https://github.com/beretta350/golang-authentication-api

A simple lightweight authentication API built in Golang designed to be a fast and easy start for other projects.
https://github.com/beretta350/golang-authentication-api

bcrypt csrf csrf-protection docker docker-compose gin gin-framework gin-gonic go golang integration-testing jwt jwt-auth jwt-authentication jwt-token mongo mongodb test-automation testcontainers xss

Last synced: about 1 month ago
JSON representation

A simple lightweight authentication API built in Golang designed to be a fast and easy start for other projects.

• Host: GitHub
• URL: https://github.com/beretta350/golang-authentication-api
• Owner: Beretta350
• License: mit
• Created: 2024-05-04T21:25:13.000Z (6 months ago)
• Default Branch: main
• Last Pushed: 2024-07-10T23:08:10.000Z (4 months ago)
• Last Synced: 2024-09-27T17:22:10.273Z (about 2 months ago)
• Topics: bcrypt, csrf, csrf-protection, docker, docker-compose, gin, gin-framework, gin-gonic, go, golang, integration-testing, jwt, jwt-auth, jwt-authentication, jwt-token, mongo, mongodb, test-automation, testcontainers, xss
• Language: Go
• Homepage:
• Size: 120 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Golang Authentication API

![Golang](https://img.shields.io/badge/Go-00ADD8?style=for-the-badge&logo=go&logoColor=white)

![JWT](https://img.shields.io/badge/JWT-black?style=for-the-badge&logo=JSON%20web%20tokens)

![Docker](https://img.shields.io/badge/Docker-2CA5E0?style=for-the-badge&logo=docker&logoColor=white)

![MongoDB](https://img.shields.io/badge/MongoDB-%234ea94b.svg?style=for-the-badge&logo=mongodb&logoColor=white)

A simple lightweight authentication API built in Golang designed to be a fast and easy start for other projects. It includes JWT token generation for secure authentication, bcrypt cryptography for password hashing, and MongoDB for storing user credentials. This API also tries to avoid CSRF and XSS attacks to ensure basic levels of security.

## Layout

The project focuses on enabling a fast and easy start. Thinking on that, nothing better than the [**golang standards project layout**](https://github.com/golang-standards/project-layout). A well known layout among Go users that encourages best practices like modularization and separation of concerns, which can improve code quality and scalability. 

So, if you have questions about the layout check the **link above**!

## Key Technologies

- [**GIN (Web Framework)**](https://github.com/gin-gonic/gin): The application leverages the Gin web framework to handle HTTP requests, routing, and middleware, ensuring fast and scalable API development.

- [**JWT (JSON Web Token)**](https://jwt.io/): JWT token creation, validation, and parsing to provide a secure and efficient way to manage authentication and authorization in the application.

- [**Bcrypt (Cryptography package)**](https://pkg.go.dev/golang.org/x/crypto): Securely hash and compare passwords providing a reliable method for storing and verifying passwords, ensuring that user credentials are protected against unauthorized access.

- [**Testcontainers**](https://golang.testcontainers.org/): Testcontainers is a library for creating lightweight, disposable Docker containers for automated tests. It enables reliable and reproducible test environments, ensuring consistent integration testing by mimicking production-like setups.

- [**Docker**](https://www.docker.com/): Docker is used to containerize the application, making it easy to manage dependencies and ensure consistency across different environments.

- [**MongoDB**](https://www.mongodb.com/): NoSQL database with a robust and efficient way to perform CRUD operations, query data, and manage transactions in the application.

## Get Started

To get started with the authentication api, follow these steps:

1. Clone the repository to your local machine.

2. Ensure you have Golang and Docker installed.

3. Build and run the application using Docker Compose. 

    - ```docker compose up -d --build```

4. Access the application's API endpoints from **localhost:8080** to interact with the authetication api.

## Usage

Use the API endpoints to manage your users effectively.

## Example API Endpoints

- `GET /user?id=`: Get user infos.

- `GET /refreshToken`: Refresh access token using refresh token.

- `POST /login`: Login with user credentials (returns JWT with user ID claim).

- `POST /save`: Create a new user.

- `PUT /update?id=`: Update user data.

- `DELETE /delete?id=`: Delete user.

**OBS: Passwords must be at least 8 characters long**

## Testing

The application is covered by integration tests focused on verifying that the application works correctly as a whole.

Run integration tests:

- ```go test github.com/Beretta350/authentication/tests/integration```

**OBS: Becareful with timeout setted, the integration tests running time is arround 100s**

## Contributions

We welcome contributions to this authentication api. If you're interested in enhancing or extending its functionality, feel free to create pull requests or open issues on the repository.

Enjoy using this simple lightweight authentication API built with Golang and Gin!