README
¶
oauth2 
Allows your Martini application to support user login via an OAuth 2.0 backend. Requires sessions middleware. Google, Facebook, LinkedIn and Github sign-in are currently supported. Once endpoints are provided, this middleware can work with any OAuth 2.0 backend.
Usage
package main
import (
"github.com/go-martini/martini"
"github.com/martini-contrib/oauth2"
"github.com/martini-contrib/sessions"
)
func main() {
m := martini.Classic()
m.Use(sessions.Sessions("my_session", sessions.NewCookieStore([]byte("secret123"))))
m.Use(oauth2.Google(&oauth2.Options{
ClientId: "client_id",
ClientSecret: "client_secret",
RedirectURL: "redirect_url",
Scopes: []string{"https://www.googleapis.com/auth/drive"},
}))
// Tokens are injected to the handlers
m.Get("/", func(tokens oauth2.Tokens) string {
if tokens.IsExpired() {
return "not logged in, or the access token is expired"
}
return "logged in"
})
// Routes that require a logged in user
// can be protected with oauth2.LoginRequired handler.
// If the user is not authenticated, they will be
// redirected to the login path.
m.Get("/restrict", oauth2.LoginRequired, func(tokens oauth2.Tokens) string {
return tokens.Access()
})
m.Run()
}
If a route requires login, you can add oauth2.LoginRequired to the handler chain. If user is not logged, they will be automatically redirected to the login path.
m.Get("/login-required", oauth2.LoginRequired, func() ...)
Auth flow
/loginwill redirect user to the OAuth 2.0 provider's permissions dialog. If there is anextquery param provided, user is redirected to the next page afterwards.- If user agrees to connect, OAuth 2.0 provider will redirect to
/oauth2callbackto let your app to make the handshake. You need to register/oauth2callbackas a Redirect URL in your application settings. /logoutwill log the user out. If there is anextquery param provided, user is redirected to the next page afterwards.
You can customize the login, logout, oauth2callback and error paths:
oauth2.PathLogin = "/oauth2login"
oauth2.PathLogout = "/oauth2logout"
...
Authors
Documentation
¶
Overview ¶
Package oauth2 contains Martini handlers to provide user login via an OAuth 2.0 backend.
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // Path to handle OAuth 2.0 logins. PathLogin = "/login" // Path to handle OAuth 2.0 logouts. PathLogout = "/logout" // Path to handle callback from OAuth 2.0 backend // to exchange credentials. PathCallback = "/oauth2callback" // Path to handle error cases. PathError = "/oauth2error" )
var LoginRequired martini.Handler = func() martini.Handler { return func(s sessions.Session, c martini.Context, w http.ResponseWriter, r *http.Request) { token := unmarshallToken(s) if token == nil || token.IsExpired() { next := url.QueryEscape(r.URL.RequestURI()) http.Redirect(w, r, PathLogin+"?next="+next, codeRedirect) } } }()
Handler that redirects user to the login page if user is not logged in. Sample usage: m.Get("/login-required", oauth2.LoginRequired, func() ... {})
Functions ¶
func NewOAuth2Provider ¶
Returns a generic OAuth 2.0 backend endpoint.
Source Files