Popularity

5.5

Stable

Activity

0.0

Stable

Stars 207

Watchers 7

Forks 23

Last Commit about 1 year ago

Programming language: Go

License: MIT License

Tags: Authentication & OAuth

httpauth alternatives and similar packages

Based on the "Authentication & OAuth" category.
Alternatively, view httpauth alternatives based on common mentions on social networks and blogs.

jwt-go

9.7 1.9 httpauth VS jwt-go

ARCHIVE - Golang implementation of JSON Web Tokens (JWT). This project is now maintained at:
authelia

9.7 9.8 httpauth VS authelia

The Single Sign-On Multi-Factor portal for web apps

Run Linux Software Faster and Safer than Linux with Unikernels

Promo github.com/nanovms

casbin

9.7 8.0 httpauth VS casbin

An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
aws-doc-sdk-examples

9.6 10.0 httpauth VS aws-doc-sdk-examples

Welcome to the AWS Code Examples Repository. This repo contains code examples used in the AWS documentation, AWS SDK Developer Guides, and more. For more information, see the Readme.rst file below.
oauth2

9.2 6.2 httpauth VS oauth2

Go OAuth2
goth

8.9 4.6 httpauth VS goth

Package goth provides a simple, clean, and idiomatic way to write authentication packages for Go web applications.
authboss

8.7 3.9 httpauth VS authboss

The boss of http auth.
go-oauth2-server

8.5 0.0 httpauth VS go-oauth2-server

A standalone, specification-compliant, OAuth2 server written in Golang.
go-jose

8.5 0.0 httpauth VS go-jose

An implementation of JOSE standards (JWE, JWS, JWT) in Go
loginsrv

8.3 2.7 httpauth VS loginsrv

JWT login microservice with plugable backends such as OAuth2, Google, Github, htpasswd, osiam, ..
gorbac

7.9 2.4 httpauth VS gorbac

goRBAC provides a lightweight role-based access control (RBAC) implementation in Golang.
gologin

7.9 4.2 httpauth VS gologin

Go login handlers for authentication providers (OAuth1, OAuth2)
osin

7.0 0.0 httpauth VS osin

Golang OAuth2 server library.
permissions2

6.5 4.3 httpauth VS permissions2

:closed_lock_with_key: Middleware for keeping track of users, login states and permissions
go.auth

6.2 0.0 httpauth VS go.auth

Authentication API for Go web applications.
Go-AWS-Auth

6.0 0.0 httpauth VS Go-AWS-Auth

AWS (Amazon Web Services) request signing library.
jwt-auth

5.7 1.2 httpauth VS jwt-auth

This package provides json web token (jwt) middleware for goLang http servers
auth

5.5 7.3 httpauth VS auth

Authenticator via oauth2
webauthn

4.8 0.0 httpauth VS webauthn

Go package for easy WebAuthn integration
yubigo

4.8 0.0 httpauth VS yubigo

Yubigo is a Yubikey client API library that provides an easy way to integrate the Yubico Yubikey into your existing Go-based user authentication infrastructure.
jwt

4.7 0.0 httpauth VS jwt

This is an implementation of JWT in golang!
RBAC

3.8 0.0 httpauth VS RBAC

RBAC - Simple, concurrent Role Based Access Control(GO)
sessions

3.5 0.0 httpauth VS sessions

A dead simple, highly performant, highly customizable sessions middleware for go http servers.
Facecontrol

1.4 0.0 httpauth VS Facecontrol

Simple authentication, single sign-on and (optinal) authorization solution.
Passhash

1.3 3.6 httpauth VS Passhash

Go library providing simple and secure password management
go-oauth2

0.9 0.0 httpauth VS go-oauth2

No description, website, or topics provided.

Do you think we are missing an alternative of httpauth or a related project?

Add another 'Authentication & OAuth' Package

Popular Comparisons

README

goji/httpauth

httpauth currently provides HTTP Basic Authentication middleware for Go. It is compatible with Go's own net/http, goji, Gin & anything that speaks the http.Handler interface.

