Skip to content

Latest commit

 

History

History
68 lines (52 loc) · 2.42 KB

README.md

File metadata and controls

68 lines (52 loc) · 2.42 KB

oauth2 wercker status

Allows your Martini application to support user login via an OAuth 2.0 backend. Requires sessions middleware. Google, Facebook and Github sign-in are currently supported. Once endpoints are provided, this middleware can work with any OAuth 2.0 backend.

Usage

package main

import (
  "github.com/go-martini/martini"
  "github.com/martini-contrib/oauth2"
  "github.com/martini-contrib/sessions"
)

func main() {
  m := martini.Classic()
  m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
  m.Use(oauth2.Google(&oauth2.Options{
    ClientId:     "client_id",
    ClientSecret: "client_secret",
    RedirectURL:  "redirect_url",
    Scopes:       []string{"https://www.googleapis.com/auth/drive"},
  }))

  // Tokens are injected to the handlers
  m.Get("/", func(tokens oauth2.Tokens) string {
    if tokens.IsExpired() {
      return "not logged in, or the access token is expired"
    }
    return "logged in"
  })

  // Routes that require a logged in user
  // can be protected with oauth2.LoginRequired handler.
  // If the user is not authenticated, they will be
  // redirected to the login path.
  m.Get("/restrict", oauth2.LoginRequired, func(tokens oauth2.Tokens) string {
    return tokens.Access()
  })

  m.Run()
}

If a route requires login, you can add oauth2.LoginRequired to the handler chain. If user is not logged, they will be automatically redirected to the login path.

m.Get("/login-required", oauth2.LoginRequired, func() ...)

Auth flow

  • /login will redirect user to the OAuth 2.0 provider's permissions dialog. If there is a next query param provided, user is redirected to the next page afterwards.
  • If user agrees to connect, OAuth 2.0 provider will redirect to /oauth2callback to let your app to make the handshake. You need to register /oauth2callback as a Redirect URL in your application settings.
  • /logout will log the user out. If there is a next query param provided, user is redirected to the next page afterwards.

You can customize the login, logout, oauth2callback and error paths:

oauth2.PathLogin = "/oauth2login"
oauth2.PathLogout = "/oauth2logout"
...

Authors