{"id":17703854,"url":"https://github.com/birddevelper/gomologin","last_synced_at":"2025-04-28T10:28:08.518Z","repository":{"id":57693983,"uuid":"485952148","full_name":"birddevelper/gomologin","owner":"birddevelper","description":"Gomologin is Golang (Go) login manager working with RDBMS Databases","archived":false,"fork":false,"pushed_at":"2023-05-18T10:11:28.000Z","size":44,"stargazers_count":3,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-30T08:41:30.739Z","etag":null,"topics":["authentication","authorization","go","golang","gomologin","login","login-manager","login-system","role","security","session","sql"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/birddevelper.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-04-26T21:24:55.000Z","updated_at":"2022-08-28T19:24:43.000Z","dependencies_parsed_at":"2023-07-16T01:02:46.536Z","dependency_job_id":null,"html_url":"https://github.com/birddevelper/gomologin","commit_stats":null,"previous_names":["birddevelper/gologin"],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/birddevelper%2Fgomologin","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/birddevelper%2Fgomologin/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/birddevelper%2Fgomologin/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/birddevelper%2Fgomologin/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/birddevelper","download_url":"https://codeload.github.com/birddevelper/gomologin/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251294245,"owners_count":21566234,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","authorization","go","golang","gomologin","login","login-manager","login-system","role","security","session","sql"],"created_at":"2024-10-24T21:06:15.830Z","updated_at":"2025-04-28T10:28:08.500Z","avatar_url":"https://github.com/birddevelper.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# What is Gomologin\n\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"https://mshaeri.com/blog/wp-content/uploads/2022/04/gologin.png\"  height=\"200\" \u003e\n\u003c/p\u003e\n\n**Gomologin** is an easy to setup professional login manager for Go web applications. It helps you protect your application resources from unattended, unauthenticated or unauthorized access. Currently it works with SQL databases authentication. It is flexible, you can use it with any user/roles table structure in database.\n\n## How to install \n\nGet the package with following command :\n\n```bash\ngo get github.com/birddevelper/gomologin\n\n```\n\n## How to use in your web application\n\n(You can read detailed tutorial with code example at [gomoloign user guide](https://mshaeri.com/blog/golang-login-manager-with-gomologin-package/))\n\nYou can easily setup and customize login process with **configure()** function. You should specify following paramters to make the Gomologin ready to start:\n\n- **Login page** : path to html template. Default path is ***./template/login.html***, note that the template must be defined as ****\"login\"**** with ***{{define \"login\"}}*** at the begining line\n\n- **Login path** : login http path. Default path is ***/login***\n\n- **Session timeout** : Number of seconds before the session expires. Default value is 120 seconds.\n\n- **Password encryption** : Password encryption function to apply on password before it compare with password stored in db. Default is ***EncNoEncrypt***\n\n- **SQL connection, and SQL query to authenticate user and fetch roles** : 2 SQL queries to retrieve user and its roles by given username and password. The authentication query must return only single arbitary column, it must have a where clause with two placeholder ::username and ::password. And the query for retrieving user's roles must return only the text column of role name.\n\n- **Wrap desired endpoints to protect** : You should wrap the endpoints you want to protect with ***gomologin.LoginRequired*** or ***gomologin.RolesRequired*** function in the main function.( see the example)\n\n***gomologin.LoginRequired*** requires user to be authenticated for accessing the wrapped endpoint/page.\n\n***gomologin.RolesRequired*** requires user to have specified roles in addition to be authenticated.\n\nSee the example :\n\n```Go\npackage main\n\nimport (\n\t\"database/sql\"\n\t\"fmt\"\n\t\"log\"\n\t\"net/http\"\n\t\"time\"\n\n\t\"github.com/birddevelper/gomologin\"\n\t_ \"github.com/go-sql-driver/mysql\"\n)\n\n// static assets like CSS and JavaScript\nfunc public() http.Handler {\n\treturn http.StripPrefix(\"/static/\", http.FileServer(http.Dir(\"./static\")))\n}\n\n// a page in our application, it needs user only be authenticated\nfunc securedPage() http.Handler {\n\treturn http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {\n\t\tfmt.Fprintf(w, \"Hi! Welcome to secured page.