Authentication is one of the most important tasks when it comes to development. It is the entry point where we gain the trust of the user and also it is the first point of interaction for the user with any application. And hence it is very important for the Authentication process to be very simple, straight forward and also highly secure.
Here is where OAuth2 comes into play and makes both the user’s and the developer’s life easy. It helps the user by enabling user to sign up and sign in via a few clicks and it helps the developer by taking away creating and validating registration forms and also the major part of the authentication flow by simply providing a way for the user to Authorize permission for any application to access details from another application.
What is OAuth2??
OAuth2 is basically an authorization framework that provides other application to obtain limited access or information with the permission of the user via user accounts from an http service such as google, facebook, github, etc. which we will be referring in our article(s) as social media or social accounts.
The purpose of using oauth is to reduce the work need to be done by the user and the application (work of developers of-course),
But HOW?? → by not needing the user fill long forms to enter data (developer doesn’t need to develop long forms), which we can get from their social accounts. And also to identify user, user does not need to enter email address or username and password, just can click on the social account option to get into the system and provide user identity → Much much less work for all.
Protocol Flow
In this Example I’m using Goth and GoFiber in Golang
Check out this and make a main.go
Get Client Key & Secret Key from Google Developer Console
Config Google Project
First things first, we need to create our Google Project and create OAuth2 credentials.
- Go to Google Cloud Platform
- Create a new project or select one if you already have it.
- Go to Credentials and then create a new one choosing “OAuth client ID”
- Add “authorized redirect URL”, for this example
localhost:8000/auth/google/callback - Copy the client_id and client secret
Set env variables in .env file
Set this And You are good to go
