Top 23 Go Authentication and OAuth Projects
-
Project mention: NGINX-PM + Authelia + FreeIPA With Multiple Security Groups | reddit.com/r/homelab | 2022-01-20
# yamllint disable rule:comments-indentation # https://github.com/authelia/authelia # https://www.authelia.com/docs/configuration/ # https://dbt3ch.com/books/authelia-for-nginx-proxy-manager # https://shownotes.opensourceisawesome.com/authelia-authentication/ --- ############################################################################### # Authelia Configuration # ############################################################################### theme: dark jwt_secret: REDACTED default_redirection_url: https://home.DOMAIN.TLD/ # Log Configuration log: level: info format: json file_path: /config/authelia.log keep_stdout: false # Server Configuration server: host: 0.0.0.0 port: 9091 path: "" asset_path: /assets/ #Site static configs. read_buffer_size: 4096 write_buffer_size: 4096 enable_pprof: false enable_expvars: false disable_healthcheck: false # Certificates directory for all other certificates used to verify TLS. certificates_directory: /certs/ # NTP Configuration ntp: address: "pool.ntp.org:123" version: 4 max_desync: 3s disable_startup_check: false disable_failure: false # TOTP Configuration totp: issuer: DOMAIN.TLD_SSO algorithm: sha256 digits: 6 period: 30 skew: 1 # Authentication Backend Provider Configuration authentication_backend: disable_reset_password: false refresh_interval: 5m ldap: implementation: custom url: ldaps://ipa.DOMAIN.TLD:636 timeout: 5s start_tls: false tls: server_name: ipa.DOMAIN.TLD skip_verify: true minimum_version: TLS1.2 base_dn: dc=DOMAIN,dc=TLD username_attribute: uid group_name_attribute: cn display_name_attribute: sn users_filter: (&({username_attribute}={input})(objectClass=person)(!(nsaccountlock=TRUE))) groups_filter: (&(member=uid={input},cn=users,cn=accounts,dc=DOMAIN,dc=TLD)(objectClass=groupOfNames)(|(cn=apps-security)(cn=apps-users))) #Bind credentials user: uid=BIND-USER,cn=users,cn=accounts,dc=DOMAIN,dc=TLD password: REDACTED # Access Control Configuration access_control: default_policy: deny # Network rule definitions. networks: - name: internal networks: - 10.0.0.0/8 # Rules for access to apps. rules: - domain: auth.DOMAIN.TLD policy: bypass - domain: - app-sec01.DOMAIN.TLD - app-sec02.DOMAIN.TLD - app-sec03.DOMAIN.TLD network: internal subject: "group:apps-security" policy: two_factor - domain: - app-user01.DOMAIN.TLD - app-user02.DOMAIN.TLD - app-user03.DOMAIN.TLD subject: "group:apps-users" policy: two_factor # Session Provider Configuration session: name: authelia_session domain: DOMAIN.TLD same_site: lax secret: REDACTED expiration: 24h inactivity: 120m remember_me_duration: 1M redis: host: REDIS-CONTAINER-NAME port: 6379 password: REDACTED database_index: 0 maximum_active_connections: 8 minimum_idle_connections: 0 # Regulation Configuration regulation: max_retries: 6 find_time: 2m ban_time: 5m # Storage Provider Configuration storage: encryption_key: REDACTED mysql: host: MARIADB-CONTAINER-NAME port: 3306 database: authelia username: authelia password: REDACTED timeout: 5s # Notification Provider notifier: disable_startup_check: false filesystem: filename: /config/notification.txt ...
-
Project mention: What do other famous frameworks(Django, laravel, springboot etc) use for implementing access control models? | reddit.com/r/golang | 2022-01-23
I just discovered go has this library https://github.com/casbin/casbin for access control model implementations which seems great. But It got me curious to know what other language frameworks use to implement these models or whether they have such libraries at all.
-
Scout APM
Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.
-
Project mention: go-doudou series 01: How to develop a monolithic RESTful service with go-doudou | dev.to | 2022-01-24
The code logic is query user record from database by input parameter username, if not found, return Incorrect username or password error, if password was correct, issue token. The jwt library used here is golang-jwt/jwt
-
My wife sent MR into golang oauth2 library https://github.com/golang/oauth2/pull/450
-
goth
Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.
-
-
-
OPS
OPS - Build and Run Open Source Unikernels. Quickly and easily build and deploy open source unikernels in tens of seconds. Deploy in any language to any cloud.
-
loginsrv
JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..
-
-
Project mention: Restrict - RBAC/ABAC hybrid authorization library | reddit.com/r/golang | 2021-12-15
I know there is a lot of authorization libraries out there, so I was trying to create something a little bit different, in between of lightweight tools like gorbac and all-in-one solutions like Casbin.
-
Unfortunately I haven't written a cookie/session based auth flow in Golang before so can't recommend any libraries. A quick google led me to https://github.com/alexedwards/scs which may or may not be helpful.
-
Project mention: Am I doing authorization correctly? I'm doing http-only cookie-based auth and to get the current user I call an API route that reads the cookie and returns the info | reddit.com/r/golang | 2021-08-15
Check out paseto tokens
-
permissions2
:closed_lock_with_key: Middleware for keeping track of users, login states and permissions
-
go-guardian
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.
Project mention: After 2 years of Django, I'm starting using Go for building web servers. Do you guys have any suggestions? | reddit.com/r/golang | 2021-05-24https://github.com/labstack/echo This is going to be my next project I look at. Alternatively you can incorporate the security bits manually by importing something like: https://github.com/shaj13/go-guardian
-
-
jwt-auth
This package provides json web token (jwt) middleware for goLang http servers (by adam-hanna)
-
-
-
Better alternatives would be PASETO or Branca.
-
-
yubigo
Yubigo is a Yubikey client API library that provides an easy way to integrate the Yubico Yubikey into your existing Go-based user authentication infrastructure.
-
-
Project mention: Show HN: Otpgen – Library to generate TOTP/HOTP codes written in Go | news.ycombinator.com | 2021-08-15
Go Authentication and OAuth related posts
- go-doudou series 01: How to develop a monolithic RESTful service with go-doudou
- What do other famous frameworks(Django, laravel, springboot etc) use for implementing access control models?
- NGINX-PM + Authelia + FreeIPA With Multiple Security Groups
- Centralized user management, I did a small comparison but I need to decide which one to pick
- Replicate Cloudflare Access on K8S
- MFA - Where to start advice
- Any recommendations on setting access control on Hugo Documentation?
Index
What are some of the best open-source Authentication and OAuth projects in Go? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | authelia | 11,499 |
| 2 | casbin | 11,177 |
| 3 | jwt-go | 10,131 |
| 4 | oauth2 | 3,979 |
| 5 | goth | 3,492 |
| 6 | authboss | 2,980 |
| 7 | go-oauth2-server | 1,846 |
| 8 | loginsrv | 1,841 |
| 9 | gologin | 1,476 |
| 10 | gorbac | 1,244 |
| 11 | scs | 1,024 |
| 12 | paseto | 568 |
| 13 | permissions2 | 443 |
| 14 | go-guardian | 338 |
| 15 | jeff | 234 |
| 16 | jwt-auth | 213 |
| 17 | httpauth | 213 |
| 18 | auth | 200 |
| 19 | branca | 159 |
| 20 | webauthn | 142 |
| 21 | yubigo | 117 |
| 22 | sessionup | 114 |
| 23 | otpgen | 113 |
Are you hiring? Post a new remote job listing for free.