\")\n\t})\n}\n\n// another page in our application, it needs user be authenticated and have ADMIN role\nfunc securedPage2() http.Handler {\n\treturn http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {\n\t\tfmt.Fprintf(w, \"Hi! Welcome to very secured page.\")\n\t})\n}\n\n\nfunc main() {\n\t// create connection to database\n\tdb, err := sql.Open(\"mysql\", \"root:12345@tcp(127.0.0.1:6666)/mydb\")\n\tif err != nil {\n\t\tlog.Fatal(err)\n\t}\n\n\t// Gomologin configuration\n\tgomologin.Configure().\n\t\tSetLoginPage(\"./template/login.html\"). // set login page html template path\n\t\tSetSessionTimeout(90).                 // set session expiration time in seconds\n\t\tSetLoginPath(\"/login\").                // set login http path\n\t\t// set database connection and sql query\n\t\tAuthenticateBySqlQuery(\n\t\t\tdb,\n\t\t\t\"select id from users where username = ::username and password = ::password\", // authentication query\n\t\t\t\"select role from user_roles where userid = (select id from users where username = ::username)\") // fetch user's roles\n\n\t// instantiate http server\n\tmux := http.NewServeMux()\n\n\tmux.Handle(\"/static/\", public())\n\n\t// use Gomologin login handler for /login endpoint\n\tmux.Handle(\"/login\", gomologin.LoginHandler())\n\n\t// the pages/endpoints that we need to protect should be wrapped with gomologin.LoginRequired\n\tmux.Handle(\"/mySecuredPage\", gomologin.LoginRequired(securedPage()))\n\n\tmux.Handle(\"/mySecuredPage2\", gomologin.RolesRequired(securedPage2(),\"ADMIN\"))\n\n\t// server configuration\n\taddr := \":8080\"\n\tserver := http.Server{\n\t\tAddr:         addr,\n\t\tHandler:      mux,\n\t\tReadTimeout:  15 * time.Second,\n\t\tWriteTimeout: 15 * time.Second,\n\t\tIdleTimeout:  15 * time.Second,\n\t}\n\n\t// start listening to network\n\tif err := server.ListenAndServe(); err != nil {\n\t\tlog.Fatalf(\"main: couldn't start simple server: %v\\n\", err)\n\t}\n}\n\n```\n\nIt is mandatory to set the login form's username input as \"username\" and password input as \"password\". Note that the form must send form data as post to the same url (set no action attribute).\n\nHtml template for login page :\n\n```HTML\n{{define \"login\"}}\n\u003chtml\u003e\n    \u003cbody\u003e\n        \u003cH2\u003e\n            Login Page\n        \u003c/H2\u003e\n        \u003cform method=\"post\"\u003e\n            \u003c!-- username input with \"username\" name --\u003e\n            \u003cinput type=\"text\" name=\"username\" /\u003e\n            \u003cinput type=\"password\" name=\"password\" /\u003e\n            \u003cinput type=\"submit\" value=\"Login\" /\u003e\n        \u003c/form\u003e\n    \u003c/body\u003e\n\u003c/html\u003e\n\n{{end}}\n\n```\n\nYou can also store data in in-memory session storage in any type during user's session with **SetSession** function, and retrieve it back by **GetSession** function.\n\n```Go\nfunc securedPage2() http.Handler {\n\treturn http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {\n\t\t// get the session data, the request parameter is *http.Request\n\t\tage, err : = gomologin.GetSession(\"age\", request)\n\n\t\t// as the GetSession returns type is interface{}, we should specify the exact type of the session entry\n\t\tfmt.Printf(\"Your age is \" + age.(int))\n\t})\n}\n```\n\n**GetDataReturnedByAuthQuery** function returns the data of the column you specified in authentication SQL query. And with **GetCurrentUsername** you can get the current user's username.\n\n```Go\nfunc securedPage2() http.Handler {\n\treturn http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {\n\t\t\t// get the current user's username, the request parameter is *http.Request\n\t\t\tusername : = gomologin.GetCurrentUsername(request)\n\n\t\t\tfmt.Printf(\"Welcome \" + username)\n\t})\n}\n```\n\nTo logout users direct them to your **login url + ?logout=yes** for example if your login url is **/login** your application logout url will be **/login?logout=yes**\n\nYou can read detailed tutorial with code example at [gomoloign user guide](https://mshaeri.com/blog/golang-login-manager-with-gomologin-package/)\n\n\n## Todo list\n\n- mongoDB support\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbirddevelper%2Fgomologin","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbirddevelper%2Fgomologin","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbirddevelper%2Fgomologin/lists"}