passport-google-oauth | Google authentication strategies for Passport | Authentication library

I am able to connect successfully with only selecting node 2.2.12 or later option from MongoDB atlas account.

And the string uri is as like below:

Node.js 4.4.4 is absolutely ancient.

It doesn't even show up on this page of releases, which says in part:

After six months, odd-numbered releases (9, 11, etc.) become unsupported, and even-numbered releases (10, 12, etc.) move to Active LTS status and are ready for general use. LTS release status is "long-term support", which typically guarantees that critical bugs will be fixed for a total of 30 months.

Version 4.4 is well beyond its maintenance window, and I strongly urge you to upgrade this project.

Having said that, there's a good chance you can get Heroku to run Node.js 10 to match your local version. Heroku only officially supports the current and active LTS releases, but it doesn't prevent you from using older releases:

Since Heroku is based on a standard Ubuntu Linux stack, you can run most Node versions (>= 0.10.0) on the platform. However, the testing and support focus of the buildpack will be oriented around active LTS and Stable releases.

Update the engines section in your package.json:

You need to export sequelize instance in index.js and use it in user-model.js instead of creating one more Sequelize instance there:

Have you found a solution? If not, I'd try http://localhost... instead of https://localhost... since you need a working self-signed certificate for using https with localhost for communicating e.g. with google. Make sure you have http in your google API settings too.

Remove the engines from your package.json and try running it again. It looks like there was an issue related to this

Source

A few developers are now slowly getting this hopefully temporary problem when they update their projects.

For example: https://github.com/facebook/create-react-app/issues/11012

Recommendation is to leave this on the todo list, and wait a few days while the package developers fix this (at least for the packages that already have been notified)

Then run audit fix again

In the meantime, one error in particular the 'high' severity one...

But I can't workout where this is defined / where I need to change it.

That's where your frontend is running, and you are using relative urls. You probably just want to do:

The issue is your app can't find the Google Client ID.

TypeError: OAuth2Strategy requires a clientID option

It seems like you haven't configured your .env variables properly in Heroku. The solution is really simple.

1. DOTENV Approach

If you've defined your .env in this manner,

the problem is that I should not have get the /auth/google via axios, instead I should redirect user via a tag to the backend of /auth/google for instance and set the redirectURL in /auth/google/callback/ to the localhost of frontend.

that was not CORS problem at all . that was google's problem that couldn't recognize what to do next and callback would never have been called !