Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
Hyper Cloud / Svelte 101 Workshop / 18 Mar 2021
Hyper Cloud / Svelte 101 Workshop / 18 Mar 2021
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: Svelte-GoogleOAuth

Description

This is a screencast on Svelte with Google OAuth, we create a api server using express js and protect the server using Googles OAuth Library. Then we create a Svelte Store and manage the auth workflow within a Svelte Application.

Blog Post
https://blog.hyper63.com/svelte-google-oauth/

Github Repo

https://github.com/hyper63/google-auth-demo

A

Hello, my name is tom wilson, and this screencast is on svelt and google oauth.

A

So authentication is a pain um and in this screencast we're going to show you how to do authentication with google's api a lot of people log into google and actually have a client that has g suite and building an app so that they can log into google.

A

And what I wanted to do is kind of go through that and show a demo on how you can kind of set that up. What's felt so this uh screencast we'll walk through that sort of um just a simple example: we'll build a um express web server. uh We'll show you how to verify your api through the.

A

Server we'll show you how to verify your api through the server and then we'll show you how you can create a svelte store to secure your jam stack app using google authentication, so hopefully it'll be pretty neat and let's get started.

A

The first thing we want to do is create a project folder, so we're going to make directory.

A

Google auth demo.

A

And then, in this directory, we're going to create an api server and an app server so we'll go ahead and create our api directory and we'll install and actually, let's use um uh bite, to see how that.

A

Works.

A

That'll be fun.

A

Let's do the iron create at bytejs app.

A

And we'll just call it at and we'll pick spelt.

A

Cool so um beat or bite. However, you're supposed to announce it is a new kind of um build framework, bundler uh kind of thing it uh uses.

A

Some very fast build times and development by just taking advantage of just standard um esm modules, and then it uses, I think, roll up to build.

A

Build the uh the bundle to ship to production so anyway, it's uh supposed to be super fast, so we'll we'll see. um Okay! So now we've got our api and our app folder at this point, you'll want to.

A

If you don't have a google account set up you'll want to to do that. You'll want to go to. Let me pop a browser.

A

You'll want to go to.

A

Google off credentials.

A

And I think I can pull up this documentation use an author to access, google, apis and.

A

Maybe that's it.

A

It doesn't look like yet.

A

Google.

A

Credentials.

B

Look great.

A

I have the link somewhere, I think.

A

I've got the link, it's developers.google.com, identity sign in web sign in is the site and then follow these instructions. But the biggest thing is: is you want to go and create your credentials for um and just follow all the steps in the create credentials process which will give you a client id and then you'll use that client id um to build your uh web application? So I'll show you how that that works.

A

But um there are quite a few steps to jump through here, but uh it's all um free, there's no charges for that um and if you've already got a google account you're you're halfway there.

A

So that's that and so once you do, that, you're gonna get a client id and you just wanna keep track of that um and we'll put it in our environment settings. So let's go ahead and set up an express server, so we'll go into the api folder and we're just going to do yarn edit and we're going to do yarn, add and we're going to use, express and google auth library.

A

So this uh google auth library will be what we use to verify the logged in user on our api and give them access to our api.

A

We want to add some other stuff just to make life a little bit.

A

Easier.

A

And then we're going to add a dot env as a development tool, so we can load our environments from a dot emb file and we'll create a server.js file and create a verify.js file and the verify will be our middleware.

A

We can go ahead and create that first, but basically, middleware is just a function that sits on the express server in the middle of when your request is made to when you handle the request, your request handler and that middleware can check the request, do some stuff and determine if to pass it to your handler or to respond and terminate kind of the the request chain at that point in time.

A

So this middleware, the sparify middleware, is going to verify the request and make sure it's authorized in order to.

A

Continue down to the request handler so before I do that I'm going to set the type of the app to be module, so our our server will be type module which allows us to use esn.

A

So let's uh do that and now we can just import everything so we'll import, google, auth library.

A

And we'll import ramda because we're going to use that as some helper functions and we're going to import crocs as well, because we'll use that too.

A

Okay and we're going to use the identity.

A

Monad from crocs and we're going to use path or split.

A

And imp from ramda and then um let's go ahead and create a little helper function down here. So we're going to create this function called extract token, and this function is going to take a request and it's going to essentially pull the bearer token. That's included in the request from the header. So it's just going to extract the token out so that we can use it to validate and when you submit a request, you put headers on that request.

A

One of the headers will be an authorization header and that header will have a string as its value and it will be bearer and then a space and then the actual token value. So basically, what we're going to do is use the identity monad to create a pipeline to basically safely.

A

It's extract that bearer token. So we're going to use path, r,.