Example

httpauth provides a SimpleBasicAuth function to get you up and running. Particularly ideal for development servers.

Note that HTTP Basic Authentication credentials are sent over the wire "in the clear" (read: plaintext!) and therefore should not be considered a robust way to secure a HTTP server. If you're after that, you'll need to use SSL/TLS ("HTTPS") at a minimum.

Install It

$ go get github.com/goji/httpauth

Goji v2

Simple Usage

The fastest and simplest way to get started using httpauth is to use the SimpleBasicAuth function.


package main

import(
    "net/http"

    "goji.io"
)

func main() {
    mux := goji.NewMux()

    mux.Use(httpauth.SimpleBasicAuth("dave", "somepassword"))
    mux.Use(SomeOtherMiddleware)

    // YourHandler now requires HTTP Basic Auth
    mux.Handle(pat.Get("/some-route"), YourHandler))

    log.Fatal(http.ListenAndServe("localhost:8000", mux))
}

Advanced Usage

For more control over the process, pass a AuthOptions struct to BasicAuth instead. This allows you to:

Configure the authentication realm.
Provide your own UnauthorizedHandler (anything that satisfies http.Handler) so you can return a better looking 401 page.
Define a custom authentication function, which is discussed in the next section.


func main() {

    authOpts := httpauth.AuthOptions{
        Realm: "DevCo",
        User: "dave",
        Password: "plaintext!",
        UnauthorizedHandler: myUnauthorizedHandler,
    }

    mux := goji.NewMux()

    mux.Use(BasicAuth(authOpts))
    mux.Use(SomeOtherMiddleware)

    mux.Handle(pat.Get("/some-route"), YourHandler))

    log.Fatal(http.ListenAndServe("localhost:8000", mux))
}

Custom Authentication Function

httpauth will accept a custom authentication function. Normally, you would not set AuthOptions.User nor AuthOptions.Password in this scenario. You would instead validate the given credentials against an external system such as a database. The contrived example below is for demonstration purposes only.

func main() {

    authOpts := httpauth.AuthOptions{
        Realm: "DevCo",
        AuthFunc: myAuthFunc,
        UnauthorizedHandler: myUnauthorizedHandler,
    }

    mux := goji.NewMux()

    mux.Use(BasicAuth(authOpts))
    mux.Use(SomeOtherMiddleware)

    mux.Handle(pat.Get("/some-route"), YourHandler))

    log.Fatal(http.ListenAndServe("localhost:8000", mux))
}

// myAuthFunc is not secure.  It checks to see if the password is simply
// the username repeated three times.
func myAuthFunc(user, pass string, r *http.Request) bool {
    return pass == strings.Repeat(user, 3)
}

gorilla/mux

Since it's all http.Handler, httpauth works with gorilla/mux (and most other routers) as well:

package main

import (
    "net/http"

    "github.com/goji/httpauth"
    "github.com/gorilla/mux"
)

func main() {
    r := mux.NewRouter()

    r.HandleFunc("/", YourHandler)
    http.Handle("/", httpauth.SimpleBasicAuth("dave", "somepassword")(r))

    http.ListenAndServe(":7000", nil)
}

func YourHandler(w http.ResponseWriter, r *http.Request) {
    w.Write([]byte("Gorilla!\n"))
}

net/http

If you're using vanilla net/http:

package main

import(
    "net/http"

    "github.com/goji/httpauth"
)

func main() {
    http.Handle("/", httpauth.SimpleBasicAuth("dave", "somepassword")(http.HandlerFunc(YourHandler)))
    http.ListenAndServe(":7000", nil)
}

Contributing

Send a pull request! Note that features on the (informal) roadmap include HTTP Digest Auth.

License

MIT Licensed. See the LICENSE file for details.

*Note that all licence references and agreements mentioned in the httpauth README section above are relevant to that project's source code only.

httpauth

HTTP Authentication middlewares