https://github.com/mrinalxdev/web-auth

Authentication with sessions, csrf tokens and cookies
https://github.com/mrinalxdev/web-auth

Last synced: 5 months ago
JSON representation

Authentication with sessions, csrf tokens and cookies

• Host: GitHub
• URL: https://github.com/mrinalxdev/web-auth
• Owner: mrinalxdev
• Created: 2024-09-29T07:51:20.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-09-29T21:07:15.000Z (over 1 year ago)
• Last Synced: 2025-04-04T22:14:23.396Z (10 months ago)
• Language: Go
• Size: 268 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Web Authentication written in Go

![Caption](/img1.png)

## Register Function 

To register the user takes the password and stores it after hashing it !!

> Hashing is a function which converts the data into irreversible string which can be stored without the worry of being stolen

## Login Function

We use session and CSRF tokens here for the logging in of the users

Cross Site Request Forgery its an vulnearibilty which allows an attacker to trick user into performing unintended actions on a website

- Attacker creates a malicious website or email with a hidden form.

- Victim clicks on the link or submits the form.

- Browser sends a request to the targeted website.

- Website processes the request, assuming it's legitimate.

#### How this can be prevented ? 

A CSRF token is a unique, random value generated by the website and sent to the client with each request.

- Website generates a CSRF token and stores it in the user's session.

- Website includes the CSRF token in every form or request.

- Client sends the request with the CSRF token.

- Website verifies the CSRF token:

    - If valid, processes the request.

    - If invalid, rejects the request.