Google OAuth
This page is roadmap documentation only. It should not be treated as a working setup guide for the current branch.
Current status
- No built-in Google OAuth flow is shipped here
- No login, callback, or session endpoints are available on this branch
- The public configuration API for this feature is still pending implementation
What to use today
For production protection today, use Cloudflare Access. That is the only documented auth flow that matches the current code.
Planned use case
The intended direction is team login through Google accounts, but the final configuration shape, callback handling, and session model are not part of the current codebase yet.
Dev Branch Preview
On the dev branch, Google OAuth is configured through the same oauth() provider with a google block:
// dev branch preview only
import { oauth } from '@conloca/content-api/node';
auth: {
provider: oauth({
google: {
clientId: process.env.GOOGLE_CLIENT_ID,
clientSecret: process.env.GOOGLE_CLIENT_SECRET,
},
sessionSecret: process.env.SESSION_SECRET,
}),
roles: {
admin: ['lead@company.com'],
editor: ['*@company.com'],
},
}
As on the GitHub preview, the dev branch implementation includes login/callback routes and signed session cookies.
Next steps
- Getting Started — Set up your first Conloca site
- Cloudflare Access — Current production-ready protection
- Docker deployment — Deploy with Docker Compose