Repository files navigation

Package goth provides a simple, clean, and idiomatic way to write authenticationpackages for Go web applications.

Unlike other similar packages, Goth, lets you write OAuth, OAuth2, or any otherprotocol providers, as long as they implement theProvider andSession interfaces.

This package was inspired byhttps://github.com/intridea/omniauth.

$ go get github.com/markbates/goth

• Amazon
• Apple
• Auth0
• Azure AD
• Battle.net
• Bitbucket
• Box
• ClassLink
• Cloud Foundry
• Dailymotion
• Deezer
• DigitalOcean
• DingTalk
• Discord
• Dropbox
• Eve Online
• Facebook
• Fitbit
• Gitea
• GitHub
• Gitlab
• Google
• Heroku
• InfluxCloud
• Instagram
• Intercom
• Kakao
• Lastfm
• LINE
• Linkedin
• Mailru
• Meetup
• MicrosoftOnline
• Naver
• Nextcloud
• Okta
• OneDrive
• OpenID Connect (auto discovery)
• Oura
• Patreon
• Paypal
• Reddit
• SalesForce
• Shopify
• Slack
• Soundcloud
• Spotify
• Steam
• Strava
• Stripe
• TikTok
• Tumblr
• Twitch
• Twitter
• Typetalk
• Uber
• VK
• WeCom
• Wepay
• Xero
• Yahoo
• Yammer
• Yandex
• Zoom

See theexamples folder for a working application that lets users authenticatethrough Twitter, Facebook, Google Plus etc.

To run the example either clone the source from GitHub

$ git clone git@github.com:markbates/goth.git

or use

$ go get github.com/markbates/goth

$ cd goth/examples$ go get -v$ go build$ ./examples

Now open up your browser and go tohttp://localhost:3000 to see the example.

To actually use the different providers, please make sure you set environment variables. Example given in the examples/main.go file

By default, gothic uses aCookieStore from thegorilla/sessions package to store session data.

As configured, this default store (gothic.Store) will generate cookies withOptions:

&Options{Path:"/",Domain:"",MaxAge:86400*30,HttpOnly:true,Secure:false, }

To tailor these fields for your application, you can override thegothic.Store variable at startup.

The following snippet shows one way to do this:

key:=""// Replace with your SESSION_SECRET or similarmaxAge:=86400*30// 30 daysisProd:=false// Set to true when serving over httpsstore:=sessions.NewCookieStore([]byte(key))store.MaxAge(maxAge)store.Options.Path="/"store.Options.HttpOnly=true// HttpOnly should always be enabledstore.Options.Secure=isProdgothic.Store=store

Issues always stand a significantly better chance of getting fixed if they are accompanied by apull request.

Would I love to see more providers? Certainly! Would you love to contribute one? Hopefully, yes!

1. Fork it
2. Create your feature branch (git checkout -b my-new-feature)
3. Write Tests!
4. Make sure the codebase adhere to the Go coding standards by executinggofmt -s -w ./
5. Commit your changes (git commit -am 'Add some feature')
6. Push to the branch (git push origin my-new-feature)
7. Create new Pull Request