I'm trying to authenticate user by Google token sent from an Android app. I'm using node.js and passport.
var GoogleTokenStrategy = require('passport-google-id-token');
var passport = require('passport');
var User = require('./models/usersModel.js');
module.exports = function(app) {
passport.use(new GoogleTokenStrategy({
clientID: "here-is-my-client-id.apps.googleusercontent.com"
},
function(parsedToken, googleId, done) {
User.findOrCreate({ googleId: googleId }, function (err, user) {
if(err) {
return done(err);
}
if(!user) {
user = new User({
username: googleId
});
user.save(function(err) {
if(err) console.log(err);
return done(err, user);
});
} else {
return done(err, user);
}
});
}
));
app.post('/auth/google',
passport.authenticate('google-id-token'),
function (req, res) {
res.send(req.user? 200 : 401);
}
);
};
However, I only keep getting 401 response and "Unauthorized" message. I double-checked my clientID, I also used https://www.googleapis.com/oauth2/v3/tokeninfo?id_token to validate the generated token, and everything seems to be ok.
What is more, yesterday, when I did my first tests, it worked. Today, with a new token, it doesn't.
What am I missing here?
