Go Programming Blueprints, Chapter 2, Adding User Accounts
A universal truth in programming is that there are relatively few unique unsolved problems. What tasked with a new problem, always see what other solutions exist and how we can solve our new one. In this instance, we are going to use open source solutions to auth against existing services.
Links:
Handlers all the way down
Everything we write will be http handlers. This allows us to encapsulate objects as far down the chain as needed.Making pretty social sign in page
We get a quick lesson on bootstrap, and why and how to use it. There are two methods to showing our bootstrap. We can leave it hosted on a CDN or add it to our assets folder.Endpoints with Dynamic Paths
Go doesn't support the most robust path selections (/path/options), such as ruby on rails or Django python. As with everything Go, there are open source packages we can use to help with this functionality. We will use string.split to break our argument paths in the requisite parts, so we can redirect as the user requests.Getting Started with Oauth2
Ouath2 is an open auth standard that allows third party apps to request tokens from major providers (like Facebook, Google, Github). This allows people to use a site without creating a new account.Open source Oauth2 packages
There are two packages discussed for Oauth2:- goauth- Written by the go team
- goamniauth- base on Ruby's omniauth
Tell authorization providers about your app
The steps to register our app with a provider are given, since these are subject to so much change, I leave that up to you to decide how useful these will be in the future.Implementing external logging in
Code is shown to implement different Oauth2 providers.Logging In
We add the functionality to our endpoint for login. If the user is allowed to login, they are redirected to the URL. If an error occurs they get a non-200 error code, and can be redirected to a new page.Handling the Response from the provider
The url now contains a token that was generated by the authorization server that the user connected to. We don't have to worry about this for our current app, but it's good to know if we choose to add more features in the future. The code to handle our callback function is implemented. We call the CompleteAuth method and parse the RawQuery from the request into the objx.map (from GoOmniAuth). If this all works we will get some basic information about the user. We then store all this in a Base-64 encoded name in a coookie as an auth header.Presenting the user data
We create a new definition for passing only the data we need to our frontend. We use the curly braces {{}} instead of the make keyword for instantiating our new object at once. Add the new field to the chat template and we now have a chat with usernames. As a sidenote, the author points out how we can add the source code for a package to a folder called vendor. This will allow us to "fix" the version of 3rd party packages to a version, so it won't break out code in the future, should the package be updated by the author.Augmenting messages with additional data
So far we have used the byte type to send messages back and forth. We need a new type to add the other data. New methods are implemented:- ReadJson
- WriteJson
Links:
Comments
Post a Comment