Skip to content

Feat: Add Google OAuth2 #54

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Feat: Add Google OAuth2 #54

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,11 @@ Once pm2.web is installed and running, you can perform the following actions:
- **Usage**: Only registered users (per credentials) can login with auth2, which links the oauth2 with the existing user account in the database
- **Setup Registration Code**
- Go to the settings page and add/generate the registration code
- **Setup Google OAuth (Planned/On Demand)**
- TBD
- **Setup Google OAuth**
- https://console.cloud.google.com/apis/credentials -> New OAuth 2.0 client
- Configure the callback url to `http://<domain|ip:port>/api/auth/callback/google`
- Add `NEXT_PUBLIC_GOOGLE_CLIENT_ID` and `GOOGLE_SECRET` to the `.env` file with the values from the OAuth App
Copy link
Owner

@oxdev03 oxdev03 Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there a specific reason, why the env is not named GOOGLE_CLIENT_SECRET?



## Up Next

Expand Down
57 changes: 51 additions & 6 deletions apps/dashboard/pages/api/auth/[...nextauth].ts
View file
Open in desktop
Copy link
Owner

@oxdev03 oxdev03 Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code is not formatted.

Original file line number Diff line number Diff line change
Expand Up @@ -78,13 +78,58 @@ const providers = () => {
);
}

if (process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID && process.env.GOOGLE_CLIENT_SECRET) {
if (process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID && process.env.GOOGLE_SECRET) {
p.push(
GoogleProvider({
clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
}),
);
GoogleProvider({
clientId: process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID as string,
clientSecret: process.env.GOOGLE_SECRET as string,

userinfo: {
async request({ client, tokens }) {
const profile = await client.userinfo(tokens.access_token!);
await connectDB();
Copy link
Owner

@oxdev03 oxdev03 Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not necessary

Suggested change
await connectDB();


if (!profile.email) throw new Error("NoEmail");

const user = await userModel.findOne({
email: { $regex: new RegExp(profile.email, "i") },
});

if (!user) throw new Error("NotRegistered");
//check if auth provider is already linked
if (!user.oauth2?.provider) {
user.oauth2 = {
provider: "google",
providerUserId: profile.sub as string,
};
await user.save();
}

const u = user.toJSON();

if (!u.acl.owner && !u.acl.admin && !u.acl?.servers?.length) throw new Error("Unauthorized");

// spread userObj to use in profile function
return {
...profile,
id: user._id,
name: user.name,
email: user.email,
userObj: u,
};
},
},
profile(profile) {
return {
id: profile.id.toString(),
name: profile.name,
email: profile.email,
image: profile.picture,
...profile.userObj,
};
},
})
);
}

p.push(
Expand Down
20 changes: 16 additions & 4 deletions apps/dashboard/pages/login.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -72,9 +72,21 @@ export default function AuthenticationForm({
<>
<Group grow mb="md" mt="md">
{process.env.NEXT_PUBLIC_GOOGLE_CLIENT_ID && (
<Button leftSection={<GoogleIcon />} variant="default" color="gray" radius="xl">
Google
</Button>
<Tooltip label="Registered user account is required to login with Google" position="top">
<Button
leftSection={<GoogleIcon />}
variant="default"
color="gray"
radius="xl"
onClick={() =>
signIn("google", {
callbackUrl: (callbackUrl as string) || "/",
})
}
>
Google
</Button>
</Tooltip>
)}
{process.env.NEXT_PUBLIC_GITHUB_CLIENT_ID && (
<Tooltip label="Registered user account is required to login with Github" position="top">
Expand Down Expand Up @@ -234,4 +246,4 @@ export async function getServerSideProps(context: GetServerSidePropsContext) {
registrationCodeRequired: await helpers.setting.registrationCodeRequired.fetch(),
},
};
}
}
Loading