BasicAuth for APIs in GO

  • Meaning of Authentication.
  • The basic authentication scheme is geared toward user and password management.
  • The bearer authentication scheme is geared toward programmatical access. Popular bearer authentication scheme uses an authentication token. There are many ways to generate this token, such as OAuth2 or JWT, and others.
  • The healthHandler does not require authentication.
  • The messageHandler which does require authentication.
  • Get the token → Add one function called authToken() which is going to get the token from the authorization HTTP header.
  • Get the user from the token → Add one function called userFromToken() which is going to get the user from afore-received token.
  • And if the user is nil, meaning there is a mismatch or unknown user, it’s going to return status unauthorized.
  • Otherwise, we’re going to create a new context where we are going to add the authenticated user to the request context.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store