I hope you enjoy this longer tutorial style video! Let me know if you enjoy this style of content - been experimenting a lot with different types of videos! Please make sure to comment + like - the algo loves it
@@amardeepsingh1168 I asked for a full series on this actually 😃 @MelkeyDev hey man i see opportunity. 🤷🏾♂️ Maybe even a paid course some day. A lot of us are a bit off in putting all these pieces together and sometimes the examples are to complicated, require to clone and work on a project we didn’t create ourselves or minimal with the, oh you can figure it out 😂🫡. Just saying.
A complete implementation of authentication with cookies, permissions, middleware using this library would be great help. Thanks for share your knolage ^^
Would be nice to see beyond from that, like storing the User in your "user" table in a database. This way you can handle a signup and signin for the user. Couldn't find any example of that online. In other languages is plenty of it, like Node with Prisma and Nextauth for Oauth.
How about performance consederations? if I did not need more than 3 oauth services, using the built in go oauth package may be a better choice, what's your take, but at the end it all make sense what to choose
I think there are too many jumpy cuts. I followed this very closely while looking at the repo and the video leaves out the "beginAuthProviderCallback" function, without which this won't work. But most importantly I don't understand the use of context here and would have liked more details about that. On the upside it made me curious so I looked it up.
Great video, has helped my out with implementing this exact thing in my project! I think having a way to view the final code for at least the implementation of the goth authorization functions in the backend could be helpful. You mentioned copy and pasting 2 of the 3 functions from goth accross to save video time, but being able to see the end result of that and how it all should fit together could help make it clearer for people. Very helpful video regardless, thanks.
A small creature is sitting under your nose. I know you can't see it so I thought I'd point it out for you. Great video by the way, I've been binge watching your channel.
noice, I struggled a little bit to implement github oauth in my Golang x Sveltekit app recently. Will probably rewrite it using goth cos it looks so much cleaner than my implementation. That editing tho! 🙌
Can you please share source code of that example with us? I have been trying to implement google oauth for days, but I’m facing cors error from google any ways. I appreciate any kind of help
You should've used `r.Context()` when you use `r.WithContext` instead of `context.Background()`. If the client closes the connection, you do not want to waste time on the auth flow. Take advantage of the context that comes with the request.
The cookie is for storing acsess token on the client. To make your app more secure, the access token should not be passed directly to the user. Instead, create a session token that is sent to the user as a cookie. The app will maintain a mapping of the session tokens to access tokens on the server side (most likely a database).
Your code does not work. :) After the callback, check state from the url query and then check your state, they are different. In other words, not secure to CRFS and thus invalid.
I think you need to pass the provider in the route where you call gothic.BeginAuthHandler() provider := chi.URLParam(r, "provider") r = r.WithContext(context.WithValue(context.Background(), "provider", provider))
Maybe not editing that much. Show the whole setup. Maybe redo this making a vite react app (todo) with go as the backend, chi as api server, postgres for the database (show how to connect to the databased) and auth (can use goauth but instead just printing the user, actually use it and show the worflow with the database). So a full stack tutorial. We will watch even if it is a couple hours. If it goes above an hours break it doen on parts like, "setting the backend" , "setting the frontend", "adding posgres driver", etc.
very bad tutorial you are skipping important parts of the video like setting up client id and secret key in google console and also you are skipping without even explaining things well. Now I have to watch another video to finish this. So here is my dislike. Sorry for being rude.
Incomplete useless video. 1. You define getAuthCallbakcFunction to handle the route "/auth/{provider/callback" which you never use 2. You never show the actual auth route /auth/{provider} which you route to in your react app's handleLogin function 3. You just print the user in your getAuthCallbackFunction which you never use
Great vid! Just found out for my projects ory kratos - perfect solution, oss, selfhosted identity service with social logins etc. Very easy to setup almost all oauth2/oidc providers to sign in with. Highly recommend!
I hope you enjoy this longer tutorial style video!
Let me know if you enjoy this style of content - been experimenting a lot with different types of videos!
