{"id":21519732,"url":"https://github.com/hashi7412/tokenbased-authentication","last_synced_at":"2026-06-08T16:05:54.653Z","repository":{"id":180243977,"uuid":"664822951","full_name":"hashi7412/tokenbased-authentication","owner":"hashi7412","description":"This repository implement Token-based Authentication with Golang and MySQL Server","archived":false,"fork":false,"pushed_at":"2023-08-02T21:01:21.000Z","size":30,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-09-22T09:00:07.781Z","etag":null,"topics":["authentication","golang","hashi7412","mysql","practice","shinobi","token-based-authentication"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hashi7412.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-07-10T20:37:52.000Z","updated_at":"2023-08-03T02:19:59.000Z","dependencies_parsed_at":null,"dependency_job_id":"504ef8be-0381-42a9-81eb-5bb5b18c1a26","html_url":"https://github.com/hashi7412/tokenbased-authentication","commit_stats":null,"previous_names":["hashi7412/tokenbased-authentication","partner20307/tokenbased-authentication","squaremost/tokenbased-authentication"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/hashi7412/tokenbased-authentication","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashi7412%2Ftokenbased-authentication","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashi7412%2Ftokenbased-authentication/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashi7412%2Ftokenbased-authentication/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashi7412%2Ftokenbased-authentication/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hashi7412","download_url":"https://codeload.github.com/hashi7412/tokenbased-authentication/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hashi7412%2Ftokenbased-authentication/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34069527,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-08T02:00:07.615Z","response_time":111,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","golang","hashi7412","mysql","practice","shinobi","token-based-authentication"],"created_at":"2024-11-24T00:59:58.439Z","updated_at":"2026-06-08T16:05:54.635Z","avatar_url":"https://github.com/hashi7412.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# tokenbased-authentication\n\nImplement Token-based Authentication with Golang and MySQL Server 👏👏👏\n\n## Install this app\n\n1. Create the database in local\n```\nuser: \"root\"\npassword: \"\"\ndatabase name: \"goblog\"\n```\n\n2. Clone this repository\n```\ngit clone https://github.com/hashi7412/tokenbased-authentication.git \u003cdir_name\u003e\n```\n\n3. Download Golang packages that are used for this app\n```\ncd \u003cdir_name\u003e\n\ngo get github.com/go-sql-driver/mysql\n\ngo get golang.org/x/crypto/bcrypt\n```\n\n4. Run this app\n```\ngo run ./\n```\n\n5. Test this app\nSSH to your server on another terminal\n\nAdd an user to database\n```\ncurl -X POST http://localhost:8081/registrations -H \"Content-Type: application/x-www-form-urlencoded\" -d \"username=john_doe\u0026password=EXAMPLE_PASSWORD\"\n```\n\nGet a time-based token using user's credential in request of `/authentications`\n```\ncurl -u john_doe:EXAMPLE_PASSWORD http://localhost:8081/authentications\n```\n\nQuery any resource that allows authentication using the time-based token: Copy the value of `auth_token` and execute the `curl` command below and include your token in an `Authorization` header proceded by the term `Bearer`\n```\ncurl -H \"Authorization: Bearer \u003cauth_token\u003e=\" http://localhost:8081/test\n```\n\nAttempt authenticating to the application using an invalid token (ex: `fakerandomtoken`)\n```\ncurl -H \"Authorization: Bearer fakerandomtoken\" http://localhost:8081/test\n```\n\nAttempt requesting a token without a valid user account\n```\ncurl -u john_doe:WRONG_PASSWORD http://localhost:8081/authentications\n```\n\n\n## Guide this repository\n\nThis repository is for authentication implementation based token with Golang using MySQL as a database\n\n### [main.go](https://github.com/hashi7412/tokenbased-authentication/blob/main/main.go)\n\n- main()\nIn main function which is executed first when the app is runned, implemented a handler function for multiple URL paths that provide functionalities.