A

To basically set if the header's authorization path on the request doesn't exist, then it's going to just return bare and valid, and that will.

A

Allow for everything to extract appropriately and error out um as well like it should so we're going to split that string, which will give us an array of a left and a right, and we will just want to get the last item in that array. So it should be two um and then we're gonna extract it out. So that's our simple extract token pipeline and now we're gonna export a function and it'll be a default function and we're going to take in this client id.

A

This is the client id that you got from google in the credentials page and then we're going to take a middleware function, which is a request, a response and a next function and we're going to create our client using google.

A

Dot oauth, 2, client, client id and now we're gonna verify the token so we'll return the result so we'll say client.verify id token, we'll give it id token.

A

And this is where we call our extract token from the request and then we'll give it an audience of client id.

B

Okay,.

A

And this is a promise, so we're going to create a little pipeline and what it's going to give us is a a ticket and that ticket will allow us to to get the payload. So um the payload would be like the user, the um name, an id email, etc. So we're gonna essentially assign that to request.user and we'll say, dot get payload.

A

And at this point, if this is successful, then we know that this was a successful.

A

It was a successful verification, so we can just call next right here and then we can catch, and if it was an error, then we'll call next and pass the error like that.

A

And that's our our middleware, it's pretty straightforward.

A

We use the google api and call verify id token and then once we verified it, we get the payload to get the user information and we pass it by calling the next function, um you can go ahead and create a dot emv file, so um dot emv, and then you want to put client id and then set this equal to your client id.

A

Then the next thing we want to do is go ahead and build our server and it's just going to be a very simple server. So we're going to open up server.js and we're going to import express from express and import verify from verify and import course from.

A

Course so we'll create our express app.

A

And we're going to use course and then we're going to use our new middleware called verify and we'll pass in the client id.

A

And then we're just going to create a get api function and we're just going to do.

A

Console.Log user requests.user: this will just show us what what our user is. That's logged in and then we're just going to return that back to the caller.

A

Yeah just to keep it simple.

B

Okay,.

A

Let's create another endpoint here, so we can uh test and make sure that everything is.

A

Working.

A

And the last thing we'll mix it up a little bit and just validate the api endpoint.

B

Okay,.

A

And let's create a script.

A

And with this script, we're going to run node r, dot, emv, config and that'll load up the environment and then we'll run.

B

Server.Js, okay,.

A

It's like, I might have an extra.

A

Parenthesis.

A

And let's see what else we got.

A

Matt fine.

A

Module verify js, see.

B

It's there.

B

Maybe.

A

Looks like I made that.

A

uh

A

All right.

A

Verify.

A

I think I have to include the um dot js on the end for local files. I think that's what it is.

A

Cool, so let's curl localhost, 4000 and we've got our server running, which is cool.

A

Okay, now, let's work on our um spelt app.

A

Okay, let's just um see if we can run the arm dub and just get it up and.

A

Running.

B

Okay,.

A

A new tab: let's see what we've got here,.

A

So it looks like we might have a.

A

Problem.

B

uh

B

Okay,.

A

First time using uh 2.0 v, 2.0 may have to switch. Let's see what our index html says, it's source main.

A

Js.

A

You can pour it out that looks.

A

Good.

A

um

A

All right not quite sure, what's going on, but that's okay, um we can fall back to something that works.

A

All right so, first, you don't succeed, try something.

A

Different.

A

We'll just use the good old uh roll-up version of svelte and I'll just cdn app and.

A

Install.

A

And we'll do the.

B

Dab.

A

And let's refresh.

A

And it's on five.

B

Thousand.

A

35 000.

A

Cool much better, okay,.

A

Go ahead and just get rid of all the default stuff and I'll just do hello world right now.

A

Cool okay, so we want to include the um g api. It's google's api module and we'll do that by adding a script tag.

A

So apis.google.com.

A

Jslashplatform.Js- and this will give us all the functions to essentially manage the login process on the client side, it will essentially do the or2.

A

Workflow the authorization client workflow for google for a google account, so that's cool um and we should notice once this is installed that we have a g api object. So let's make sure that we do.

A

May have to restart the server.

B

Just make sure.

B

It's like five.

A

All right yeah, so I've got some sort of bug there.

A

Let's see script source yeah, so I'm using.

A

Double quotes, I should be using single quotes that should do.

B

It okay.

A

And now we should have g api and we do there's platform, etc, etc. So that's cool and we want that to load in the header and actually load and be available before our application initializes.

A

It's kind of important in some of the documentation you'll see like adding props like a sync and defer, but what that does is that allows our app to load before um that gap? Google, api and that doesn't um do us any good for authentication purposes. So um so, when we're building, authentication um and and again we're kind of keeping this simple, we just want a user to log in that has a gmail account and then we want to be able to grab the token and send it to our api and verify it.

