{"id":15035323,"url":"https://github.com/quentinb69/go-forward-auth","last_synced_at":"2025-04-09T23:06:31.329Z","repository":{"id":36981731,"uuid":"484551496","full_name":"quentinb69/go-forward-auth","owner":"quentinb69","description":"Lightweight Auth Server in Go","archived":false,"fork":false,"pushed_at":"2025-02-10T02:32:26.000Z","size":319,"stargazers_count":4,"open_issues_count":8,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-10T03:25:20.061Z","etag":null,"topics":["authentication","docker","forward-auth","go","jwt","needs-review","selfhosted","traefik"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/quentinb69.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-04-22T19:38:14.000Z","updated_at":"2025-02-10T02:32:30.000Z","dependencies_parsed_at":"2023-02-19T12:00:46.014Z","dependency_job_id":"298a5363-329e-44f0-9eed-fe0598ec2fb9","html_url":"https://github.com/quentinb69/go-forward-auth","commit_stats":{"total_commits":92,"total_committers":5,"mean_commits":18.4,"dds":0.5760869565217391,"last_synced_commit":"93d82eee000d1fd1b6cdabaa7805ee381c70e665"},"previous_names":["bubucmoi/go-forward-auth"],"tags_count":25,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quentinb69%2Fgo-forward-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quentinb69%2Fgo-forward-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quentinb69%2Fgo-forward-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/quentinb69%2Fgo-forward-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/quentinb69","download_url":"https://codeload.github.com/quentinb69/go-forward-auth/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":239073968,"owners_count":19577123,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","docker","forward-auth","go","jwt","needs-review","selfhosted","traefik"],"created_at":"2024-09-24T20:28:10.546Z","updated_at":"2025-02-16T00:32:14.416Z","avatar_url":"https://github.com/quentinb69.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GFA - go-forward-auth\n\n[![Ci](https://github.com/quentinb69/go-forward-auth/actions/workflows/ci.yml/badge.svg)](https://github.com/quentinb69/go-forward-auth/actions/workflows/ci.yml)\n[![CodeQL](https://github.com/quentinb69/go-forward-auth/actions/workflows/codeql-analysis.yml/badge.svg)](https://github.com/quentinb69/go-forward-auth/actions/workflows/codeql-analysis.yml)\n[![Docker](https://github.com/quentinb69/go-forward-auth/actions/workflows/docker.yml/badge.svg)](https://github.com/quentinb69/go-forward-auth/actions/workflows/docker.yml)\n\nLightweight GO server acting as a \"forward-auth\" middleware (in Traefik for instance).\n\nInspired by [sohamkamani's tuto](https://github.com/sohamkamani/go-session-auth-example) many thanks to him.\n\nUse at your own risk, not yet secured. Feel free to PR/Issue if you detect security issues :)\n\n## Endpoints\n- / for html rendering and forward-auth url \n  - return 401 and a \"Login page\" if no valid JWT and invalid credentials supplied\n  - return 300 if no valid JWT and valid credentials supplied (means you logged-in succesfully)\n  - return 300 and extend JWT if valid JWT near expiration date\n  - return 200 and a \"Welcome page\" if valid JWT\n- /logout to logout\n  - return 302 (means you logged-out succesfully)\n- /verify to valid claims\n  - return 200 if valid JWT\n  - return 403 otherwise\n\nTo log-in, credentials are supplied via Header \"Auth-Form\" (POST is not forwarded to middlewares by Traefik)\nGFA check if the website is allowed for the user (cf. configuration file and Aud. in JWT)\n\n## WIP\n- ~~jwt instead of cookie and session~~\n- ~~password saved as hash using bcrypt~~\n- ~~ssl with selfsigned cert~~\n- ~~choose config file from flag~~\n- ~~automatic image push on docker hub (quentinb69/go-forward-auth)~~\n- ~~pass header value such as username when valid JWT~~\n- ~~automatic test~~\n- ~~automatic lint (gofmt, etc...)~~\n- ~~use CSRF ? (not sure if needed)~~\n- ~~help tool for bcrypt~~\n- real documentation\n- reacto for cleaner code\n\n## Screenshot\nThe following screenshot shows the default login page.\n\n![GFA](login-screenshot.png)\n\n## Release\nAvailable as a docker image : [quentinb69/go-forward-auth](https://hub.docker.com/r/quentinb69/go-forward-auth)\n\n## Devonline\n- [Google Cloud Shell](https://shell.cloud.google.com/cloudshell/editor?cloudshell_git_repo=https://github.com/quentinb69/go-forward-auth.git)\n- [Github.dev](https://github.dev/quentinb69/go-forward-auth/)\n\n## License\nThe source code and binaries of GFA are subject to the MIT License.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquentinb69%2Fgo-forward-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fquentinb69%2Fgo-forward-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fquentinb69%2Fgo-forward-auth/lists"}