Popularity

5.5

Stable

Activity

0.0

Stable

Stars 216

Watchers 8

Forks 30

Last Commit over 1 year ago

Programming language: Go

License: MIT License

Tags: Authentication & OAuth

httpauth alternatives and similar packages

Based on the "Authentication & OAuth" category.
Alternatively, view httpauth alternatives based on common mentions on social networks and blogs.

authelia

9.8 9.8 httpauth VS authelia

The Single Sign-On Multi-Factor portal for web apps
casbin

9.7 7.4 httpauth VS casbin

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang

Static code analysis for 29 languages.

Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

Promo www.sonarqube.org

aws-doc-sdk-examples

9.7 10.0 httpauth VS aws-doc-sdk-examples

Welcome to the AWS Code Examples Repository. This repo contains code examples used in the AWS documentation, AWS SDK Developer Guides, and more. For more information, see the Readme.md file below.
jwt-go

9.7 1.0 httpauth VS jwt-go

ARCHIVE - Golang implementation of JSON Web Tokens (JWT). This project is now maintained at:
oauth2

9.3 6.0 httpauth VS oauth2

Go OAuth2
goth

9.0 7.3 httpauth VS goth

Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.
authboss

8.7 0.0 httpauth VS authboss

The boss of http auth.
go-oauth2-server

8.4 0.0 httpauth VS go-oauth2-server

A standalone, specification-compliant, OAuth2 server written in Golang.
go-jose

8.4 0.0 httpauth VS go-jose

An implementation of JOSE standards (JWE, JWS, JWT) in Go
loginsrv

8.2 0.0 httpauth VS loginsrv

JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..
gologin

8.0 7.3 httpauth VS gologin

Go login handlers for authentication providers (OAuth1, OAuth2)
gorbac

8.0 4.4 httpauth VS gorbac

goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.
osin

7.0 0.0 httpauth VS osin

Golang OAuth2 server library.
auth

6.9 6.2 httpauth VS auth

Authenticator via oauth2, direct, email and telegram
permissions2

6.5 0.0 httpauth VS permissions2

:closed_lock_with_key: Middleware for keeping track of users, login states and permissions
go.auth

6.2 0.0 httpauth VS go.auth

Authentication API for Go web applications.
Go-AWS-Auth

6.0 0.0 httpauth VS Go-AWS-Auth

AWS (Amazon Web Services) request signing library.
jwt-auth

5.7 0.8 httpauth VS jwt-auth

This package provides json web token (jwt) middleware for goLang http servers
webauthn

4.9 0.0 httpauth VS webauthn

Go package for easy WebAuthn integration
jwt

4.8 0.0 httpauth VS jwt

This is an implementation of JWT in golang!
yubigo

4.8 0.0 httpauth VS yubigo

Yubigo is a Yubikey client API library that provides an easy way to integrate the Yubico Yubikey into your existing Go-based user authentication infrastructure.
RBAC

4.0 0.0 httpauth VS RBAC

RBAC - Simple, concurrent Role Based Access Control(GO)
sessions

3.6 0.0 httpauth VS sessions

A dead simple, highly performant, highly customizable sessions middleware for go http servers.
Passhash

1.4 0.0 httpauth VS Passhash

Go library providing simple and secure password management
Facecontrol

1.4 0.0 httpauth VS Facecontrol

Simple authentication, single sign-on and (optinal) authorization solution.
go-oauth2

1.0 0.0 httpauth VS go-oauth2

No description, website, or topics provided.

Do you think we are missing an alternative of httpauth or a related project?

Add another 'Authentication & OAuth' Package

Popular Comparisons

README

goji/httpauth

httpauth currently provides HTTP Basic Authentication middleware for Go. It is compatible with Go's own net/http, goji, Gin & anything that speaks the http.Handler interface.

Example

httpauth provides a SimpleBasicAuth function to get you up and running. Particularly ideal for development servers.

Note that HTTP Basic Authentication credentials are sent over the wire "in the clear" (read: plaintext!) and therefore should not be considered a robust way to secure a HTTP server. If you're after that, you'll need to use SSL/TLS ("HTTPS") at a minimum.

Install It

$ go get github.com/goji/httpauth

Goji v2

Simple Usage

The fastest and simplest way to get started using httpauth is to use the SimpleBasicAuth function.


package main

import(
    "net/http"

    "goji.io"
)

func main() {
    mux := goji.NewMux()

    mux.Use(httpauth.SimpleBasicAuth("dave", "somepassword"))
    mux.Use(SomeOtherMiddleware)

    // YourHandler now requires HTTP Basic Auth
    mux.Handle(pat.Get("/some-route"), YourHandler))

    log.Fatal(http.ListenAndServe("localhost:8000", mux))
}

Advanced Usage

For more control over the process, pass a AuthOptions struct to BasicAuth instead. This allows you to:

Configure the authentication realm.
Provide your own UnauthorizedHandler (anything that satisfies http.Handler) so you can return a better looking 401 page.
Define a custom authentication function, which is discussed in the next section.


func main() {

    authOpts := httpauth.AuthOptions{
        Realm: "DevCo",
        User: "dave",
        Password: "plaintext!",
        UnauthorizedHandler: myUnauthorizedHandler,
    }

    mux := goji.NewMux()

    mux.Use(BasicAuth(authOpts))
    mux.Use(SomeOtherMiddleware)

    mux.Handle(pat.Get("/some-route"), YourHandler))

    log.Fatal(http.ListenAndServe("localhost:8000", mux))
}

Custom Authentication Function

httpauth will accept a custom authentication function. Normally, you would not set AuthOptions.User nor AuthOptions.Password in this scenario. You would instead validate the given credentials against an external system such as a database. The contrived example below is for demonstration purposes only.

func main() {

    authOpts := httpauth.AuthOptions{
        Realm: "DevCo",
        AuthFunc: myAuthFunc,
        UnauthorizedHandler: myUnauthorizedHandler,
    }

    mux := goji.NewMux()

    mux.Use(BasicAuth(authOpts))
    mux.Use(SomeOtherMiddleware)

    mux.Handle(pat.Get("/some-route"), YourHandler))

    log.Fatal(http.ListenAndServe("localhost:8000", mux))
}

// myAuthFunc is not secure.  It checks to see if the password is simply
// the username repeated three times.
func myAuthFunc(user, pass string, r *http.Request) bool {
    return pass == strings.Repeat(user, 3)
}

gorilla/mux

Since it's all http.Handler, httpauth works with gorilla/mux (and most other routers) as well:

package main

import (
    "net/http"

    "github.com/goji/httpauth"
    "github.com/gorilla/mux"
)

func main() {
    r := mux.NewRouter()

    r.HandleFunc("/", YourHandler)
    http.Handle("/", httpauth.SimpleBasicAuth("dave", "somepassword")(r))

    http.ListenAndServe(":7000", nil)
}

func YourHandler(w http.ResponseWriter, r *http.Request) {
    w.Write([]byte("Gorilla!\n"))
}

net/http

If you're using vanilla net/http:

package main

import(
    "net/http"

    "github.com/goji/httpauth"
)

func main() {
    http.Handle("/", httpauth.SimpleBasicAuth("dave", "somepassword")(http.HandlerFunc(YourHandler)))
    http.ListenAndServe(":7000", nil)
}

Contributing

Send a pull request! Note that features on the (informal) roadmap include HTTP Digest Auth.

License

MIT Licensed. See the LICENSE file for details.

*Note that all licence references and agreements mentioned in the httpauth README section above are relevant to that project's source code only.

httpauth

HTTP Authentication middlewares