I hope you enjoy this longer tutorial style video! Let me know if you enjoy this style of content - been experimenting a lot with different types of videos! Please make sure to comment + like - the algo loves it
@@amardeepsingh1168 I asked for a full series on this actually 😃 @MelkeyDev hey man i see opportunity. 🤷🏾♂️ Maybe even a paid course some day. A lot of us are a bit off in putting all these pieces together and sometimes the examples are to complicated, require to clone and work on a project we didn’t create ourselves or minimal with the, oh you can figure it out 😂🫡. Just saying.
A complete implementation of authentication with cookies, permissions, middleware using this library would be great help. Thanks for share your knolage ^^
How about performance consederations? if I did not need more than 3 oauth services, using the built in go oauth package may be a better choice, what's your take, but at the end it all make sense what to choose
I have a question and I would appreciate if you can answer it: After successful authentication how could I validate the tokens of different providers in the authorization middleware. For example I have a protected route and I want to validate the authorization token before giving access to the route
Would be nice to see beyond from that, like storing the User in your "user" table in a database. This way you can handle a signup and signin for the user. Couldn't find any example of that online. In other languages is plenty of it, like Node with Prisma and Nextauth for Oauth.
I think there are too many jumpy cuts. I followed this very closely while looking at the repo and the video leaves out the "beginAuthProviderCallback" function, without which this won't work. But most importantly I don't understand the use of context here and would have liked more details about that. On the upside it made me curious so I looked it up.
A small creature is sitting under your nose. I know you can't see it so I thought I'd point it out for you. Great video by the way, I've been binge watching your channel.
Great video, has helped my out with implementing this exact thing in my project! I think having a way to view the final code for at least the implementation of the goth authorization functions in the backend could be helpful. You mentioned copy and pasting 2 of the 3 functions from goth accross to save video time, but being able to see the end result of that and how it all should fit together could help make it clearer for people. Very helpful video regardless, thanks.
noice, I struggled a little bit to implement github oauth in my Golang x Sveltekit app recently. Will probably rewrite it using goth cos it looks so much cleaner than my implementation. That editing tho! 🙌
Can you please share source code of that example with us? I have been trying to implement google oauth for days, but I’m facing cors error from google any ways. I appreciate any kind of help
The cookie is for storing acsess token on the client. To make your app more secure, the access token should not be passed directly to the user. Instead, create a session token that is sent to the user as a cookie. The app will maintain a mapping of the session tokens to access tokens on the server side (most likely a database).
You should've used `r.Context()` when you use `r.WithContext` instead of `context.Background()`. If the client closes the connection, you do not want to waste time on the auth flow. Take advantage of the context that comes with the request.
I think you need to pass the provider in the route where you call gothic.BeginAuthHandler() provider := chi.URLParam(r, "provider") r = r.WithContext(context.WithValue(context.Background(), "provider", provider))
Your code does not work. :) After the callback, check state from the url query and then check your state, they are different. In other words, not secure to CRFS and thus invalid.
Maybe not editing that much. Show the whole setup. Maybe redo this making a vite react app (todo) with go as the backend, chi as api server, postgres for the database (show how to connect to the databased) and auth (can use goauth but instead just printing the user, actually use it and show the worflow with the database). So a full stack tutorial. We will watch even if it is a couple hours. If it goes above an hours break it doen on parts like, "setting the backend" , "setting the frontend", "adding posgres driver", etc.
Incomplete useless video. 1. You define getAuthCallbakcFunction to handle the route "/auth/{provider/callback" which you never use 2. You never show the actual auth route /auth/{provider} which you route to in your react app's handleLogin function 3. You just print the user in your getAuthCallbackFunction which you never use
very bad tutorial you are skipping important parts of the video like setting up client id and secret key in google console and also you are skipping without even explaining things well. Now I have to watch another video to finish this. So here is my dislike. Sorry for being rude.
Great vid! Just found out for my projects ory kratos - perfect solution, oss, selfhosted identity service with social logins etc. Very easy to setup almost all oauth2/oidc providers to sign in with. Highly recommend!
![BLACK BAG - Official Trailer [HD] - Only in Theaters March 14](http://i.ytimg.com/vi/Du0Xp8WX_7I/mqdefault.jpg)
I hope you enjoy this longer tutorial style video!
