Top 14 Go Auth Projects

• casbin

  14 11,932 7.5 Go

  An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

  

  Project mention: I made a complete Team support in React for my App: a Multi-tenancy SaaS. Live demo in the comments | reddit.com/r/reactjs | 2022-04-24

  Do you have any experience? How does it compare to other alternative like https://casbin.org, https://casl.js.org? There are tons of libraries, actually I'm little bit lost.

• jwt

  5 2,545 7.1 Go

  Community maintained clone of https://github.com/dgrijalva/jwt-go (by golang-jwt)

  

  Project mention: Fast & simple JWT for Go (v4.0.0 released) | reddit.com/r/golang | 2022-04-18

• SonarLint

  www.sonarlint.org

  sponsored

  Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  

• fosite

  0 1,842 7.8 Go

  Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.

  

• aws-iam-authenticator

  5 1,797 7.7 Go

  A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster

  

  Project mention: Launch HN: Infra (YC W21) – Open-source access management for Kubernetes | news.ycombinator.com | 2022-05-17

  As someone who is a big fan of Teleport, sorry, I just don't get it.

  > Teleport doesn't provide identity provider integrations beyond GitHub (e.g. Okta) in their open source project

  Right, and if you're a small team (5-10 people, like you're targeting) you don't really need SSO on the infra layer. It's a nice to have, it's best practice, but the truth is, by the time you really need it (enough engineers that account management is a pain), you typically have the budget for an Enterprise license.

  > They have a different architecture that involves deploying a centralized proxy service (whereas Infra verifies credentials at the destination infrastructure vs at a central proxy).

  So anyway you need to deploy something central to issue certificates. And anyway, if, to quote you, "We plan to make money by running a managed service version of Infra so teams don’t need to host and upgrade Infra manually.", isn't that the central proxy service? Yet the open-source version avoids it somehow?

  > We plan to make money by running a managed service version of Infra so teams don’t need to host and upgrade Infra manually

  So you want to sell to teams that a) are too small to afford the license for a product like Teleport Enterprise, b) have enough money that they can afford a premium product above and beyond the free offering provided by their Kubernetes vendor, like https://github.com/kubernetes-sigs/aws-iam-authenticator (for EKS), c) are willing to install and maintain another agent on their cluster (infra), but aren't willing to install and maintain the central proxy point?

  > we've designed Infra around an extensible REST API from the start whereas Teleport uses GRPC.

  This isn't really important from a product perspective. For what it's worth, Teleport started with a REST API; they moved to gRPC because, if I recall correctly, gRPC helped them scale to support larger infrastructure better.

  If you're launching a competing product to Teleport, which is now by far the most mature product in the space, then currently, at least from where I'm sitting, you aren't offering sufficient added value compared to the incumbent offerings, which also include CloudFlare Access, Checkpoint Harmony Connect SASE, Hashicorp Boundary (their offerings aren't quite Kubernetes native, but it's the same idea)...

• paseto

  1 595 0.0 Go

  Platform-Agnostic Security Tokens implementation in GO (Golang) (by o1egl)

  Project mention: Am I doing authorization correctly? I'm doing http-only cookie-based auth and to get the current user I call an API route that reads the cookie and returns the info | reddit.com/r/golang | 2021-08-15

  Check out paseto tokens

• caddy-security

  6 380 8.6 Go

  🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐

  Project mention: Best Applications To Use For 2FA For VPN Connections Into Local LAN? | reddit.com/r/selfhosted | 2022-04-28

• go-guardian

  0 366 3.3 Go

  Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.

• Scout APM

  scoutapm.com

  sponsored

  Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  

• mosquitto-go-auth

  1 319 4.4 Go

  Auth plugin for mosquitto.

  Project mention: Which MQTT broker comes with SQL database authentication? | reddit.com/r/MQTT | 2022-01-15

• restish

  4 309 8.5 Go

  Restish is a CLI for interacting with REST-ish HTTP APIs with some nice features built-in

  Project mention: Mapping OpenAPI to the CLI | dev.to | 2022-04-15

  In this post we'll explore Restish, a CLI for APIs with built-in OpenAPI support. How does it go from an OpenAPI service description to CLI commands & arguments? Read on to find out!

• gotrue

  17 222 9.4 Go

  A JWT based API for managing users and issuing JWT tokens (by supabase)

  

  Project mention: Questions around do's and don'ts for unauthenticated writes | reddit.com/r/Supabase | 2022-04-06

  Hey folks... so supabase has yet to implement anonymous sign in ... Curious if I'd be able to accomplish the following, and whether the following is a big no-no.

• casbin-server

  1 217 4.2 Go

  Casbin as a Service (CaaS)

  

  Project mention: Why Authorization Is Hard | news.ycombinator.com | 2021-09-15

  casbin is super flexible and it support many models[1]

  [0]https://casbin.org/docs/en/service

• auth-server

  2 60 5.1 Go

  Simple authentication and authorization server

  Project mention: Set up your own authentication and authorization server | reddit.com/r/selfhosted | 2021-10-18

• Coze

  3 8 4.8 Go

  Coze is a cryptographic JSON messaging specification designed for human readability.

  

  Project mention: Do you guys use JWT or Paseto? | reddit.com/r/learnprogramming | 2022-05-19

• fiber-jwt

  1 7 4.6 Go

  JWT for fiber

  Project mention: New version of JWT middleware for Fiber (v2.16.0) | reddit.com/r/golang | 2021-08-03

  Just published new release of my version of JWT library for Fiber web-framework: https://github.com/LdDl/fiber-jwt/releases/tag/v2.16.0

Go Auth related posts

• Do you guys use JWT or Paseto?
  1 project | reddit.com/r/learnprogramming | 19 May 2022
• Hi , I'm using laravel as an api with react js and I want to implement JWT in my project. I heard about laravel passport, sanctum and other libraries like jwt-auth ? I don't know which one is better and what do you recommend?
  2 projects | reddit.com/r/laravel | 15 May 2022
• Questions around do's and don'ts for unauthenticated writes
  1 project | reddit.com/r/Supabase | 6 Apr 2022
• My open source contribution to Supabase.
  1 project | dev.to | 16 Mar 2022
• Kubernetes Cluster Authentication using AWS IAM
  1 project | dev.to | 9 Feb 2022
• New user. Migrations? Seed data? Local dev db? Prisma?
  1 project | reddit.com/r/Supabase | 6 Feb 2022
• Open source authentication and authorization solution
  2 projects | reddit.com/r/golang | 4 Feb 2022

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Get the trending Go projects
with our weekly report!
» Subscribe «