A

So we're going to use asphalt, store to do that and we'll just call the file auth.js and we'll import a writable store, because we want to be able to write to it.

A

And we're going to set up a var variable here, called awk2, which we'll use shortly and and a svelte store, has a subscribe function, a set function and an update function and we're going to start the store off as null, which means there's no user, but when the user logs in the store would be set with the user's profile and their token.

A

So we're going to export this store as a user and again we'll have our subscribe function, our sign in and log out functions. So what we're trying to do is is keep all the kind of authentication functions in this one store. So we're going to provide a sign in function and a log out function, and if the store is not null, then we know the user is logged in so we'll be able to just say you know, if user, and if it's not null, then we know throughout our app that the user is logged in.

A

Okay, so when this store kind of initializes, what we want to do is check and check and say if g api, 2 or g api that doesn't exist. We just want to throw an error.

A

um Google api dot found right, um so we just want to throw that right on the bat and that'll um really let us know if our app is somehow loading before the um g. Api module is loading and then we need to initialize the auth 2 part of the google api. So we're going to say, g api dot load, all two.

A

And we're gonna assign that to our variable up, there gapi dot to auth2, admit, and we need to provide our client id now.

A

We're gonna leave that blank for now and actually what we want to do is use rollups, replace plugin to inject that in.

A

And scope.

A

Okay, so we also want to set up a listener that will update our store whenever the user kind of logs in or logs out, so we're going to use, authtube dot is signed in, and all of this is documented in their reference on google, but this listener this function will fire every time a sign-in occurs or a sign-out occurs and it'll just return, a argument that we're calling logged in and that's going to be either true or false. If it's true.

A

Then we can get the user, so we've got a user. So we're going to say.

A

Get the current user like that and then we're going to get the profile of the user by calling get basic profile and then we're going to update our store.

A

And we're going to set a object in the store, we're going to have profile and it's going to have the user's id and name.

A

Right and image.

A

And email.

A

And then the most important part is the token and we can get the auth response and id token, and this token is what we'll use to send to our api to get verified.

A

So that's the logged in, but if it returns false, then it's logged out and that's where we want to update the value of our store to know.

B

Let's.

A

See, let's make sure okay, I think I need one more parentheses. There.

A

And then.

B

One more there: okay.

A

So that's our um auth module. It's going to return a user in the sign in and sign out function.

A

um Well, we got one two more steps to do: we've got to define these um sign in and sign out functions um and that's pretty pretty straightforward, so we'll just do construct sign in and it's just a function and we're just going to call all to dot sign in like that and counts log out and that's just off to dot sign.

B

Out.

A

Easy peasy, okay,.

A

So now we have our auth module and what we're going to do is actually we're going to install a router and then we're going to kind of create a protected route and create a login button and the log out button. So the first thing we need to do is install router.

A

I use 10 row, which is awesome. It's an awesome. Little client-side, router restart server just in case and um let's go into our.

A

App.Sp spelt file.

A

And we're going to import a route from 10 row and we'll wait on the user for right now. Let's just show you how this router works, really quick. So, let's just say: google auth demo.

A

And let's create a route.

A

For the route and we'll say home page.

A

And the route.

A

Or let's call it protected.

A

We'll say protected page.

A

Okay and let's see our homepage, showing let's just create a little nav blow up.

B

Here.

A

Okay, so we've got our home page and then protected and we've got a little routing system, pretty neat. um Okay. So now, let's work on a user off, so we've got our auth module so we'll import that and we're going to import it as a swell store, as user.

B

Like that.

A

Okay,.

A

And we can.

A

Protect our route, so, um let's see what we want to do here: let's create a login and log out button in our nav here, so we're going to say: if user right we want to log out so we'll add a button.

A

And on on the click, we're going to call user dot log out.

A

Like that.

A

And we'll say log out.

A

And if there's no user, then we're gonna show our button click.

A

User.Sign.

A

In that and we'll end our if here.

A

Okay, so hopefully it just shows the sign in button and it does cool um now we we've got to set our client id in order for that button to work.

A

So let's go ahead and do that um we'll use a plug-in.

B

Oh.

A

Roll up.

A

Plug in.

A

Replace.

A

Let's go to the.

A

Readme.

A

And we probably use dot emv, so we can just throw our client id in a dot emv file. So and this.

A

Bring this up.

B

Next day,.

B

I think.

A

I think it already does that, but anyway,.

A

I'm gonna.

A

Go get my.

A

Credentials.

B

Okay,.

A

And.

A

I'll paste, those really.

A

Quick.

