In this chapter, we added a useful and necessary feature to our chat application by asking users to authenticate themselves using OAuth2 service providers, before allowing them to join the conversation. We made use of several open source packages such as Objx
and Gomniauth
, which dramatically reduced the amount of multi-server complexity we would otherwise need to deal with.
We implemented a pattern when we wrapped http.Handler
types to allow us to easily specify which paths require the user to be authenticated, and which were available even without an auth
cookie. Our MustAuth
helper function allowed us to generate the wrapper types in a fluent and simple way, without adding clutter and confusion to our code.
We saw how to use cookies and Base64-encoding to safely (although not securely) store the state of particular users in their browser, and to make use of that data over normal connections and through web sockets. We took more control of the data available to our templates in order...