Login using the Google API and PHP

In a previous guide, we created a Google App. In this guide we will make use of the app by creating a login script that will login using the Google App.

1. Setup the PHP version of the Google API Client

You will need to install the Google API Client. This is what we will use to setup google login. Visit the google-api-php-client on Github.

In order to setup the client, you will need composer installed on your system. You can get it from here

Make sure you create a folder for your login project. You will need to install the composer libaries there.

2. Create an index.php file

In the folder, that you selected in step 1, you will create your index.php and login.php files.

The first thing we will do is create a Login with Google button.

Notice that I start the session at the top of the page. Then I check if a session variable exists. If no session exists, then show a Login link. If it does, then show the Logout link.


<?php session_start(); ?>


<?php if (!isset($_SESSION['access_token'])) { ?>
    <a href="login.php" role="button" class="btn btn-info">Login with Google

<?php } else { ?>
    <a href="logout.php" role="button" class="btn btn-danger">Logout

<?php } ?>

3. Create the login.php file

Create your login.phpp in the folder, that you selected in step 1. This is where the bulk of our PHP code will go.

Recall from the previous tutorial you created a Google APP, and generated google credentials. For the following code, you will need the client id and the client secret that you setup in that step.

While you are getting that information, also remember to get the redirect url that you added. We will need all three values for the script.

What this code does, in a nutshell: Checks to see if you have the code parameter in the url. If you don't then redirect to google's server, log the user. If the user was logged in successfully then the user will be redirected back to this location with a code. Because we have a code, we will be able to set the logged_in session, and then redirect user back to the index page.

TIP: Right now this login isn't very practical or secure. For one, everyone, who can login, will have access to your content.


<?php
session_start();

require_once '../vendor/autoload.php';

$client = new Google\Client();
$client->setClientId('CLIENT_ID'); // replace CLIENT_ID with your google app's client id
$client->setClientSecret('CLIENT_SECRET'); // replace CLIENT_SECRET with your google app's client secret
$client->setRedirectUri('http://localhost/login.php'); // replace this url with the url you used when you set it up on the app.

// check of we have a code parameter. if not, redirect the user to login.
if(isset($_GET['code'])){
	$_SESSION['logged_in'] = true;
	header('Location: index.php');
} else {
	$auth_url = $client->createAuthUrl();
	header('Location: ' . filter_var($auth_url, FILTER_SANITIZE_URL));
}
?>

Congratulations!

Congratulations! You have successfully utilized the Google API to login to your website. Follow the next tutorial to learn how to hook your script up to Google Calendar. Please check back for the next tutorial.

Reach out to me if you have any questions or feel anything isn't clear in this guide.