{"id":15691674,"url":"https://github.com/posener/auth","last_synced_at":"2025-05-08T01:15:37.977Z","repository":{"id":57574839,"uuid":"353984461","full_name":"posener/auth","owner":"posener","description":"Painless OAuth authentication middleware","archived":false,"fork":false,"pushed_at":"2021-09-15T10:53:09.000Z","size":76,"stargazers_count":9,"open_issues_count":0,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-05-08T01:15:32.438Z","etag":null,"topics":["go","golang","google","google-api","http","middleware","oauth2"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/posener.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-04-02T10:24:16.000Z","updated_at":"2024-08-17T19:55:15.000Z","dependencies_parsed_at":"2022-09-18T06:20:31.747Z","dependency_job_id":null,"html_url":"https://github.com/posener/auth","commit_stats":null,"previous_names":["posener/googleauth"],"tags_count":10,"template":false,"template_full_name":"posener/go-template","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/posener%2Fauth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/posener%2Fauth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/posener%2Fauth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/posener%2Fauth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/posener","download_url":"https://codeload.github.com/posener/auth/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252978808,"owners_count":21834920,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["go","golang","google","google-api","http","middleware","oauth2"],"created_at":"2024-10-03T18:22:56.451Z","updated_at":"2025-05-08T01:15:37.946Z","avatar_url":"https://github.com/posener.png","language":"Go","readme":"# auth\n\n[![codecov](https://codecov.io/gh/posener/auth/branch/master/graph/badge.svg)](https://codecov.io/gh/posener/auth)\n[![GoDoc](https://img.shields.io/badge/pkg.go.dev-doc-blue)](http://pkg.go.dev/github.com/posener/auth)\n\nackage auth provides painless OAuth2 authentication for http handlers.\n\nAfter creating an Auth object, the `RedirectHandler` should be mounted to answer the\ncfg.OAuth2.RedirectURL http calls and the `Authenticate` method can be used to enforce\nauthentication on http handlers.\nThe `User` function can be used to get the logged in user in an authenticated http handler.\n\nSee simple usage example in [./example/main.go](./example/main.go).\n\n```go\na, err := auth.New(ctx, auth.Config{ ... })\nif err != nil { /* Handle error */ }\n\nmux := http.NewServeMux()\nmux.Handle(\"/\", a.Authenticate(handler))  // Authenticate a given handler on '/'.\nmux.Handle(\"/auth\", a.RedirectHandler())  // Handle OAuth2 redirect.\nlog.Fatal(http.ListenAndServe(\":8080\", mux)) // Serve.\n```\n\n## Authentication\n\nAuthentication is done by wrapping an `http.Handler` that requires only signed in users\nwith the `Authenticate` middleware method.\n\n## Authorization\n\nAuthorization is allowing only specific users to access an `http.Handler`. For example, allowing\nonly john@gmail.com, or anyone that signed in using their @example.com. This can be done by\ninspecting the username using the `auth.User(ctx)` method, inside the authenticated `http.Handler`.\nFor example, given a function `authorized` that checks if the signed-in user is authorized:\n\n```go\nfunc handler(w http.ResponseWriter, r *http.Request) {\n\tcreds := auth.User(r.Context())\n\tif !authorized(creds) {\n\t\t// Handle unauthorized users.\n\t\thttp.Error(w, \"User not allowed\", http.StatusForbidden)\n\t\treturn\n\t}\n\t// Handle authorized users.\n}\n\n// authorized is an example function that checks if a user is authorized.\nfunc authorized(creds *auth.Creds) bool { return creds.Email == \"john@gmail.com\" }\n```\n\n## Features\n\n- [x] Automatic redirects to OAuth2 flow (login screen) from authorized handlers when user\nis not authenticated.\n\n- [x] Redirect handler automatic redirects to the path that requested to the authentication. Such\nthat if user visited /foo and was sent to the OAuth2 login. After successfull login it\nwill return to /foo.\n\n- [x] Auth2 id_token is automatically stored in a Cookie. This allows users not to go through\nthe authentication phase on every authenticated page, or on different sessions.\n\n## Sub Packages\n\n* [example](./example): The example program shows how to use the auth package.\n\n---\nReadme created from Go doc with [goreadme](https://github.com/posener/goreadme)\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fposener%2Fauth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fposener%2Fauth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fposener%2Fauth/lists"}