\n\nFor example\n```\nhttp.HandleFunc(\u003cpath\u003e, \u003chandler\u003e)\n```\n\n- registrationsHandler()\n\nThe `registrationsHandler` function retrieves submitted `username` and `password` for any users you're adding to your system and directs the same to a `registerUser` function in a `registrations.go` file which you'll create next.\n\n- authenticationsHandler()\n\nThen, the `authenticationsHandler` extracts log in credentials(`username` and `password`) using the statement `req.BasicAuth()`. Then, it passes these details to a `generateToken` function under an `authentication.go` file, which you'll create later. In case the credentials match a valid account on the `system_users` table, you're issuing the user with a token.\n\n- testResourceHandler()\n\nNext, you have the `testResourceHandler` function. Under this function, you're retrieving the time-based token from the `Authorization` header submitted by the client's request. Then, you're passing it to a `validateToken` function under the `authentication.go` file to check if the token is valid. You're then greeting any authenticated user with a welcome message.\n\n### [registrations.go](https://github.com/hashi7412/tokenbased-authentication/blob/main/registrations.go)\n\nThe above file has a single `registerUser` function that inserts data into your `goblog` database in the `system_users` table. You're using the statement `hashedPassword, _ := bcrypt.GenerateFromPassword([]byte(password), 14)` to hash the plain-text passwords for security purposes. The function returns a `Success` message once you've created a user into the database.\n\nYou've imported the `database/sql`, `github.com/go-sql-driver/mysql`, and `golang.org/x/crypto/bcrypt` packages to implement MySQL database and password hashing functions.\n\n### [authentications.go](https://github.com/hashi7412/tokenbased-authentication/blob/main/authentications.go)\n\nIn the `generateToken` function, you're accepting a `username` and a `password`. Then, you're running a `SELECT` statement against the `system_users` table to check if a record exists with that username. You're then using the statement `if err == sql.ErrNoRows {}` to determine if there is a matching row for the user. If the user doesn't exist, you're throwing an `Invalid username or password`. error. However, if there is a matching record, you're using the statement `bcrypt.CompareHashAndPassword([]byte(accountPassword), []byte(password))` to determine if the account's password and the supplied password match.\n\nNext, you're using `randomToken := make([]byte, 32)` and `_, err = rand.Read(randomToken)` statements to generate a random token for the user. You're later encoding the token to `base64` using the statement `base64.URLEncoding.EncodeToString(...)`. then, you're permanently saving the token to the authentication_tokens table.\n\nIn the `validateToken` function, you're checking the provided token on the `authentication_tokens` table to see if there is a match. If the token is valid, you're returning detailed information about the token, including the matching user's details and token values. Otherwise, you're throwing an error to the calling function.\n\nYou're using the statement if `expiryTime.Before(currentTime) {...}` to check if the token has expired.\n\n### [dbconn.go](https://github.com/hashi7412/tokenbased-authentication/blob/main/dbconn.go)\n\nThis file has `dbConn()` function to connect database. If it has error, it will stop this program immediately with `panic` finction\n\n## Conclusion\n\nIn this repository, we've implemented token-based authentication with Golang and MySQL\n\nHere is some repositories for your guide:\n\n- [Hands-on Go](https://github.com/hashi7412/handson-go)\n- [Implementing interface from different package golang](https://github.com/hashi7412/multi-packages-interface)\n- [Unmarshalling dynamic JSON in Golang](https://github.com/hashi7412/unmarshalling-dynamic-json)\n- [Example of Golang CRUD using MySQL from scratch](https://github.com/hashi7412/CRUD-with-MySQL)\n- [Golang RESTful API using GORM and Gorilla Mux](https://github.com/hashi7412/RestfulAPI-with-GORM-and-GorillaMux)\n\nThank you for looking at this repository. 👋\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhashi7412%2Ftokenbased-authentication","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhashi7412%2Ftokenbased-authentication","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhashi7412%2Ftokenbased-authentication/lists"}