@x-sls/google-auth 1.0.1

package/package.json

@@ -0,0 +1,9 @@
+{
+  "name": "@x-sls/google-auth",
+  "version": "1.0.1",
+  "main": "src/index.js",
+  "scripts": {},
+  "dependencies": {
+    "jsonwebtoken": "^9.0.2"
+  }
+}

package/src/client.js

@@ -0,0 +1,63 @@
+function createClient({
+  GOOGLE_CLIENT_ID,
+  GOOGLE_CLIENT_SECRET,
+  REDIRECT_URI
+}) {
+  const createAuthUrl = () =>
+    `https://accounts.google.com/o/oauth2/v2/auth?client_id=${GOOGLE_CLIENT_ID}&redirect_uri=${REDIRECT_URI}&response_type=code&scope=profile email`
+
+  const getAccessToken = async ({ code }) => {
+    let text
+    try {
+      const res = await fetch('https://oauth2.googleapis.com/token', {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({
+          client_id: GOOGLE_CLIENT_ID,
+          client_secret: GOOGLE_CLIENT_SECRET,
+          code,
+          redirect_uri: REDIRECT_URI,
+          grant_type: 'authorization_code'
+        })
+      })
+
+      text = await res.text()
+
+      return JSON.parse(text)
+    } catch (error) {
+      if (text) {
+        console.error({ text })
+      }
+      throw error
+    }
+  }
+
+  const getUserInfo = async ({ access_token }) => {
+    let text
+    try {
+      const res = await fetch('https://www.googleapis.com/oauth2/v1/userinfo', {
+        headers: {
+          Authorization: `Bearer ${access_token}`
+        }
+      })
+
+      text = await res.text()
+      return JSON.parse(text)
+    } catch (error) {
+      if (text) {
+        console.error({ text })
+      }
+      throw error
+    }
+  }
+
+  return {
+    getUserInfo,
+    getAccessToken,
+    createAuthUrl
+  }
+}
+
+module.exports = createClient

package/src/handlers.js

@@ -0,0 +1,88 @@
+const jwt = require('jsonwebtoken')
+
+const { createAuthUrl, getAccessToken, getUserInfo } = require('./index')
+
+async function initiate() {
+  return {
+    statusCode: 302,
+    headers: {
+      Location: createAuthUrl({ GOOGLE_CLIENT_ID, REDIRECT_URI })
+    }
+  }
+}
+
+async function callback(event) {
+  const { code } = event.queryStringParameters
+  const headers = {
+    'Access-Control-Allow-Origin': '*',
+    'Access-Control-Allow-Credentials': true,
+    'Access-Control-Allow-Headers': 'Content-Type, Authorization'
+  }
+
+  try {
+    const { access_token } = await getAccessToken({
+      code,
+      GOOGLE_CLIENT_ID,
+      GOOGLE_CLIENT_SECRET,
+      REDIRECT_URI
+    })
+    const info = await getUserInfo({ access_token })
+
+    const { email, name, picture } = info
+    const sessionToken = jwt.sign(
+      {
+        email,
+        name,
+        picture
+      },
+      JWT_SECRET,
+      { expiresIn: '1d' }
+    )
+
+    console.log({ sessionToken })
+
+    return {
+      statusCode: 200,
+      headers,
+      body: JSON.stringify({ token: sessionToken })
+    }
+  } catch (error) {
+    console.error('Error:', error)
+    return {
+      statusCode: 401,
+      headers,
+      body: JSON.stringify({ error: 'Authentication failed' })
+    }
+  }
+}
+
+async function verify(event) {
+  try {
+    const { token } = JSON.parse(event.body)
+    const decoded = jwt.verify(token, JWT_SECRET)
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Allow-Credentials': true
+      },
+      body: JSON.stringify({ user: decoded })
+    }
+  } catch (error) {
+    return {
+      statusCode: 401,
+      headers: {
+        'Access-Control-Allow-Origin': '*',
+        'Access-Control-Allow-Credentials': true
+      },
+      body: JSON.stringify({ error: 'Invalid token' })
+    }
+  }
+}
+
+module.exports = {
+  initiate,
+  callback,
+  verify
+}

package/src/index.js

@@ -0,0 +1,7 @@
+const jwt = require('jsonwebtoken')
+const createClient = require('./client')
+
+module.exports = {
+  createClient,
+  jwt
+}