Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/darkness4/auth-htmx

Experiment with Go + HTMX and OAuth2/OIDC + WebAuthn
https://github.com/darkness4/auth-htmx

go htmx oauth2 oidc sql ssr webauthn

Last synced: about 5 hours ago
JSON representation

Experiment with Go + HTMX and OAuth2/OIDC + WebAuthn

Host: GitHub
URL: https://github.com/darkness4/auth-htmx
Owner: Darkness4
License: apache-2.0
Created: 2023-07-08T01:20:58.000Z (over 1 year ago)
Default Branch: main
Last Pushed: 2025-01-13T18:16:49.000Z (8 days ago)
Last Synced: 2025-01-14T16:23:11.453Z (7 days ago)
Topics: go, htmx, oauth2, oidc, sql, ssr, webauthn
Language: Go
Homepage: https://auth-htmx.mnguyen.fr
Size: 320 KB
Stars: 97
Watchers: 3
Forks: 4
Open Issues: 1
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Go + HTMX + OAuth2/OIDC + WebAuthn

A very simple example HTMX with OAuth2 with:

- Go HTML templating engine.
- HTMX solution for SSR.
- OAuth2 with Github Auth and OIDC. OAuth2 delegates authentication to another authentication service. OIDC provides identities.
- CSRF protection measures for OAuth2 and all requests.
- SQLite3 with sqlc and golang-migrate.
- Optional users in database as Identity Provider. Authentication is through WebAuthn, a solution to delegate authentication directly to the user.
- JWT is used a session token.

Embellishment:

- Notyf to notify about errors, include HTMX errors.
- Added Hyperscript for edge cases.

## Motivation

For the hype.

## Usage

1. Edit the config.yaml to set the OAuth2 providers.

2. Set the necessary parameters or environment variables:

```shell
## .env.local
## A 32 bytes hex secret ()
CSRF_SECRET=51b22632498f26d9131c4743b72c362567b5b4c96ac5e0f4fef7cb58ecac5684
## A unique string secret
JWT_SECRET=secret
## PUBLIC_URL will be used as redirect url which is ${PUBLIC_URL}/callback
PUBLIC_URL=http://localhost:3000 # redirectURL: http://localhost:3000/callback
DB_PATH=/data/db.sqlite3
# CONFIG_PATH=/path/to/config.yaml
```

3. Run the binary:

```shell
./auth-htmx
```

**Help**:

```
NAME:
auth-htmx - Demo of Auth and HTMX.

USAGE:
auth-htmx [global options] command [command options] [arguments...]

COMMANDS:
help, h Shows a list of commands or help for one command

GLOBAL OPTIONS:
--csrf.secret value A 32 bytes hex secret [$CSRF_SECRET]
--jwt.secret value A unique string secret [$JWT_SECRET]
--config.path value, -c value Path of the configuration file. (default: "./config.yaml") [$CONFIG_PATH]
--public-url value An URL pointing to the server. (default: "http://localhost:3000") [$PUBLIC_URL]
--db.path value SQLite3 database file path. (default: "./db.sqlite3") [$DB_PATH]
--help, -h show help
--version, -v print the version
```

## Application Flow

- A home page:
- Show login button if not logged in.
- Else, show a welcome with routing.
- A protected counter page.

The login process follows the standard OAuth2 process, which is fully documented on [GitHub](https://docs.github.com/en/apps/oauth-apps/building-oauth-apps/authorizing-oauth-apps).

Fetching identity is through OIDC or GitHub API.