Building a great tech team takes more than a paycheck. Zero payroll costs, get AI-driven insights to retain best talent, and delight them with amazing local benefits. 100% free and compliant. Learn more →
Top 23 Go Authentication Projects
Open Source realtime backend in 1 fileProject mention: Show HN: SpacetimeDB – The database that replaces your server | news.ycombinator.com | 2023-08-16
Really cool project, thanks for making it available for others to look at. It really reminds me of https://pocketbase.io/ which has sorta the same idea and can be extended with go/js. How does the database work under the hood? Is it also based on sqlite? Are rust modules built with a special runtime in mind like tokio or?
The Single Sign-On Multi-Factor portal for web appsProject mention: Why would anyone need AD/AAD when you can manage devices through Saltstack? | /r/sysadmin | 2023-08-05
https://github.com/saltstack/salt https://github.com/chocolatey/choco https://github.com/nextcloud https://github.com/authelia/authelia https://github.com/grafana/grafana
Free Global Payroll designed for tech teams. Building a great tech team takes more than a paycheck. Zero payroll costs, get AI-driven insights to retain best talent, and delight them with amazing local benefits. 100% free and compliant.
An open-source Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, WebAuthn, TOTP, MFA and RADIUSProject mention: CSRF Vulnerability Leads to Account Takeover in Casdoor IdP | news.ycombinator.com | 2023-09-21
Golang gRPC Middlewares: interceptor chaining, auth, logging, retries and more.Project mention: Seeking advice on implementing a tinyurl-like service using Go and gRPC. | /r/golang | 2023-05-24
Hello, Those interviews are even crazy for internship. Anyway 1. Try to find a simple CRUD example online. You can check [this](https://tutorialedge.net/golang/go-grpc-beginners-tutorial/) 2. For logging you can check [go-grpc-middleware](https://github.com/grpc-ecosystem/go-grpc-middleware) 3. You can grpc-gateway in case they want some REST endpoints too 4. Use base62 to encode your url. So at least 2 columns in your table **shortenedUrl** and **url** 5. For such a project no need to use an ORM ( it's not advised anyway ). Implement 2 functions, one to insert into the db and the other one to read from the db. Remember to use transaction though 5. For unit tests go with the standard library and mock the 2 functions ( erroneous and valid cases )
ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.Project mention: Zitadel v2.33.0 – SMS/Email OTP and Custom SAML Attributes | news.ycombinator.com | 2023-08-21
The authentication glue you need.Project mention: Issues with authentik | /r/NixOS | 2023-07-07
Hello ! I am hosting a server under NixOS with multiple services, and to simply the identity management, I use authentik (https://goauthentik.io/) which can be compared to keycloak. Everything works fine until I try to enable mastodon to host an instance : authentik returns an error 400 and nothing changes this but disabling mastodon. Does anyone have an idea of what could be the cause of this ?
An SWT based API for managing users and issuing SWT tokens.Project mention: FATA Error 1130: Host '172.17.0.1' is not allowed to connect to this MySQL server | /r/AskProgramming | 2023-05-19
I am testing gotrue netlift module https://github.com/netlify/gotrue
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust white paper. Written in Go.
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal servicesProject mention: Use OpenZiti to secure your monitoring | news.ycombinator.com | 2023-01-09
2. An identity aware SSO proxy by Buzzfeed
I really like Buzzfeed's SSO implementation, but it hasn't received updates in a while and doesn't seem to be maintained to me. I could absolutely see OpenZiti replacing this for me.
I really like Wireguard and have absolutely no complaints with it -- but if OpenZiti could replace this as well and match the performance I get on Wireguard I would consider implementing it at home (and would probably be a happy enough customer to push for it at work).
One non-typical use-case I use Wireguard for is being able to do remote game streaming to my Windows hosts via Moonlight+Nvidia Gamestream. Would anyone be able to (anecdotally or scientifically), share how well a use-case like this would work with OpenZiti?
an SSO and OAuth / OIDC login solution for Nginx using the auth_request moduleProject mention: I'm looking for an SSO server/reverse proxy with features I'm not sure exist | /r/selfhosted | 2023-06-23
Extensible security first OAuth 2.0 and OpenID Connect SDK for Go.Project mention: Golang library for AuthN/AuthZ | /r/golang | 2023-06-06
You can take a look to https://github.com/ory/fosite
Authentication server for Docker Registry 2
Firebase Admin Go SDK
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐Project mention: Security flaws in an SSO plugin for Caddy | news.ycombinator.com | 2023-09-18
> September 18, 2023: The disclosure blog post was released and issues were filed with the original project repository.
I don't see those issues listed in the GitHub project issue tracker https://github.com/greenpau/caddy-security/issues. Have they been deleted?
A JWT based API for managing users and issuing JWT tokens (by supabase)Project mention: Supabase Local Dev: migrations, branching, and observability | news.ycombinator.com | 2023-08-09
I hate to be this guy, really. I would like to adopt Supabase in company, but I cannot yet.
I commented on a HN post almost a year ago about how hard is to do custom Auth with Supabase. I still haven't find a good solution about it. For example, LDAP Auth is quite crucial in most enterprise settings, yet I have no idea how to do it with Supabase. I can find a workaround for PostgREST by putting a secondary API written in some other language and fiddling with reverse proxies. But how to do with Supabase, such that all other services (realtime,...) works nicely? Is it so hard to provide a function that accept a custom strategy given the HTTP request data?
I created an issue almost a year ago on Supabase, which was transferred to Gotrue. I even provided some code examples from Laravel. Even if it is not specifically for LDAP, make some API available to do so, please.
Authenticator via oauth2, direct, email and telegramProject mention: How to build Auth in 2023 with go? | /r/golang | 2023-05-31
Platform-Agnostic Security Tokens implementation in GO (Golang) (by o1egl)
Cross-platform keyring interface for GoProject mention: Storing secrets in distributed binaries? | /r/golang | 2023-05-07
If it is a personal application you can use the operating systems keyring. E.g. with https://github.com/zalando/go-keyring
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.
Pinniped is the easy, secure way to log in to your Kubernetes clusters.Project mention: infra alternatives - paralus and pinniped | libhunt.com/r/infra | 2023-04-07
Auth plugin for mosquitto.Project mention: Securing MQTT: A Guide to Basic Authentication | dev.to | 2023-10-02
Check auth plugin for more complex use cases.
A Kubernetes Dex Client Authenticator
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
Go Authentication related posts
Securing MQTT: A Guide to Basic Authentication
1 project | dev.to | 2 Oct 2023
Authorizer, an open source authentication and authorization solution
1 project | news.ycombinator.com | 12 Sep 2023
Zitadel v2.33.0 – SMS/Email OTP and Custom SAML Attributes
1 project | news.ycombinator.com | 21 Aug 2023
Show HN: SpacetimeDB – The database that replaces your server
4 projects | news.ycombinator.com | 16 Aug 2023
1 project | /r/pocketbase | 31 Jul 2023
Introducing Coze - a cryptographic JSON messaging specification
1 project | /r/programming | 12 Jul 2023
Introducing Coze - a cryptographic JSON messaging specification
1 project | /r/cypherpunk | 12 Jul 2023
A note from our sponsor - Revelo Payroll
try.revelo.com | 3 Oct 2023
What are some of the best open-source Authentication projects in Go? This list will help you: