module
Version:
v0.1.1
Opens a new window with list of versions in this module.
Published: Aug 10, 2019
License: MIT
Opens a new window with license information.
README
¶
go-oauth
OAuth example using go and google
Model
type Credential struct {
ID string `json:"id" bson:"_id"`
Email string `json:"email" bson:"email"`
Password string `json:"password" bson:"password"` //Salted + hashed using bcrypt
Provider string `json:"provider" bson:"provider"` //GOOGLE, FACEBOOK, EMAIL
Claims json.RawMessage `json:"custom_claims" bson:"custom_claims"` //JWT custom claims
}
API Handlers
/oauth/google/login -> handler/goog/Login
/oauth/google/callback -> handler/goog/Callback
/oauth/register -> handler/v1/Register
/oauth/login -> handler/v1/Login
/oauth/logout -> handler/v1/Logout
/oauth/claims -> handler/v1/SetClaims
Google Flow
- User login via /oauth/google/login
- Redirected to google auth
- Callback on success to /oauth/google/callback
- access_token and refresh_token coookies are set
- X-CSRF-Token returned via headers and must be cached & sent on every request by client
In house flow
- User register via /oauth/register
- access_token and refresh_token coookies are set
- X-CSRF-Token returned via headers and must be cached & sent on every request by client
- User login via /oauth/login
- access_token and refresh_token coookies are set
- X-CSRF-Token returned via headers and must be cached & sent on every request by client
Setting JWT claims
- POST via /oauth/claims with JSON body
- access_token and refresh_token coookies are set
- X-CSRF-Token returned via headers and must be cached & sent on every request by client
Directories
¶
Click to show internal directories.
Click to hide internal directories.