A

Okay, so I got my client credentials set and now we'll go into the rollup config and basically we want to pull and replace.

A

And then we're going to do process.emv.

B

Yeah.

A

So we're going to replace, let's go through this plug-in process.

A

So we'll put this.

A

Right here replace and we're going to use our percent percent underscore client id underscore percent percent as our key and then we're going to replace it with process.emb.client id like that.

A

So we replace that and then what that should do is in the auth.js file. It should replace that client id well, we'll know pretty quickly if it's working or not, um and then, since this is running on port 5000, I need to make sure in my credentials that I'm supporting localhost 5000- and I am so- let's bring back up our server.

A

And let's see.

A

It said something about replacing it and see what it.

A

Said let me see again.

A

Let's try a bill.

A

Okay defaults defaults, prevent assignment, prevent.

A

Assignment.

A

That's replacing strings where they're followed by a single equal sign.

B

Make sure.

A

Okay,.

A

I think that's.

A

Okay, we'll see so, let's uh wire this up and see if it.

A

Works.

B

Okay,.

A

Looks like it got an error, not a valid origin for your client.

A

Objects, client id local host, 5000.

A

It's in there.

B

Okay,.

A

Okay, so.

A

Let's see what's going on.

A

I wonder if that replace is not working.

A

See yeah something's wrong with the workplace.

A

Okay, so if this is working, if I hit sign in get my google sign in popping up- and I can click and hopefully we're logging out sign in.

B

Cool.

A

I wish we could say that we were done, but we're not um it's a couple of things that we have to do to validate, that we can set stuff to the um send stuff to the server the the express server and validate there.

A

So I'm going to try to do this pretty quickly, but basically, what we want to do is we want to go to a protected route and in that protected route we want to call the api server, get some data and display it. So we're going to import.

A

Protected from protected dot spelt just a new component, we'll create and down here, we'll just use that component for the route.

B

So.

A

And then it's going to yell because this file doesn't exist.

A

We're going to import.

A

User and basically we can say if user, then, let's.

A

Show.

A

Some user info, so let's show user name.

A

And let's show user email.

A

And then, finally, let's show our user token, and that reminds me.

A

That.

B

It's.

A

um User profile, name and user profile, email.

B

Cool.

A

um

A

So, let's start with that, let's restart our.

B

Server.

A

There we go.

A

Protected is not defined.

B

Okay,.

B

Import.

A

See if that's a little better.

A

Cool.

A

Okay, so we're logged in so if we go to protected, we should have our username email and our token, which is pretty.

B

Cool.

A

We need to set our server to be a single page, so we'll go in the rollup and when we start our server.

A

We just want to pass single.

A

Like.

B

That.

A

Foreign okay: now, let's go into our protected.

A

And what we want to do is make a call.

A

We'll do a fetch and we're going to use a weight to do that, so we'll create a function up here. We call it get profile from our api.

A

And we're just going to call fetch.

A

And it's.

A

Localhost 4000 slash api is the url and we want to include in our.

A

Headers station.

A

Our.

A

Token and then we just want to convert it to json.

A

Like that- and we want to get our token from our user.

B

Like that.

A

Just clean this up a little.

A

Bit.

A

Okay,.

A

So we know, we've got our user and we'll just come down here, create another line, break.

A

And we'll use a weight and we'll call uh get profile and pass in the user dot token.

A

And then we'll just do um then profile.

A

We'll end a wait.

A

And let's just um do a json stringify on the profile and see what it looks.

A

Like like that, okay.

A

All right so we're on the home page. If we go to protected.

A

Now the server doesn't exist, so we need to fire the server up.

A

So we'll go to our api and do yarn dev, and I want to see. Let me check and make sure that I set the environment um client id up for.

B

That.

A

Almost done.

A

Nope, let me set the client credentials up for the server.

A

Okay,.

A

Now, let's run our server.

B

And go home.

A

Reload, just in case okay, signed in protected cool and we got our um stuff back from the server we got like name and let's do email, we got email verified true, so that's super cool and you can see it kind of printed out here.

A

And let's print thought out.

A

Name.

A

Profile.Name, let's just start with.

B

That.

A

Full awesome, so there you have it. That's um is about as quick of a demo of using something like google off for swell as I can.

A

You can create a you know, kind of a shell page or um create on each page, this check or if user, and if that exists, you know you're logged in and at any point you can log out, then that user will be set to null um and uh yeah. If you go to protected, nothing will show there. You can obviously show that you're not logged in go to the login, page, etc.

A

Click sign in get access to the user's google accounts they can sign in and then you can hit your api.

A

So that's it. Hopefully you enjoyed this video and uh thanks for watching.

A

uh

A

You.