Authentication Recommendations (Go/Vue JS)

blov · · 458 次点击    
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
<p>Looking for recommendations/best practices/guidance on adding authentication to a web portal application. Back end is in Go, front end is a single page application in Vue JS.</p> <p>In our case we would like to first start with something more managed (either self-hosted in a docker, or external service) with UIs/built-in support for things like adding users, setting roles, configuring the emails sent out, forgot password flow. We do plan to later on add more of this functionality into our application (e.g. user registration, internal page to configure user roles).</p> <p>Currently considering:</p> <ul> <li><a href="https://auth0.com/" rel="nofollow">Auth0</a></li> <li><a href="https://firebase.google.com/docs/auth/" rel="nofollow">Firebase authentication</a> </li> <li><a href="http://www.keycloak.org/" rel="nofollow">Keycloak</a> </li> <li><a href="https://github.com/volatiletech/authboss" rel="nofollow">Authboss</a> </li> </ul> <p>Any other tools/platforms we should consider? Does the community here know when authboss will be updated with V2 or why it hasn&#39;t been updated since July 30?</p> <hr/>**评论:**<br/><br/>godlycow78: <pre><p>I was able to spin up my own authentication method really easily for an angular frontend and golang backend using jwt through AWS. Front end grabs a token from cognito and the back end just validates it against a public token key store. This approach could easily be expanded to any token issuing authentication method that your frontend can talk to, including another golang server that issues tokens to validate users. Feel free to PM if any of this might apply to your project, I&#39;d be happy to share them outline of my implementation!</p></pre>alhasaniq: <pre><p>please do share the outline </p></pre>godlycow78: <pre><p>I will be able to in a couple of hours. I&#39;d like to clean it up a bit and add some comments so that it can hopefully be helpful to you.</p></pre>coderjz: <pre><p>Thank you so much! We actually just moved off of AWS and I&#39;m not sure we would want to use Cognito. I&#39;ve explored Auth0 and it seems like this is exactly what they do themselves (with single sign on through the Auth0 platform).</p></pre>godlycow78: <pre><p>Oh yeah, I totally get that. I&#39;m going to be moving off of cognito as soon as I can in favor of my own solution for jwt auth, but it was a quick way to get auth going and make the clients happy. Sorry to be OP-doesn&#39;t-deliver, but I think it will actually be tomorrow, because of those selfsame clients :P edit: it&#39;s like they want software that works or something</p></pre>godlycow78: <pre><p>As long as you have some way to issue tokens, and a public key store for the token set then you should be good to go :)</p></pre>

入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889

458 次点击  
加入收藏 微博
暂无回复
添加一条新回复 (您需要 登录 后才能回复 没有账号 ?)
  • 请尽量让自己的回复能够对别人有帮助
  • 支持 Markdown 格式, **粗体**、~~删除线~~、`单行代码`
  • 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
  • 图片支持拖拽、截图粘贴等方式上传