Go social authorizations using OAuth
MIT License
Auth is a package that provides OAuth endpoints for social logins and issues a JWT to be used for subsequent API calls.
Supported:
Client - front-end web application, ie. the browser that the user controls Server - our API server that requires authentications for its endpoints Provider - the OAuth2 service that provides us with authorization to the user's data
In order to prevent CSRF, or at least mitigate it, a few measures have been implemented.
Origin
header and the Referrer
header, making sure it is the same as the server's host. This prevents users from being redirected into a POST action from another website.Released under the MIT license.