https://github.com/rest-go/auth

RESTFul Authentication and Authorization package for Golang app
https://github.com/rest-go/auth

authentication golang jwt rest-api

Last synced: 9 months ago
JSON representation

RESTFul Authentication and Authorization package for Golang app

• Host: GitHub
• URL: https://github.com/rest-go/auth
• Owner: rest-go
• License: apache-2.0
• Created: 2023-01-13T11:13:40.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2023-03-23T01:29:59.000Z (about 3 years ago)
• Last Synced: 2025-03-15T11:12:27.382Z (about 1 year ago)
• Topics: authentication, golang, jwt, rest-api
• Language: Go
• Homepage:
• Size: 110 KB
• Stars: 2
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
**Deprecated** This package has moved to [rest-go/rest repo](https://github.com/rest-go/rest/tree/main/pkg/auth)

# Auth

![ci](https://github.com/rest-go/auth/actions/workflows/ci.yml/badge.svg)

[![codecov](https://codecov.io/gh/rest-go/auth/branch/main/graph/badge.svg?token=T38FWXMVY1)](https://codecov.io/gh/rest-go/auth)

[![Go Reference](https://pkg.go.dev/badge/github.com/rest-go/auth.svg)](https://pkg.go.dev/github.com/rest-go/auth)

Auth is a RESTFul Authentication and Authorization package for Golang HTTP apps.

It handles the common tasks of registration, logging in, logging out, JWT token generation, and JWT token verification.

## Installation

```bash

$ go get github.com/rest-go/auth

```

## Usage

import `auth` to your app, create `auth.Handler` and `auth.Middleware` based on requirements.

``` go

package main

import (

	"log"

	"net/http"

	"github.com/rest-go/auth"

)

func handle(w http.ResponseWriter, req *http.Request) {

	user := auth.GetUser(req)

	if user.IsAnonymous() {

		w.WriteHeader(http.StatusUnauthorized)

	} else {

		w.WriteHeader(http.StatusOK)

	}

}

func main() {

	dbURL := "sqlite://my.db"

	jwtSecret := "my secret"

	authHandler, err := auth.NewHandler(dbURL, []byte(jwtSecret))

	if err != nil {

		log.Fatal(err)

	}

	http.Handle("/auth/", authHandler)

	middleware := auth.NewMiddleware([]byte(jwtSecret))

	http.Handle("/", middleware(http.HandlerFunc(handle)))

	log.Fatal(http.ListenAndServe(":8000", nil)) //nolint:gosec

}

```

## Setup database

Send a `POST` request to `/auth/setup` to set up database tables for users. This

will also create an admin user account and return the username and password in

the response.

```bash

$ curl -XPOST "localhost:8000/auth/setup"

```

## Auth handler

The `Auth` struct implements the `http.Hanlder` interface and provides the below endpoints for user management.

1. Register

```bash

$ curl  -XPOST "localhost:8000/auth/register" -d '{"username":"hello", "password": "world"}'

```

2. Login

```bash

$ curl  -XPOST "localhost:8000/auth/login" -d '{"username":"hello", "password": "world"}'

```

3. Logout

Currently, the authentication mechanism is based on JWT token only, logout is a no-op on the

server side, and the client should clear the token by itself.

```bash

$ curl  -XPOST "localhost:8000/auth/logout"

```

## Auth middleware and `GetUser`

Auth middleware will parse JWT token in the HTTP header, and when successful,

set the user in the request context, the `GetUser` method can be used to get the

user from the request.

``` go

user := auth.GetUser(req)

```