Please make sure to comment + like - the algo loves it
blurs email, leaks email in the console output. lol
I prefer the longer videos. They provide more context and show me how you think as a developer with golang.
Can you please extend this video how auth can utilised for auhtnicating other api ?
@@amardeepsingh1168 I asked for a full series on this actually 😃 @MelkeyDev hey man i see opportunity. 🤷🏾♂️ Maybe even a paid course some day. A lot of us are a bit off in putting all these pieces together and sometimes the examples are to complicated, require to clone and work on a project we didn’t create ourselves or minimal with the, oh you can figure it out 😂🫡. Just saying.
The state parameter passed from login to callback differs, thus is not secure from CRFS.
“I do not want you to show my email” a few second later the email is printed out in the console.
Nice 😂
Maybe a whole backend tutorial series to combine it all and we all become golang ninjas 😅
A complete implementation of authentication with cookies, permissions, middleware using this library would be great help. Thanks for share your knolage ^^
I really appreciate this comment
i agree, even just authorization on routes would be really great
The one video i needed for my project
Let’s goooo Go auth video dropped, putting a suit on one sec!!!
Would be nice to see beyond from that, like storing the User in your "user" table in a database. This way you can handle a signup and signin for the user.
Couldn't find any example of that online. In other languages is plenty of it, like Node with Prisma and Nextauth for Oauth.
How about performance consederations? if I did not need more than 3 oauth services, using the built in go oauth package may be a better choice, what's your take, but at the end it all make sense what to choose
I think there are too many jumpy cuts. I followed this very closely while looking at the repo and the video leaves out the "beginAuthProviderCallback" function, without which this won't work. But most importantly I don't understand the use of context here and would have liked more details about that. On the upside it made me curious so I looked it up.
Appreciate the feedback banafish
Awesome video! Exactly what I was looking for.
Fun fact: I watch your video on 0.8x speed
I have a golang api only project. How can I use it with a mobile app? Since there is no redirect to the mobile application
As usual, amazing work!
Thank you! Cheers!
Great video, has helped my out with implementing this exact thing in my project! I think having a way to view the final code for at least the implementation of the goth authorization functions in the backend could be helpful. You mentioned copy and pasting 2 of the 3 functions from goth accross to save video time, but being able to see the end result of that and how it all should fit together could help make it clearer for people. Very helpful video regardless, thanks.
That's a great idea!
A small creature is sitting under your nose. I know you can't see it so I thought I'd point it out for you. Great video by the way, I've been binge watching your channel.
Hahah thank you
The creature is gone in the newer videos :)
I am new to golang and I was searching for some times now, thank you boss
Pure gold! Thanks for sharing. It was just I needed
I think you need to first implement the integration with google oauth yourself to understand how things work and only then go to libraries
noice, I struggled a little bit to implement github oauth in my Golang x Sveltekit app recently. Will probably rewrite it using goth cos it looks so much cleaner than my implementation. That editing tho! 🙌
Yo can I have your repo link?
@@CuongNguyen-gu9flhey, sorry but I ultimately ditched the github oauth all together xD not sure if you still want the repo link after hearing that
I can't get redirected URI right for some reason.
What is the issue?
@@MelkeyDevI was silly, didn't put the correct redirect URL.
Thanks for your video, but another video using it with an endpoint would be nice.
Nice one definitely would like to see more of this type of stuff from you, great tutorial
Thanks, will do!
Any idea how to manage this from a mobile app using dart or react native instead of the web interface?
Can you please share source code of that example with us?
I have been trying to implement google oauth for days, but I’m facing cors error from google any ways.
I appreciate any kind of help
Thank you very much for this clear and detailed tutorial. It was a big help.
You can call it a complete tutorial when you store the user on the database, setup the cookies and create a profile page.
I can add it to a future tutorial if you want, I didnt want to overload with so much information into one video.
As you said at the beginning, I have been looking for a video like this, great video!! Ps: How does teej feels about you using vsode?
You should've used `r.Context()` when you use `r.WithContext` instead of `context.Background()`. If the client closes the connection, you do not want to waste time on the auth flow. Take advantage of the context that comes with the request.
how can frontend know if user is authenticated??
