This package implements an IndieAuth (an identity layer on top of OAuth 2.0) client/authentication middleware.
It implements an IndieAuth Client and will use your own external Authorization Endpoint.
It was designed to replace basic authentication when restricting access to private projects, it does not support multiple users.
Relies on the sessions package from the Gorilla web toolkit.
$ get get a4.io/go/indieauthNote: If you are not using gorilla/mux, you need to wrap your handlers with context.ClearHandler to prevent leaking memory.
package main
import (
"log"
"net/http"
"a4.io/go/indieauth"
"github.com/gorilla/context"
"github.com/gorilla/sessions"
)
var cookieStore = sessions.NewCookieStore([]byte("my-secret"))
func main() {
ia, err:= indieauth.New(cookieStore, "https://my.indie.auth.domain")
if err != nil {
panic(err)
}
iaMiddleware = ia.Middleware()
http.HandleFunc(indieauth.DefaultRedirectPath, ia.RedirectHandler)
http.HandleFunc("/logout", func(w http.ResponseWriter, r *http.Request) {
indie.Logout(w, r)
})
http.Handle("/", iaMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("YAY!"))
})))
log.Fatal(http.ListenAndServe(":8011", context.ClearHandler(http.DefaultServeMux)))
}