to
be
super
fast,
so
we'll
we'll
see.
Okay!
So
now
we've
got
our
api
and
our
app
folder
at
this
point,
you'll
want
to.
A
A
A
I've
got
the
link,
it's
developers.google.com,
identity
sign
in
web
sign
in
is
the
site
and
then
follow
these
instructions.
But
the
biggest
thing
is:
is
you
want
to
go
and
create
your
credentials
for
and
just
follow
all
the
steps
in
the
create
credentials
process
which
will
give
you
a
client
id
and
then
you'll
use
that
client
id
to
build
your
web
application?
So
I'll
show
you
how
that
that
works.
A
But
there
are
quite
a
few
steps
to
jump
through
here,
but
it's
all
free,
there's
no
charges
for
that
and
if
you've
already
got
a
google
account
you're
you're
halfway
there.
A
So
that's
that
and
so
once
you
do,
that,
you're
gonna
get
a
client
id
and
you
just
wanna
keep
track
of
that
and
we'll
put
it
in
our
environment
settings.
So
let's
go
ahead
and
set
up
an
express
server,
so
we'll
go
into
the
api
folder
and
we're
just
going
to
do
yarn
edit
and
we're
going
to
do
yarn,
add
and
we're
going
to
use,
express
and
google
auth
library.
A
So
this
google
auth
library
will
be
what
we
use
to
verify
the
logged
in
user
on
our
api
and
give
them
access
to
our
api.
A
A
So
let's
do
that
and
now
we
can
just
import
everything
so
we'll
import,
google,
auth
library.
A
And
imp
from
ramda
and
then
let's
go
ahead
and
create
a
little
helper
function
down
here.
So
we're
going
to
create
this
function
called
extract
token,
and
this
function
is
going
to
take
a
request
and
it's
going
to
essentially
pull
the
bearer
token.
That's
included
in
the
request
from
the
header.
So
it's
just
going
to
extract
the
token
out
so
that
we
can
use
it
to
validate
and
when
you
submit
a
request,
you
put
headers
on
that
request.
A
A
Allow
for
everything
to
extract
appropriately
and
error
out
as
well
like
it
should
so
we're
going
to
split
that
string,
which
will
give
us
an
array
of
a
left
and
a
right,
and
we
will
just
want
to
get
the
last
item
in
that
array.
So
it
should
be
two
and
then
we're
gonna
extract
it
out.
So
that's
our
simple
extract
token
pipeline
and
now
we're
gonna
export
a
function
and
it'll
be
a
default
function
and
we're
going
to
take
in
this
client
id.
B
A
And
this
is
a
promise,
so
we're
going
to
create
a
little
pipeline
and
what
it's
going
to
give
us
is
a
a
ticket
and
that
ticket
will
allow
us
to
to
get
the
payload.
So
the
payload
would
be
like
the
user,
the
name,
an
id
email,
etc.
So
we're
gonna
essentially
assign
that
to
request.user
and
we'll
say,
dot
get
payload.
A
We
use
the
google
api
and
call
verify
id
token
and
then
once
we
verified
it,
we
get
the
payload
to
get
the
user
information
and
we
pass
it
by
calling
the
next
function,
you
can
go
ahead
and
create
a
dot
emv
file,
so
dot
emv,
and
then
you
want
to
put
client
id
and
then
set
this
equal
to
your
client
id.
A
A
B
A
Let's
create
another
endpoint
here,
so
we
can
test
and
make
sure
that
everything
is.
A
B
B
A
A
I
think
I
have
to
include
the
dot
js
on
the
end
for
local
files.
I
think
that's
what
it
is.
A
Okay,
now,
let's
work
on
our
spelt
app.
A
Okay,
let's
just
see
if
we
can
run
the
arm
dub
and
just
get
it
up
and.
A
B
A
B
A
First
time
using
2.0
v,
2.0
may
have
to
switch.
Let's
see
what
our
index
html
says,
it's
source
main.
A
A
A
All
right
not
quite
sure,
what's
going
on,
but
that's
okay,
we
can
fall
back
to
something
that
works.
A
We'll
just
use
the
good
old
roll-up
version
of
svelte
and
I'll
just
cdn
app
and.
A
B
A
A
A
Workflow
the
authorization
client
workflow
for
google
for
a
google
account,
so
that's
cool
and
we
should
notice
once
this
is
installed
that
we
have
a
g
api
object.
So
let's
make
sure
that
we
do.
B
A
A
It's
kind
of
important
in
some
of
the
documentation
you'll
see
like
adding
props
like
a
sync
and
defer,
but
what
that
does
is
that
allows
our
app
to
load
before
that
gap?
Google,
api
and
that
doesn't
do
us
any
good
for
authentication
purposes.
