https://github.com/suyashkumar/auth

A simple Golang authentication library with batteries included (hashing, permissions, validation, etc)
https://github.com/suyashkumar/auth

auth authentication automatic-authentication golang library login

Last synced: 2 months ago
JSON representation

A simple Golang authentication library with batteries included (hashing, permissions, validation, etc)

• Host: GitHub
• URL: https://github.com/suyashkumar/auth
• Owner: suyashkumar
• License: mit
• Created: 2018-02-05T05:15:24.000Z (over 7 years ago)
• Default Branch: master
• Last Pushed: 2018-08-22T04:33:04.000Z (almost 7 years ago)
• Last Synced: 2025-02-28T05:47:59.278Z (3 months ago)
• Topics: auth, authentication, automatic-authentication, golang, library, login
• Language: Go
• Homepage:
• Size: 29.3 KB
• Stars: 5
• Watchers: 4
• Forks: 0
• Open Issues: 6
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# auth

[![Godoc Reference](https://godoc.org/github.com/suyashkumar/auth?status.svg)](https://godoc.org/github.com/suyashkumar/auth)

[![Go Report Card](https://goreportcard.com/badge/github.com/suyashkumar/auth)](https://goreportcard.com/report/github.com/suyashkumar/auth)

A simple (but opinionated) Golang authentication library with a very simple interface (below). You can use this library to pull in core authentication functionality (minting tokens, validating tokens, & registering) to your application quickly and easily. 

```go

type Auth interface {

	Register(user User, password string) error

	GetToken(email string, password string, reqPermissions Permissions) (token string, err error)

	Validate(token string) (*Claims, error)

}

```

A gRPC microservice wrapping this interface is in progress and can be found at [suyashkumar/auth-grpc](https://github.com/suyashkumar/auth-grpc).

You only need to provide a database `connectionString` and `signingKey`, and everything else is taken care of for you including:

* table and database setup (including uniqueness constraints and useful indicies)

* hashing passwords using `bcrypt` on register

* comparing hashed passwords on login

* validation of new user fields like "Email" (TBD)

* encoding and extraction of key fields stored in the JSON Web Token (JWT)

* ensuring that a token's requested permissions does not exceed the user's maximum permission level

A minimal example is below:

```go

a, _ := auth.NewAuthenticator(db_string, signing_key)

u := auth.User{

	UUID:               uuid.NewV4(),

	Email:              "[email protected]",

	MaxPermissionLevel: auth.PERMISSIONS_USER,

}

// Register a new user

a.Register(u, "password")

// Login as user

token, err := a.GetToken(u.Email, "password", auth.PERMISSIONS_USER)

if err != nil {

	log.Fatal(err)

}

fmt.Printf("JWT Token: %s\n\n", token)

// Validate the user's token

claims, _ := a.Validate(token)

fmt.Printf("%+v", claims)

```