1

I am creating an application in Node.js, hosted by Heroku. Using passport.js, I have already implemented sign-in authentication with a google account, integrated with a mySQL database.

In part of the application, I ask the applicant to upload a set of files. The way I would like to handle the uploading is through google drive APIs. Essentially, the user will be able to select files, which the back-end would then upload to a single-account google drive. Note: This will be a separate account from any of the applicant's accounts.

While I understand the process of uploading and retrieving the files, I am still unsure how the tokens work. From my research online I know:

  • Access tokens expire after a certain time
  • Refresh Tokens do not expire and are to be stored in the database

My question is how to manage these tokens in the backend. My current plan is to use the google oauth playground to get the access tokens for the app under the shared account. Then, every time I need to upload or access a file, I get a new access token using the refresh token, and then use that access token to do my API calls.

However, after doing some implementation testing, I have some confusion. I went through the Google Node.js Quickstart Guide and then modified the code to do a file-upload instead of a file reader. The modified code is below:

function fileUpload(auth) {
  var drive = google.drive({version: 'v2'});

  drive.files.insert({
    auth: auth,
    resource: {
      title:'Test',
      mimeType: 'text/plain'
    },
    media: {
      mimeType: 'text/plain',
      body: 'TEST'
    }
  }, function(err, response) {
    if (err) {
      console.log('The API returned an error ' + err);
      return;
    } else {
      console.log('Inserted')
    }
  });
}

From my understanding, after the access token is expired, you cannot use it anymore. However, after I ran the code after the access token expired, it was still able to complete the process. Further, the access token did not change either. Hence, my confusion is how to manage these access tokens, specifically if I need to worry about access tokens expiring, or if they are valid once they are used once.

Tyler Siegel
  • 11
  • 1
  • Are you sure the token expired? They last for 60 minutes at a time. This question is similar to your problem, but I use a Parse.com server to manage my tokens. http://stackoverflow.com/questions/32230977/using-google-drive-api-parse-to-store-files-on-a-single-drive-account/32276202#32276202 – Luke Cauthen Sep 02 '15 at 16:02

0 Answers0