Google Action Builder 帐户链接与 Node js 中的自定义身份验证
[英]Google Action Builder Account Linking with custom authentication in Node js
问题描述
I'm creating Google Actions Builder action console and I'm having some doubt in Account Linking .
我正在创建Google Actions Builder操作控制台,但我对Account Linking有一些疑问。 Should be like, need to authenticate account linking based on my database data.应该是这样,需要根据我的database数据对帐户链接进行身份验证。
Example:例子:
While
Account Linkingif I wanted to pass a email (abc@gmail.com), that email should be active and only on that caseAccount Linkingshould be allow.abc@gmail.com) 进行Account Linking,则 email 应该处于活动状态,并且仅在这种情况下应该允许Account Linking。 So for this I want to write customNode Jsfunction.Node Jsfunction。
So that I have used Link Type as oAuth and Authorization , Token URL I set with as my custom Node Js functions.所以我使用了Link Type作为oAuth和Authorization , Token URL 我设置为我的自定义Node Js函数。
My doubt:我的疑问:
- how to pass email id while link
Account Linking.如何在链接Account Linking时传递 email id。 - After validate email how can I link account in
Google Actions Builder.验证 email 后如何在Google Actions Builder中链接帐户。
My Node Js Code我的节点 Js 代码
Here I want to write function inside auth call back function inside if(result) .这里我想在if(result)里面写 function 里面的auth call back function 。
const express = require('express');
const port = 5003;
const app = express();
app.get('/', (req, res) =>{
res.send(`Welcome to Test App Nodejs`);
})
app.get('/auth', (req, res) =>{
var email = req.query.email;
userModel.findAll({
where: {
emailId: email,
status:1
}
}).then((result) =>{
if(result){
// Allow to account link
} else{
// to return Thanks for trying to account linking
}
}).catch((err)=>{
res.send(err);
})
});
app.listen(port, (req, res)=>{
console.log(`Test App runing with ${port}`)
})
1 个解决方案
解决方案1
1 已采纳 2022-08-01 11:47:08
There are a number of things about your question that don't fit with how Account Linking is meant to work, so it might make sense to get a brief overview of how Account Linking works.关于您的问题的许多内容与帐户链接的工作原理不符,因此简要概述帐户链接的工作原理可能是有意义的。
The purpose of Account Linking is to provide a way that a user record that you maintain for your service gets associated with an Assistant account.帐户链接的目的是提供一种方式,使您为服务维护的用户记录与助理帐户相关联。 This is done (broadly speaking) by the user authorizing Google to access basic information about the user's records in your system.这是由用户授权 Google 访问您系统中有关用户记录的基本信息(广义而言)完成的。 This is done using OAuth2.这是使用 OAuth2 完成的。
There are variants (authorizing using a mobile app, or authorizing the Google account to give you the user record), but they generally work the same way:有多种变体(使用移动应用程序授权,或授权 Google 帐户向您提供用户记录),但它们通常以相同的方式工作:
- You authorize Google to get access to information您授权 Google 访问信息
- Google provides this information as part of the request sent to your webhook Google 将此信息作为发送到您的 webhook 的请求的一部分提供
So it does not exactly make sense for you to provide to your webhook an email address and expect it to link somehow.因此,向您的 webhook 提供 email 地址并期望它以某种方式链接并不完全有意义。 That isn't how this works.这不是这样工作的。 If anything - it makes it so you don't need to ask the user for their email address, you can just get it from the linked account.如果有的话 - 它使您无需向用户询问他们的 email 地址,您可以从链接帐户中获取它。
If you are trying to build a webhook that does the authorization part, you'll need to have it handle OAuth2 .如果您正在尝试构建一个执行授权部分的 webhook,则需要让它处理 OAuth2 。 This is a lot more than "pass an email address", however, and while it is not difficult , it can be tricky to get some security elements correct.这比“传递一个 email 地址”要多得多,虽然这并不困难,但要正确地获取一些安全元素可能会很棘手。 This is usually best left to tools such as Auth0 or other identity providers.这通常最好留给 Auth0 或其他身份提供者等工具。
You can also learn more about Account Linking and how it works in general with Action Builder.您还可以了解有关帐户链接的更多信息以及它如何与 Action Builder 一起使用。
Also, keep in mind that conversational actions will be shut down on June 13 2023.此外,请记住,对话操作将于 2023 年 6 月 13 日关闭。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.