Connect middleware that lets only members of your Google Apps account through.
Last updated 3 years ago by jakajancar .
Original npm · Tarball · package.json
$ cnpm install google-apps-sso 
SYNC missed versions from official npm registry.

Google Apps SSO Middleware

Only lets users signed into your Google Apps domain through.


  1. Register an application in the Google APIs Console.

  2. Include the SSO middleware (and cookie-session):

    var app = express();
    app.use(require('cookie-session')({secret: "..."}));
    app.use(require('google-apps-sso')('app id', 'app secret', ''));

    You can also use any other middleware that defines req.session, but keep in mind that it should be signed. It should also be encrypted if the site is not served over https, or replay attacks are possible.

  3. (optional) Use the user information

    After passing through the SSO middleware, the requests will have the user property defined:

    req.user = {email: "", ...}

    The value is cached in the session cookie for 5 minutes between requests to Google.

  4. (optional) Logout

    Since the middleware does not explicitly prompt the user to log in but does it automatically, it makes little sense to log the user out by just destroying the local the session: the user will just be logged right back in.

    To clear the session as well as log the user out of Google Apps, call res.logout().

Current Tags

  • 1.2.1                                ...           latest (3 years ago)

4 Versions

  • 1.2.1                                ...           3 years ago
  • 1.2.0                                ...           3 years ago
  • 1.1.0                                ...           3 years ago
  • 1.0.0                                ...           8 years ago
Maintainers (1)
Today 0
This Week 0
This Month 0
Last Day 0
Last Week 0
Last Month 1
Dependencies (2)
Dev Dependencies (0)
Dependents (1)

Copyright 2014 - 2016 © |