Implementing Google Social Login with CoSync Auth
Be yourself; everyone else is already taken — Oscar Wilde
In 2011, Google+ unveiled its social login feature, enabling users to seamlessly access third-party websites or mobile applications. Social login operates as an API mechanism, where entities like Google or Apple furnish authentication services for applications. The concept revolves around users entrusting login credentials to a major provider, allowing them to effortlessly sign up or log in to diverse third-party apps. Take Google, for instance — users typically possess a Gmail account and associated password, a prerequisite for Android smartphone users. Likewise, Apple ID, an email handle coupled with a password, is integral for iPhone users. In the realm of social login, these credentials are leveraged to gain entry to an application.
The primary merit of social login lies in sparing the application user from the hassle of generating unique login credentials for each individual app. This proves advantageous not only in terms of security but also in simplifying user account management. The fewer accounts a user has to juggle, the lower the risk of security breaches and the decreased likelihood of losing credentials. However, the paramount benefit accrues to the application developer, as social login significantly streamlines the onboarding process, eliminating the need to verify user emails and establish new passwords. This results in a marked reduction in adoption friction, enhancing the user experience.
CoSync specializes in crafting authentication software tailored for mobile and web applications within the MongoDB Realm ecosystem. Their flagship product, CoSync Auth, offers a self-hosted solution running on Microsoft Azure, utilizing MongoDB Atlas for storing user authentication data. The key selling points of CoSync Auth lie in its cost-effectiveness and the autonomy it grants to application developers in managing their user data. Unlike cloud-based authentication services that levy escalating per-user charges, CoSync Auth incurs a one-time fee, providing a predictable and economical model. Moreover, it empowers developers with full control over their user data, a crucial aspect in maintaining data integrity and compliance.
The Cosync Auth software is currently available for $59 for a lifetime deal from AppSumo on their website.
Contrarily, cloud-based authentication services can quickly become financially burdensome as the user base expands, essentially imposing an implicit tax on developers. This becomes especially problematic for developers offering free services to a large user base. Additionally, once a developer integrates a cloud-based authentication service into their widely adopted application, extricating from it becomes a Herculean task. Entrusting a third-party authentication service with control over the user base creates a dependency, with little incentive for the service provider to facilitate migration beyond their platform. Consequently, developers find themselves ensnared within the confines of a “walled garden,” impeding their ability to transition to alternative solutions.
Typically, application developers furnish both email/password signup and login options alongside social login functionality. A profile established via social login is usually marked as such and is ideally accessed exclusively through social login in subsequent interactions. In scenarios where a user also creates an account using the same email address as their social login, the application might offer a mechanism to merge both accounts at the application level. However, this merging process tends to introduce complexities that often perplex users.
In my view, if a user opts to associate their account with an email address via social login, it’s advisable for them to consistently access their account through social login. Distinguishing between these account types adds an extra layer of complexity for application developers, chiefly due to the differing authentication pathways.
The CoSync Auth authentication system was crafted to offer a unified framework accommodating both social login and traditional email/password accounts. This approach greatly simplifies the integration of social login alongside conventional authentication methods. Moreover, by integrating social login into its backend server, CoSync Auth obviates the need for developers to implement special handling to differentiate between the two account types post-login/signup. Upon authentication, the CoSync Auth server labels the account as a social login account, specifying the social login provider used for authentication, be it ‘Google’ or ‘Apple’.
The CoSync Auth REST API furnishes a ‘login’ function for traditional email/password login and a ‘socialLogin’ function for social login via ‘Google’ or ‘Apple’. Both functions yield a JWT token and an access token. The JWT token facilitates login to MongoDB Realm and authorizes access to the database, while the access token enables communication with CoSync Auth post-authentication. The CoSync Auth system adeptly manages all the administrative tasks associated with distinguishing between users authenticated via email/password and those authenticated via social login.
This article aims to guide readers through the implementation of ‘Google’ social login functionality within a standard Swift mobile application, leveraging the CoSync Auth authentication system. CoSync’s approach to social login revolves around delegation, wherein the social provider, whether it be Google or Apple, assumes responsibility for authenticating users into the application, whether during signup or subsequent logins. Typically, social providers furnish an SDK, often in the form of a Swift Package, to facilitate this process. During social signup or login, the application first interfaces with the social provider, which in turn furnishes a social token (commonly implemented as a JWT token) alongside user metadata, such as the user’s first and last name, and email address, which is retained by the social provider. Given that CoSync Auth offers a customizable metadata schema for each application user, the social metadata is typically harmonized with the CoSync metadata upon signup.
For detailed documentation on the Google social signup protocol, please refer to the provided link:
To install the Swift Packages to support Google social signup, include the following:
By going to File -> Add Package Dependencies in Xcode. This will add the following packages to your project.
- AppAuth
- GoogleSignin
- GTMAppAuth
- GTMSessionFetcher
If you’re utilizing the sample application CosyncAuthSwiftDemo provided by CoSync, housed at:
git@github.com:Cosync/CosyncAuthSwiftDemo.gitRest assured, the necessary packages are already bundled for your convenience.
To register with the CoSync Auth system, developers should navigate to the CoSync Portal, accessible via https://portal.cosync.net.
Within this portal lies a Sandbox environment where developers can freely construct authentication mechanisms for their applications. Comprehensive documentation for this system is available at https://cosync.net
Detailed instructions on building a MongoDB Realm application for iOS are provided in the documentation, thus we won’t delve into it here. However, once the sample application is up and running, a series of steps are required to integrate Google social login functionality. Fortunately, the CosyncAuthSwiftDemo sample application comes pre-equipped with all necessary components for this integration.
To initiate the setup process, navigate to the Google Cloud Console via the following link https://console.cloud.google.com.
Firstly, within your organization, create a project
Next, proceed to ‘APIs & Services’ and navigate to the OAuth consent screen, selecting ‘Internal’, then hit ‘Create’. Enter the required details:
- App Name
- User support email
- Developer contact information (email)
After saving, move to ‘Credentials’, hit ‘CREATE CREDENTIALS’, and select ‘OAuth Client Id’.
Choose ‘iOS’ as the application type. Input your application’s name and Bundle ID (available in Xcode).
Securely store the generated client Id.
70348109745-mkhfltcd8dasvmm0oddgupee81umgntf.apps.googleusercontent.comUnder ‘OAuth 2.0 Client IDs’, click on your application to retrieve additional information.
Safeguard the iOS URL scheme.
com.googleusercontent.apps.70348109745-mkhfltcd8dasvmm0oddgupee81umgntfWithin the CoSync Portal’s AUTH tab, navigate to the ‘Allow Google Login’ section. Enable Google login and input your Google client Id.
Your application is now primed for Google social login. Some final steps remain within Xcode. In Xcode, open the Constants file and include an entry for your GOOGLE_CLIENT_ID.
Under the ‘info’ table of your project file, add a URL type with the saved URL scheme.
With these steps completed, your sample app is now equipped to deploy Google social login. Save and run your app within the iOS simulator.
At this stage, users can easily sign in or sign up using the integrated “Sign in with Google” button. Integration of social login using Apple ID follows a similarly straightforward process, which we’ll explore in our upcoming Medium articles.
If you are interested in purchasing a lifetime deal for using the Cosync Auth system, you can purchase it from AppSumo here. This is a limited time off and will expire soon.
In conclusion, CoSync Auth streamlines the incorporation of social login functionality alongside traditional email/password authentication, presenting a unified approach to authentication. Social logins offer a smoother onboarding experience compared to traditional methods, reducing friction for new users exploring your software. We trust this article proves beneficial; feel free to share it.
