A boilerplate Electron app demonstrating Google OAuth 2.0 login using PKCE, with persistent access token storage via Keytar, and a simple React UI.
- Login with Google (OAuth 2.0 PKCE flow)
- Secure token storage in OS keychain (Keytar)
- Fetch and display Google profile (avatar, name, email)
- Logout functionality
- Persistent login across app restarts
- Node.js >= 18
- npm >= 9
git clone (https://github.com/SafaMaqbool/electron-js)
cd electron-jsCreate a .env file in the server folder and add the following:
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secretTo enable Google login, you must create OAuth credentials in the Google Cloud Console.
-
Go to the Google Cloud Console
https://console.cloud.google.com/ -
Click the project selector at the top and create a new project
(or select an existing one). -
In the left sidebar, go to:
APIs & Services → Credentials -
Click Create Credentials → OAuth client ID
-
If prompted, configure the OAuth consent screen:
- User type: External
- App name: anything (e.g.
Electron OAuth Demo) - Support email: your email
- Developer contact email: your email
- Save and continue (no scopes needed beyond basic profile)
-
Create the OAuth Client:
- Application type:
Desktop app - Name:
Electron Google OAuth PKCE
- Application type:
-
Click Create
-
Copy the generated Client ID and Client Secret
-
Paste them into your
.envfile inside theserverfolder:
GOOGLE_CLIENT_ID=your-google-client-id
GOOGLE_CLIENT_SECRET=your-google-client-secretImportant:
Do NOT commit your .env file
The client secret is used only on the backend to securely exchange tokens.
cd server
npm install
Electron App (frontend)
cd ../app
npm install
cd server
npm start
The server will run on:
http://localhost:4000
The backend must be running for the Electron app to authenticate.
cd ../app
npm start
Click Login with Google to authenticate
View your Google profile (avatar, name, email)
Restart the app to see persistent login
Click Logout to revoke the token and clear session