diff --git a/libs/auth/google.js b/libs/auth/google.js
new file mode 100644
index 00000000..d1b0821f
--- /dev/null
+++ b/libs/auth/google.js
@@ -0,0 +1,113 @@
+const {OAuth2Client} = require('google-auth-library');
+module.exports = (s,app,config) => {
+    const client = new OAuth2Client(config.appTokenGoogle);
+    async function verifyToken(userLoginToken) {
+      const ticket = await client.verifyIdToken({
+          idToken: userLoginToken,
+          audience: config.appTokenGoogle,
+      });
+      const payload = ticket.getPayload();
+      const userid = payload['sub'];
+      return {
+          ok: !!payload.email,
+          user: payload.email ? {
+              id: userid,
+              name: payload.name,
+              email: payload.email,
+              picture: payload.picture,
+          } : null,
+      }
+    }
+    async function bindLoginIdToUser(loginId,groupKey,userId) {
+        const response = {ok: false}
+        const searchResponse = await s.knexQueryPromise({
+            action: "select",
+            columns: '*',
+            table: "LoginTokens",
+            where: [
+                ['loginId','=',user.id],
+            ]
+        })
+        if(!searchResponse.rows[0]){
+            const insertResponse = await s.knexQueryPromise({
+                action: "insert",
+                table: "LoginTokens",
+                insert: {
+                    loginId: loginId,
+                    ke: groupKey,
+                    uid: userId,
+                    lastLogin: new Date(),
+                }
+            })
+            response.ok = insertResponse.ok
+        }
+        return response
+    }
+    async function refreshLoginTokenAccessDate(loginId) {
+        const response = {ok: false}
+        const updateResponse = await s.knexQueryPromise({
+            action: "update",
+            table: "LoginTokens",
+            update: {
+                lastLogin: response.lastLogin
+            },
+            where: [
+                ['loginId','=',loginId],
+            ]
+        })
+        response.ok = updateResponse.ok
+        return response
+    }
+    async function deleteLoginToken(loginId) {
+        const response = {ok: false}
+        const updateResponse = await s.knexQueryPromise({
+            action: "delete",
+            table: "LoginTokens",
+            where: [
+                ['loginId','=',loginId],
+            ]
+        })
+        response.ok = updateResponse.ok
+        return response
+    }
+    async function loginWithGoogleAccount(userLoginToken) {
+        const response = {ok: false}
+        const tokenResponse = await verifyToken(userLoginToken)
+        if(tokenResponse.ok){
+            const user = tokenResponse.user
+            const searchResponse = await s.knexQueryPromise({
+                action: "select",
+                columns: '*',
+                table: "LoginTokens",
+                where: [
+                    ['loginId','=',user.id],
+                ]
+            })
+            if(searchResponse[0]){
+                const loginTokenRow = searchResponse[0]
+                const userResponse = await s.knexQueryPromise({
+                    action: "select",
+                    columns: '*',
+                    table: "Users",
+                    where: [
+                        ['uid','=',loginTokenRow.uid],
+                        ['ke','=',loginTokenRow.ke],
+                    ]
+                })
+                response.ok = true
+                response.user = userResponse
+            }else{
+                // make new if no users?
+            }
+        }
+        return response
+    }
+    return {
+        client: client,
+        verifyToken: verifyToken,
+        deleteLoginToken: deleteLoginToken,
+        bindLoginIdToUser: bindLoginIdToUser,
+        loginWithGoogleAccount: loginWithGoogleAccount,
+        refreshLoginTokenAccessDate: refreshLoginTokenAccessDate,
+    }
+}
diff --git a/web/pages/index.ejs b/web/pages/index.ejs
index 2259e605..b78147d9 100644
--- a/web/pages/index.ejs
+++ b/web/pages/index.ejs
@@ -1,5 +1,6 @@
 <% include blocks/header %>
 <link rel="stylesheet" href="<%-window.libURL%>libs/themes/Ice/style.css">
+<meta name="google-signin-client_id" content="950694610695-9mao10ud52f7n1no5s2uqupmnusr9jlf.apps.googleusercontent.com">
 <style>
 .wide-text{
     text-transform: uppercase;
@@ -122,6 +123,9 @@
                                     <% } %>
 									<div class="form-group">
                                         <button type="submit" name="login-submit" id="login-submit" tabindex="4" class="btn btn-success btn-block wide-text" style="color:#FFF"><i class="fa fa-key"></i> <%- lang.Login %></button>
+									</div>
+									<div class="form-group">
+                                        <div class="g-signin2" data-onsuccess="onGoogleSignIn"></div>
 									</div>
 									<div class="form-group text-center" style="margin:0">
                                         <span style="<%- config.poweredByShinobiClass %>;margin-right: 10px" class="epic-text text-green"><i class="fa fa-sign-in"></i> <%- lang['Remember Me'] %></span>
@@ -212,3 +216,16 @@ $('[selector]').change(function(e){
     $('.'+e.a+'_text').text($(this).find('option:selected').text())
 }).change();
 </script>
+<script src="https://apis.google.com/js/platform.js" async defer></script>
+<script>
+function onGoogleSignIn(googleUser) {
+  var profile = googleUser.getBasicProfile();
+  console.log('ID: ' + profile.getId()); // Do not send to your backend! Use an ID token instead.
+  console.log('Name: ' + profile.getName());
+  console.log('Image URL: ' + profile.getImageUrl());
+  console.log('Email: ' + profile.getEmail()); // This is null if the 'email' scope is not present.
+
+  var id_token = googleUser.getAuthResponse().id_token;
+  console.log("ID Token: " + id_token);
+}
+</script>