or run

npx @tessl/cli init
Log in

Version

Files

evals

scenario-6

rubric.jsontask.md
tile.json

task.mdevals/scenario-6/

User Profile Dashboard

Build a simple Express.js application that authenticates users with Google OAuth 2.0 and displays their profile information on a dashboard page.

Capabilities

Google OAuth Authentication

Implement Google OAuth 2.0 authentication that allows users to sign in with their Google account.

  • Starting the authentication flow at /auth/google redirects the user to Google's OAuth consent screen @test
  • After successful authentication at /auth/google/callback, the user is redirected to the dashboard @test
  • If authentication fails, the user is redirected to /login @test

Profile Data Display

Display the authenticated user's profile information on a dashboard page.

  • The dashboard at /dashboard displays the user's Google ID, display name, and email address when authenticated @test
  • Accessing /dashboard without authentication redirects to /login @test

User Session Management

Maintain user authentication state across requests using sessions.

  • After successful authentication, subsequent requests to /dashboard do not require re-authentication @test
  • Logging out at /logout clears the session and redirects to /login @test

Implementation

@generates

API

/**
 * Express.js application with Google OAuth authentication
 *
 * Routes:
 * - GET /auth/google - Initiates Google OAuth flow
 * - GET /auth/google/callback - Handles OAuth callback
 * - GET /dashboard - Displays user profile (requires authentication)
 * - GET /login - Login page
 * - GET /logout - Logs out user and clears session
 *
 * The application should:
 * - Configure Google OAuth 2.0 strategy with appropriate scopes
 * - Retrieve user profile data including id, displayName, and email
 * - Store authenticated user in session
 * - Protect dashboard route to require authentication
 */

const express = require('express');
const app = express();

// Configure and start the Express server
function startServer(port = 3000) {
  return app.listen(port);
}

module.exports = { app, startServer };

Configuration

The application should read OAuth credentials from environment variables:

  • GOOGLE_CLIENT_ID - Google OAuth 2.0 client ID
  • GOOGLE_CLIENT_SECRET - Google OAuth 2.0 client secret
  • CALLBACK_URL - OAuth callback URL (e.g., http://localhost:3000/auth/google/callback)
  • SESSION_SECRET - Secret for session encryption

Dependencies { .dependencies }

express { .dependency }

Web framework for Node.js

passport { .dependency }

Authentication middleware for Node.js

passport-google-oauth { .dependency }

Google OAuth authentication strategy for Passport

express-session { .dependency }

Session middleware for Express