Product Go Authentication

Authentication in Go

Andrew Israel

2 min read
Authentication in Go

We are thrilled to announce that we now officially support Go! If you want to skip right to it, you can check out our getting started guides or the reference documentation for our Go library.

As with all of our libraries, there are a few major features that we provide:

Straightforward Authentication

When you receive an authenticated request from the frontend, your first question is probably… who is this?

user, err := client.GetUser(r.Header.Get("Authorization"))
if err != nil {
    w.WriteHeader(401)
    return
}
// I now have fields like user.Email or user.UserID

This function makes no external requests, it just validates the authorization header and returns user. You can read more about how to send authenticated requests from the frontend here.

Authorization and Multi-Tenancy

PropelAuth was designed with B2B / Multi-tenant products in mind. We have first class support for organizations and provide self-serve UIs so your users can create organizations, invite their coworkers, manage roles and permissions, setup SAML connections, and more.

On the backend, you can quickly check that the user has the Admin role within their organization:

// Get the org id from the request - this could be a path param, header, query param
orgId := getOrgIdFromRequest(r)
orgMemberInfo, err := user.GetOrgMemberInfo(orgId)
if err != nil {
    w.WriteHeader(403)
    return
}

// Check the users role within the organization
if !orgMemberInfo.IsRole("Admin") {
    w.WriteHeader(403)
    return
}

This can all be easily wrapped up into a middleware function so all you have to do is write:

func fetchBillingInformation(w http.ResponseWriter, req *http.Request) {
    orgMemberInfo := req.Context().Value("org").(*models.OrgMemberInfoFromToken)
    fetchBillingInfoForOrg(orgMemberInfo.OrgID)
}

// ...

http.Handle("/api/billing", requireAdminInOrg(client, fetchBillingInformation))

APIs for Auth

The library also include a number of utility functions that you can use to programmatically manage your users.

One common example is our API to Allow organizations to set up SAML connections. If you are using Stripe to manage your subscriptions, you can set up a webhook when someone upgrades their plan and then automatically give them access to configure a SAML connection.

There’s a lot more to see, so check out the reference docs for all the different APIs you can use.

Summary

We wanted to thank everyone who emailed us asking about Go support (and those of you who built your own unofficial libraries in the meantime 🙂).

We can’t wait to see what you all build!

Ready to get started?

Sign Up