google-authentication
How to add Google Authenticator to my website?
The key phrase that you’re looking for is “TOTP” (Time-Based One-time Password) – and it is a specification, rather than an API maintained by Google. At a very high level, your backend will generate a secret that it will share with your users’ Google Authenticator app. At login, both the Authenticator app and your backend … Read more
Error: req#logout requires a callback function
Since version 0.6.0 (which was released only a few days ago by the time of writing this), req.logout is asynchronous. This is part of a larger change that averts session fixation attacks. See the release announcement: The other major change is that that req.logout() is now an asynchronous function, whereas previously it was synchronous. For … Read more
gapi.auth2.ExternallyVisibleError: Invalid cookiePolicy
Well, turns out I was trying to test the API by directly acessing my files locally (index.html). The Google Sign In API only works in a running web server. I started a simple node.js server, ran my app trhough this server, and everthing worked just fine.
Authenticating with OAuth2 for an app *and* a website
I just posted an answer to a similar StackOverflow question. Google calls this Hybrid Apps and explains how an “Android app obtains offline access for Web back-end”. The gist of it is that you’ll have to pass a massaged scope string into GoogleAuthUtil.getToken in order to get it to return an Authorization Code (not an … Read more