Implementing HTTP Basic Auth in Gin

                                                                                                  

# I have been studying Go, specifically gin. I need a quick and dirty authentication for my pet project.

Normally I wouldn't recommend using HTTP/basic auth to secure resources, but for this project I don't have a database, I just provide a few markdown files here and there. So I will use HTTP / basic auth for authentication here.

gin is one of my favorite web frameworks because it has a lot of really cool middleware, it's a bit like the express framework for node.js or hapijs.

Install Gin framework & print Hello World

If you create a gin-http-auth project in the go/src directory, Add the following content to the main.go file of the project:

package main

import "github.com/gin-gonic/gin"

func main() {
    r := gin.Default()
    r.GET("/", func(c *gin.Context) {
        c.JSON(200, gin.H{
            "message": "Hello World!",
        })
    })
    r.Run() //监听 0.0.0.0:8080 
}

Then run the go get command on your terminal, and your project will start running Got it! You now need to start the fresh JSON API by running the following command:

go run main.go

You can enter localhost:8080 in your browser and you should see "message: Hello World!"

Note: Providing an API may be one of the larger use cases for gin, but you can also directly render a series of templates.

Use the Gin framework to implement route protection

---

Suppose you now have a secret method, and you don’t want everyone to access it through the url. This is a special barbecue sauce recipe. Or a love letter with some hidden details!

We need to set up some sample user accounts and create a secret route. Of course, we can also set up a default route /.

Let's take a look at this minimum feasible example:

package main

import (
    "net/http"

    "github.com/gin-gonic/gin"
)

func main() {
    r := gin.Default()

    r.GET("/", func(c *gin.Context) {
        c.JSON(http.StatusOK, gin.H{
            "message": "Hello World!",
        })
    })

    authorized := r.Group("/", gin.BasicAuth(gin.Accounts{
        "user1": "love",
        "user2": "god",
        "user3": "sex",
    }))

    authorized.GET("/secret", func(c *gin.Context) {
        c.JSON(http.StatusOK, gin.H{
            "secret": "The secret ingredient to the BBQ sauce is stiring it in an old whiskey barrel.",
        })
    })

    r.Run() // 监听服务在 0.0.0.0:8080
}

1. Imported one more net/http package in import , used to format the status code of the http response.
2. Some users have been added to the authorized access group.
3. authorized.GET Only allow the user to enter the correct combination. It functions like a normal router, but it requires authentication

When you change the file content, press "CTRL C" to quickly run an instance of the Gin framework and restart it.

When you visit localhost:8080/secret in your browser, you should see a window prompting you to enter your username and password.

If you entered your account and password correctly, you will see the following output:

secret    "The secret ingredient to the BBQ sauce is stiring it in an old whiskey barrel."

That’s it! You created a route in your Go web project that requires http basic auth!

If you want more detailed examples, check out gin's README.md on Github, as it has several great examples!

Recommended tutorial: "Go Tutorial"

The above is the detailed content of Implementing HTTP Basic Auth in Gin. For more information, please follow other related articles on the PHP Chinese website!