You would need to do something with a session token
You could also create your own JWT from the user email and user ID for the session. I just used the OAuth for fast sign-up/sign-in.
Helpful vid! However wondering what the purpose is of the cookie store? Does this send a cookie back to client?
The cookie is for storing acsess token on the client. To make your app more secure, the access token should not be passed directly to the user. Instead, create a session token that is sent to the user as a cookie. The app will maintain a mapping of the session tokens to access tokens on the server side (most likely a database).
Liked and subscribed - thanks for the great content my dude
What console do you use? seems prett6 different from wsl
Just the standard console from Ubuntu lol
Thanks man! love this content
Your code does not work. :)
After the callback, check state from the url query and then check your state, they are different. In other words, not secure to CRFS and thus invalid.
My code works :)
How to logout and login with another account?
You might need to clear cache and try again to get to the Google OAuth home screen
Melkey, it's not clear... You keep skipping some process and I end up getting "you must select a provider" on my screen
I think you need to pass the provider in the route where you call gothic.BeginAuthHandler()
provider := chi.URLParam(r, "provider")
r = r.WithContext(context.WithValue(context.Background(), "provider", provider))
Yess omg
I got fed up with searching for an 3rd party auth example for go lang and started learning jwts and shizz
Hey Melkey, I am having trouble, where I am encountering a "could not find a matching session for this request". Do you know what my issue could be?
I do want to mention that I am using gorilla mux as my router as well
Do you fix it? Can you help me please?
nice stuff really like your channel :)
Maybe not editing that much. Show the whole setup. Maybe redo this making a vite react app (todo) with go as the backend, chi as api server, postgres for the database (show how to connect to the databased) and auth (can use goauth but instead just printing the user, actually use it and show the worflow with the database). So a full stack tutorial. We will watch even if it is a couple hours. If it goes above an hours break it doen on parts like, "setting the backend" , "setting the frontend", "adding posgres driver", etc.
the maintainer has a medium blog stating he’s not maintaining the package anymore and is looking for someone to take it over. Just so everybody knows
oh what? do you have a link?
@@MelkeyDev hold on i’ll get it but you might have to have a medium premium account though.
Awsome can you provide the repo for your code also ?
I can make a new one!
@@MelkeyDev would be a good idea to ake a new more in depth video about it
This is fire! We need more content like this
hi mate, i really enjoy your content can you do more like this?? , cheers from Chile 🇨🇱
Yeah I can
where the github repo
can you please do one for apple
Timely for me, and appreciated. Thanks.
Youre like, 1 of 4 Go users in the whole world, should def make a whole Go backend series , oauth, api security, etc, backend stuff we should know
More Tutorials please!!!
Okay - what do you want to see?
@@MelkeyDev videos like this one. Go tutorials of things you think are interesting. Cheers!
Can you give this github repo
For this project? or go auth?
This repository, it would be greatly appretiated@@MelkeyDev
@@MelkeyDev For this project. Some parts are missing
no htmx frontend!!?? Melkey, big disappoint
very bad tutorial you are skipping important parts of the video like setting up client id and secret key in google console and also you are skipping without even explaining things well. Now I have to watch another video to finish this. So here is my dislike. Sorry for being rude.
i think same
yup
Love you melkey and your vid’s but I have to agree for once
get gud kid
This garbage channel
Goth has no documentation bro
I looked at it?
Incomplete useless video.
1. You define getAuthCallbakcFunction to handle the route "/auth/{provider/callback" which you never use
2. You never show the actual auth route /auth/{provider} which you route to in your react app's handleLogin function
3. You just print the user in your getAuthCallbackFunction which you never use
make a better one then
@@MelkeyDev bro you're menace lol Love you
you don't need to blast your face on my screen every 10 seconds. jesus christ
what the fuck are you talking about
😂 I still prefer to go with rust
common W!
Great vid! Just found out for my projects ory kratos - perfect solution, oss, selfhosted identity service with social logins etc. Very easy to setup almost all oauth2/oidc providers to sign in with. Highly recommend!