Gin middleware/handler for handling authentication to github via oauth.
- Seamlessly manages oauth flow to github.
- Securely stores oauth tokens in cookies.
- Middleware for requiring access / redirecting to login, or for unrestricted routes.
func main() {
r := gin.Default()
r.LoadHTMLGlob("templates/*.tpl")
// first create the auth handler
conf := &ghauth.Conf{
ClientId: os.Getenv("GH_CLIENT_ID"),
ClientSecret: os.Getenv("GH_CLIENT_SECRET"),
Scopes: []string{"user", "read:public_key", "repo"},
CookieName: "ghuser",
CookieSecret: "any random string can go here, but make sure it is truly random and secret to secure your cookies",
}
auth := ghauth.New(conf)
// register oauth routes
auth.RegisterRoutes("/login", "/oauth", "/logout", r)
// add the token reading middleware to all requests.
r.Use(auth.AuthCheck())
// all unauthorized routes can go here. Will still have user populated if logged in
r.GET("/", home)
// require authorization for these routes. Will redirect to login if not logged-in
authRequired := r.Group("/", auth.RequireAuth())
authRequired.GET("/repo/:owner/:repo", repo)
r.Run(":8080") // listen and serve on 0.0.0.0:8080
}
In any handler you can then get the logged in user from any handler that uses the middleware by calling ghauth.User(ctx). If the user is not logged in. It will be null.