GoAuth Documentation
GoAuth is a modular, framework-agnostic authentication library for Go. Compose the auth features you need β core, session or stateless JWT, 2FA, OAuth, notifications, admin β and plug them into any web framework.
Getting Startedβ
- Introduction β What GoAuth is and how it works
- Installation β Install and set up GoAuth
- Quick Start β Build a working auth system
Modulesβ
Core (auto-registered) β User registration, profile management, password flows, email/phone verification.
Authentication (pick one):
- Session β Server-side sessions with cookie strategies
- Stateless β JWT access + refresh tokens (default)
Optional:
- Notification β Email/SMS delivery
- Two-Factor β TOTP-based 2FA with backup codes
- OAuth β Social login (Google, GitHub, Facebook, Microsoft, Apple, Discord)
- Admin β User CRUD with admin middleware
- Audit β Security event logging
- Captcha β reCAPTCHA v3, Cloudflare Turnstile
- CSRF β Token-based CSRF protection
- Magic Link β Passwordless auth via email
Architectureβ
ββββββββββββββββββββββββββββββββββββββββ
β Your Application β
ββββββββββββββββ¬ββββββββββββββββββββββββ
β
βΌ
ββββββββββββββββββββββββββββββββββββββββ
β GoAuth Instance β
β ββββββββββββββββββββββββββββββββββ β
β β Core Module (Auto) β β
β β Signup, Profile, Passwords, β β
β β Verification β β
β ββββββββββββββββββββββββββββββββββ β
β β
β Auth Strategy (pick one): β
β βββββββββββββββ ββββββββββββββββ β
β β Session β β Stateless β β
β βββββββββββββββ ββββββββββββββββ β
β β
β Optional Modules: β
β βββββββββββββββ ββββββββββββββββ β
β βNotification β β Two-Factor β β
β βββββββββββββββ ββββββββββββββββ β
β βββββββββββββββ ββββββββββββββββ β
β β OAuth β β Captcha β β
β βββββββββββββββ ββββββββββββββββ β
β βββββββββββββββ ββββββββββββββββ β
β β Admin β β CSRF β β
β βββββββββββββββ ββββββββββββββββ β
β βββββββββββββββ ββββββββββββββββ β
β β Audit β β Magic Link β β
β βββββββββββββββ ββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββ
β
βΌ
ββββββββββββββββββββββββββββββββββββββββ
β Storage (GORM: Postgres/MySQL/ β
β SQLite, or custom types.Storage) β
ββββββββββββββββββββββββββββββββββββββββ
Three-Phase Patternβ
// 1. Create
a, _ := auth.New(&config.Config{...})
// 2. Register optional modules
a.Use(twofactor.New(&twofactor.TwoFactorConfig{...}))
// 3. Initialize
a.Initialize(context.Background())
// Serve with adapter
mux := http.NewServeMux()
stdhttp.Register(mux, a)
Framework Integrationβ
Built-in adapters in pkg/adapters/:
stdhttp.Register(mux, a) // net/http
ginadapter.Register(router, a) // Gin
chiadapter.Register(router, a) // Chi
fiberadapter.Register(app, a) // Fiber
Referenceβ
- API Endpoints β REST API documentation
- Core Module β Core module details
- Notification Module β Email/SMS integration