https://github.com/tdewolff/auth

Go social authorizations using OAuth
https://github.com/tdewolff/auth

Last synced: 2 months ago
JSON representation

Go social authorizations using OAuth

Host: GitHub
URL: https://github.com/tdewolff/auth
Owner: tdewolff
License: mit
Created: 2017-09-10T18:39:09.000Z (almost 8 years ago)
Default Branch: master
Last Pushed: 2019-03-21T11:20:51.000Z (about 6 years ago)
Last Synced: 2025-03-26T21:11:19.762Z (3 months ago)
Language: Go
Size: 25.4 KB
Stars: 10
Watchers: 2
Forks: 3
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.md

Awesome Lists containing this project

README

        # Auth 

Auth is a package that provides OAuth endpoints for social logins and issues a JWT to be used for subsequent API calls.

Supported:

* Google

* Facebook

* GitHub

## Security

*Client* - front-end web application, ie. the browser that the user controls

*Server* - our API server that requires authentications for its endpoints

*Provider* - the OAuth2 service that provides us with authorization to the user's data

### CSRF

In order to prevent CSRF, or at least mitigate it, a few measures have been implemented.

* Using proper CORS headers we prevent API requests from other websites using browsers (does not prevent native apps from making requests).

* By checking both the `Origin` header and the `Referrer` header, making sure it is the same as the server's host. This prevents users from being redirected into a POST action from another website.

## License

Released under the [MIT license](LICENSE.md).

[1]: http://golang.org/ "Go Language"

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/tdewolff/auth

Awesome Lists containing this project

README