Basic Authentication in Go with Gin

This is short post on adding basic authentication to go applications. Our sample application uses gin web framework

Let’s start by creating a gin router with default middleware, by default it serves on :8080 unless a PORT environment variable was defined

func main(){
	r := gin.Default()
	r.GET("/getAllUsers", basicAuth, handlers.UsersList)
	_ = r.Run()
}

Now that we have our basic route, lets create a method to add authentication logic. Get basic auth credentials from context request and validate them. If user isn’t authenticated, authentication window is prompted with username and password.

func basicAuth(c *gin.Context) {
	// Get the Basic Authentication credentials
	user, password, hasAuth := c.Request.BasicAuth()
	if hasAuth && user == "testuser" && password == "testpass" {
		log.WithFields(log.Fields{
			"user": user,
		}).Info("User authenticated")
	} else {
		c.Abort()
		c.Writer.Header().Set("WWW-Authenticate", "Basic realm=Restricted")
		return
	}
}

Run application

$ go run main.go

Verify if authentication works

$ curl -X GET "http://testuser:testpass@localhost:8080/getAllUsers"