Let me know if you enjoy this style of content - been experimenting a lot with different types of videos!
Please make sure to comment + like - the algo loves it
blurs email, leaks email in the console output. lol
I prefer the longer videos. They provide more context and show me how you think as a developer with golang.
Can you please extend this video how auth can utilised for auhtnicating other api ?
@@amardeepsingh1168 I asked for a full series on this actually 😃 @MelkeyDev hey man i see opportunity. 🤷🏾♂️ Maybe even a paid course some day. A lot of us are a bit off in putting all these pieces together and sometimes the examples are to complicated, require to clone and work on a project we didn’t create ourselves or minimal with the, oh you can figure it out 😂🫡. Just saying.
The state parameter passed from login to callback differs, thus is not secure from CRFS.
“I do not want you to show my email” a few second later the email is printed out in the console.
Nice 😂
Maybe a whole backend tutorial series to combine it all and we all become golang ninjas 😅
A complete implementation of authentication with cookies, permissions, middleware using this library would be great help. Thanks for share your knolage ^^
I really appreciate this comment
i agree, even just authorization on routes would be really great
The one video i needed for my project
How about performance consederations? if I did not need more than 3 oauth services, using the built in go oauth package may be a better choice, what's your take, but at the end it all make sense what to choose
I have a golang api only project. How can I use it with a mobile app? Since there is no redirect to the mobile application
I have a question and I would appreciate if you can answer it: After successful authentication how could I validate the tokens of different providers in the authorization middleware. For example I have a protected route and I want to validate the authorization token before giving access to the route
Would be nice to see beyond from that, like storing the User in your "user" table in a database. This way you can handle a signup and signin for the user.
Couldn't find any example of that online. In other languages is plenty of it, like Node with Prisma and Nextauth for Oauth.
I think there are too many jumpy cuts. I followed this very closely while looking at the repo and the video leaves out the "beginAuthProviderCallback" function, without which this won't work. But most importantly I don't understand the use of context here and would have liked more details about that. On the upside it made me curious so I looked it up.
Appreciate the feedback banafish
A small creature is sitting under your nose. I know you can't see it so I thought I'd point it out for you. Great video by the way, I've been binge watching your channel.
Hahah thank you
The creature is gone in the newer videos :)
Let’s goooo Go auth video dropped, putting a suit on one sec!!!
Awesome video! Exactly what I was looking for.
Fun fact: I watch your video on 0.8x speed
Great video, has helped my out with implementing this exact thing in my project! I think having a way to view the final code for at least the implementation of the goth authorization functions in the backend could be helpful. You mentioned copy and pasting 2 of the 3 functions from goth accross to save video time, but being able to see the end result of that and how it all should fit together could help make it clearer for people. Very helpful video regardless, thanks.
That's a great idea!
Any idea how to manage this from a mobile app using dart or react native instead of the web interface?
noice, I struggled a little bit to implement github oauth in my Golang x Sveltekit app recently. Will probably rewrite it using goth cos it looks so much cleaner than my implementation. That editing tho! 🙌
Yo can I have your repo link?
@@CuongNguyen-gu9flhey, sorry but I ultimately ditched the github oauth all together xD not sure if you still want the repo link after hearing that
As you said at the beginning, I have been looking for a video like this, great video!! Ps: How does teej feels about you using vsode?
I am new to golang and I was searching for some times now, thank you boss
Can you please share source code of that example with us?
I have been trying to implement google oauth for days, but I’m facing cors error from google any ways.
I appreciate any kind of help
I think you need to first implement the integration with google oauth yourself to understand how things work and only then go to libraries
What console do you use? seems prett6 different from wsl
Just the standard console from Ubuntu lol
You can call it a complete tutorial when you store the user on the database, setup the cookies and create a profile page.
I can add it to a future tutorial if you want, I didnt want to overload with so much information into one video.
I can't get redirected URI right for some reason.
What is the issue?
@@MelkeyDevI was silly, didn't put the correct redirect URL.
Thanks for your video, but another video using it with an endpoint would be nice.
Hey Melkey, I am having trouble, where I am encountering a "could not find a matching session for this request". Do you know what my issue could be?
I do want to mention that I am using gorilla mux as my router as well
Do you fix it? Can you help me please?
