github.com/smhanov/auth
Package auth provides boring user authentication code for golang.
Download:
go get github.com/smhanov/auth
Package auth provides boring user authentication code for golang.
Because I'm tired of writing the same things over and over again.
Provides a complete user authentication system, including:
Email / password
Facebook / Google authentication
SAML authentication, redirecting to the appropriate authority by email address. Users can have different SSO providers.
Change of password / email
Forgotten passwords
Rate limiting requests
Tested with SQLITE and Postgresql. To use it, create a database using the sqlx module, and then create an auth.UserDB from that, and then call auth.New() to create an HTTP handler for "/user/" (note the trailing slash). It provides the following endpoints which work with GET and POST. It also allows CORS and OPTIONS requests.
All HTTP responses might have the additional "Status" header which is a user-readable explanation of what went wrong.
/user/auth has two cases. In case one, pass "email" and "password" and you will receive either an HTTP error, or the UserInfo structure.
In the second case, use "method" and "token" to perform oauth authentication. This will either sign in or create a new user. If the method is "facebook" or "google" then the token is used to get the user's email from the authority's servers.
/user/create will create a password user, using the "email" and "password".
/user/get will retrieve the user's information and return it as JSON, or return code 401 if not signed in.
/user/signout will forget the user's session cookie. It always returns code 200
/user/update takes two parameters, "email" and "password". If email is non-blank, it changes the user's email. If password is non-blank, it changes the password.
/user/oauth/add performs takes three parameters, "method", "token" and "update_email". It performs oauth authentication and adds the authentication to the user's account so they can later sign in. If "update_email" is true, it also changes the user's email address to the one provided by the oauth provider.
/user/oauth/remove removes the oauth method from the user's account. The only parameter is "method" which can be "facebook" or "google"
/user/forgotpassword just takes an "email" parameter and "url". If the user exists in the system, it sends an email with the password reset token to the user's email address. Otherwise it returns a sensible error message in the Status header.
The url parameter must have "${TOKEN}" in it which is replaced with the token generated in the email message.
/user/resetpassword takes the "token" parameter and "password". It will update the user's password and also sign them in, returning UserInfo.
Auth will automatically create database tables if they do not exist to hold users, sessions, oauth data, and password reset tokens. Passwords are stored as salted values returned by bcrypt. You can see the schema in schema.go
Automatically generated by autoreadme on 2019.04.11
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
New CNA status enables OpenJS Foundation to assign CVEs for security vulnerabilities in projects like ESLint, Fastify, Electron, and others, while leaving disclosure responsibility with individual maintainers.
Product
Socket MCP brings real-time security checks to AI-generated code, helping developers catch risky dependencies before they enter the codebase.
Security News
As vulnerability data bottlenecks grow, the federal government is formally investigating NIST’s handling of the National Vulnerability Database.