A simple authentication example

Let's build a secure API that gives access to clients only after logging in. In the process, we will define three endpoints:

  • /login
  • /logout
  • /healthcheck

/healthcheck is the data API, but it first has to log in using the /login endpoint. Our API should reject all unauthenticated requests. Create a project directory called simpleAuth, like this:

mkdir -p $GOPATH/src/github.com/git-user/chapter14/simpleAuthtouch $GOPATH/src/github.com/git-user/chapter14/simpleAuth/main.go

In the program, we can see how to enable session-based authentication to API endpoints using the gorilla/ sessions package. Follow these steps:

  1. We need imports for our program. The main ones are mux and sessions, as seen in the following code ...

Get Hands-On RESTful Web Services with Go - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.