So
so,
when
we're
building,
authentication
and
and
again
we're
kind
of
keeping
this
simple,
we
just
want
a
user
to
log
in
that
has
a
gmail
account
and
then
we
want
to
be
able
to
grab
the
token
and
send
it
to
our
api
and
verify
it.
A
So
we're
going
to
export
this
store
as
a
user
and
again
we'll
have
our
subscribe
function,
our
sign
in
and
log
out
functions.
So
what
we're
trying
to
do
is
is
keep
all
the
kind
of
authentication
functions
in
this
one
store.
So
we're
going
to
provide
a
sign
in
function
and
a
log
out
function,
and
if
the
store
is
not
null,
then
we
know
the
user
is
logged
in
so
we'll
be
able
to
just
say
you
know,
if
user,
and
if
it's
not
null,
then
we
know
throughout
our
app
that
the
user
is
logged
in.
A
A
Google
api
dot
found
right,
so
we
just
want
to
throw
that
right
on
the
bat
and
that'll
really
let
us
know
if
our
app
is
somehow
loading
before
the
g.
Api
module
is
loading
and
then
we
need
to
initialize
the
auth
2
part
of
the
google
api.
So
we're
going
to
say,
g
api
dot
load,
all
two.
A
Okay,
so
we
also
want
to
set
up
a
listener
that
will
update
our
store
whenever
the
user
kind
of
logs
in
or
logs
out,
so
we're
going
to
use,
authtube
dot
is
signed
in,
and
all
of
this
is
documented
in
their
reference
on
google,
but
this
listener
this
function
will
fire
every
time
a
sign-in
occurs
or
a
sign-out
occurs
and
it'll
just
return,
a
argument
that
we're
calling
logged
in
and
that's
going
to
be
either
true
or
false.
If
it's
true.
B
A
Well,
we
got
one
two
more
steps
to
do:
we've
got
to
define
these
sign
in
and
sign
out
functions
and
that's
pretty
pretty
straightforward,
so
we'll
just
do
construct
sign
in
and
it's
just
a
function
and
we're
just
going
to
call
all
to
dot
sign
in
like
that
and
counts
log
out
and
that's
just
off
to
dot
sign.
B
A
A
A
B
A
A
A
Protect
our
route,
so,
let's
see
what
we
want
to
do
here:
let's
create
a
login
and
log
out
button
in
our
nav
here,
so
we're
going
to
say:
if
user
right
we
want
to
log
out
so
we'll
add
a
button.
A
Okay,
so
hopefully
it
just
shows
the
sign
in
button
and
it
does
cool
now
we
we've
got
to
set
our
client
id
in
order
for
that
button
to
work.
A
So
let's
go
ahead
and
do
that
we'll
use
a
plug-in.
B
A
A
A
A
B
B
A
A
B
A
So
we
replace
that
and
then
what
that
should
do
is
in
the
auth.js
file.
It
should
replace
that
client
id
well,
we'll
know
pretty
quickly
if
it's
working
or
not,
and
then,
since
this
is
running
on
port
5000,
I
need
to
make
sure
in
my
credentials
that
I'm
supporting
localhost
5000-
and
I
am
so-
let's
bring
back
up
our
server.
A
A
Okay,
we'll
see
so,
let's
wire
this
up
and
see
if
it.
A
B
B
B
A
I
wish
we
could
say
that
we
were
done,
but
we're
not
it's
a
couple
of
things
that
we
have
to
do
to
validate,
that
we
can
set
stuff
to
the
send
stuff
to
the
server
the
the
express
server
and
validate
there.
A
B
A
A
B
B
B
B
B
A
B
A
B
A
A
A
A
A
And
we'll
use
a
weight
and
we'll
call
get
profile
and
pass
in
the
user
dot
token.
A
And
then
we'll
just
do
then
profile.
A
And
let's
just
do
a
json
stringify
on
the
profile
and
see
what
it
looks.
A
B
A
A
Reload,
just
in
case
okay,
signed
in
protected
cool
and
we
got
our
stuff
back
from
the
server
we
got
like
name
and
let's
do
email,
we
got
email
verified
true,
so
that's
super
cool
and
you
can
see
it
kind
of
printed
out
here.
A
B
A
Full
awesome,
so
there
you
have
it.
That's
is
about
as
quick
of
a
demo
of
using
something
like
google
off
for
swell
as
I
can.
A
You
can
create
a
you
know,
kind
of
a
shell
page
or
create
on
each
page,
this
check
or
if
user,
and
if
that
exists,
you
know
you're
logged
in
and
at
any
point
you
can
log
out,
then
that
user
will
be
set
to
null
and
yeah.
If
you
go
to
protected,
nothing
will
show
there.
You
can
obviously
show
that
you're
not
logged
in
go
to
the
login,
page,
etc.
A
So
that's
it.
Hopefully
you
enjoyed
this
video
and
thanks
for
watching.