Goth Alternatives

goth reviews and mentions

• Show HN: Clace – Application Server with support for scaling down to zero
  7 projects | news.ycombinator.com | 11 Sep 2024

  Thanks, need to make the docs less verbose in some places :-)

  https://clace.io/docs/configuration/authentication/ lists the supported auth mechanisms for apps. A builtin system account is the default. The OAuth providers supported are : github google digitalocean bitbucket amazon azuread microsoftonline gitlab auth0 okta oidc. Any other provider supported by https://github.com/markbates/goth can be easily added, with a small code change.

  For admin operations (creating/updating apps) using the client CLI, a unix domain socket is used. File system permissions are used, no other auth is used for UDS. A REST API for admin operations can be optionally enabled, in which case it will use the system account https://clace.io/docs/configuration/security/#admin-api-acce....

  Client cert based auth is not supported currently. Were you wanting that for app access or for admin API access?

  In terms of performance, I did some testing few months back. The app access API does not hit the database (sqlite), everything is cached after the first call. So the performance will be limited by the API performance of the downstream container. The Clace server itself should not be a bottleneck. First API call to a containerized app builds the image and starts the container. That depends on how fast the image build and container startup are.

• How to build Auth in 2023 with go?
  6 projects | /r/golang | 31 May 2023

  Also really easy to implement as there are libraries that do all the heavy lifting for you (https://github.com/markbates/goth is a great starting place IMHO)

• Why use a 'global' anonymous function instead of a named one?
  1 project | /r/golang | 14 Mar 2023

  In the package 'markbates/goth' that provides a client implementation of OAuth 2.0, the authors have defined the function CompleteUserAuth at the package level like this:

• Authentication in Go? Best practices
  4 projects | /r/golang | 7 Mar 2023
• Single sign on with LinkedIn
  1 project | /r/golang | 4 Dec 2022

  You can use oauth2. Just take e.g. a look at the dex documentation dex. Dex is not a library but a standalone federated oidc provider. Highly recommended. For libraries take a look at goth.

• Simple web app, how to do auth?
  11 projects | /r/golang | 2 Nov 2022
• The impossible case of pitching rust in a web dev shop
  11 projects | /r/programming | 22 Sep 2022

  For the kind of websites I prefer to build -- server side rendered with HTMX/Alpine for the extra niceness -- Rust I think could be a very good fit. The main downside for my personal projects is the ecosystem. E.g., a good standard way to handle CSRF tokens, standardised oauth2 implementations (like https://github.com/markbates/goth in Go), things like that. I found myself having to write a lot of code that just exists in the Go ecosystem. The main downside for a business is that it's going to make it harder to hire, since Rust genuinely requires more skill. Yes, developers will make mistakes in Go, as it's far too easy to do things like access shared memory in dangerous ways. But on the flip side, it's a lot easier for them to deliver a feature. In a choice between shipping a feature that is buggy in hard to detect ways, vs not being able to deliver at all because you can't get developers, I think it's better to ship.

• เขียน Go ต่อ Oauth ทุกค่าย
  1 project | dev.to | 2 Nov 2021
• A note from our sponsor - CodeRabbit
  coderabbit.ai | 23 Mar 2025

  Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more →