Nice one definitely would like to see more of this type of stuff from you, great tutorial
Thanks, will do!
Pure gold! Thanks for sharing. It was just I needed
As usual, amazing work!
Thank you! Cheers!
Thank you very much for this clear and detailed tutorial. It was a big help.
Helpful vid! However wondering what the purpose is of the cookie store? Does this send a cookie back to client?
The cookie is for storing acsess token on the client. To make your app more secure, the access token should not be passed directly to the user. Instead, create a session token that is sent to the user as a cookie. The app will maintain a mapping of the session tokens to access tokens on the server side (most likely a database).
how can frontend know if user is authenticated??
You would need to do something with a session token
You could also create your own JWT from the user email and user ID for the session. I just used the OAuth for fast sign-up/sign-in.
You should've used `r.Context()` when you use `r.WithContext` instead of `context.Background()`. If the client closes the connection, you do not want to waste time on the auth flow. Take advantage of the context that comes with the request.
Melkey, it's not clear... You keep skipping some process and I end up getting "you must select a provider" on my screen
I think you need to pass the provider in the route where you call gothic.BeginAuthHandler()
provider := chi.URLParam(r, "provider")
r = r.WithContext(context.WithValue(context.Background(), "provider", provider))
Your code does not work. :)
After the callback, check state from the url query and then check your state, they are different. In other words, not secure to CRFS and thus invalid.
My code works :)
Liked and subscribed - thanks for the great content my dude
Awsome can you provide the repo for your code also ?
I can make a new one!
@@MelkeyDev would be a good idea to ake a new more in depth video about it
the maintainer has a medium blog stating he’s not maintaining the package anymore and is looking for someone to take it over. Just so everybody knows
oh what? do you have a link?
@@MelkeyDev hold on i’ll get it but you might have to have a medium premium account though.
hi mate, i really enjoy your content can you do more like this?? , cheers from Chile 🇨🇱
Yeah I can
How to logout and login with another account?
You might need to clear cache and try again to get to the Google OAuth home screen
Maybe not editing that much. Show the whole setup. Maybe redo this making a vite react app (todo) with go as the backend, chi as api server, postgres for the database (show how to connect to the databased) and auth (can use goauth but instead just printing the user, actually use it and show the worflow with the database). So a full stack tutorial. We will watch even if it is a couple hours. If it goes above an hours break it doen on parts like, "setting the backend" , "setting the frontend", "adding posgres driver", etc.
Thanks man! love this content
nice stuff really like your channel :)
Yess omg
I got fed up with searching for an 3rd party auth example for go lang and started learning jwts and shizz
can you please do one for apple
where the github repo
More Tutorials please!!!
Okay - what do you want to see?
@@MelkeyDev videos like this one. Go tutorials of things you think are interesting. Cheers!
This is fire! We need more content like this
Can you give this github repo
For this project? or go auth?
This repository, it would be greatly appretiated@@MelkeyDev
@@MelkeyDev For this project. Some parts are missing
Youre like, 1 of 4 Go users in the whole world, should def make a whole Go backend series , oauth, api security, etc, backend stuff we should know
no htmx frontend!!?? Melkey, big disappoint
Timely for me, and appreciated. Thanks.
Goth has no documentation bro
I looked at it?
😂 I still prefer to go with rust
Incomplete useless video.
1. You define getAuthCallbakcFunction to handle the route "/auth/{provider/callback" which you never use
2. You never show the actual auth route /auth/{provider} which you route to in your react app's handleLogin function
3. You just print the user in your getAuthCallbackFunction which you never use
make a better one then
@@MelkeyDev bro you're menace lol Love you
very bad tutorial you are skipping important parts of the video like setting up client id and secret key in google console and also you are skipping without even explaining things well. Now I have to watch another video to finish this. So here is my dislike. Sorry for being rude.
i think same
yup
Love you melkey and your vid’s but I have to agree for once
get gud kid
This garbage channel
common W!
you don't need to blast your face on my screen every 10 seconds. jesus christ
what the fuck are you talking about
Great vid! Just found out for my projects ory kratos - perfect solution, oss, selfhosted identity service with social logins etc. Very easy to setup almost all oauth2/oidc providers to sign in with. Highly recommend!