A lightweight, secure authentication API built with Go that provides user registration, login, session management, and user data retrieval capabilities.
π Table of Contents
- User Registration: Secure user account creation with password hashing (bcrypt)
- User Authentication: Login with email/nickname and password
- Session Management: UUID-based sessions with 24-hour expiration
- Authorization Validation: Verify active sessions
- User Data Retrieval: Get authenticated user information
- Secure Logout: Session termination and cleanup
- SQLite Database: Lightweight, embedded database storage
- Docker Support: Containerized deployment ready
- Go 1.20 or higher
- SQLite3
- Docker (optional, for containerized deployment)
-
Clone the repository
git clone <your-repo-url> cd authAPI
-
Install dependencies
go mod download
Or install packages individually:
go get golang.org/x/crypto/bcrypt go get github.com/mattn/go-sqlite3 go get github.com/google/uuid
-
Run the server
go run main.go
Note: The database will be automatically created on first run in
./databases/auth.db
-
Build the Docker image
docker build -t authapi . -
Run the container
docker run -p 8081:8081 -v $(pwd)/databases:/app/databases authapi
-
Start the server
go run main.go
-
Server will be available at
http://localhost:8081 -
Test the API
# Register a new user curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "register", "body": { "nickname": "johndoe", "age": 30, "gender": "male", "firstName": "John", "lastName": "Doe", "email": "john.doe@example.com", "password": "securePassword123" } }'
All requests are sent as POST to the root endpoint (/) with a JSON body containing an action field and a body field.
Create a new user account.
Request:
{ "action": "register", "body": { "nickname": "string", "age": "int", "gender": "string", "firstName": "string", "lastName": "string", "email": "string", "password": "string" } }Response:
- Status:
201 Created - Body:
"New user created"
Example:
curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "register", "body": { "nickname": "exampleNickname", "age": 30, "gender": "male", "firstName": "John", "lastName": "Doe", "email": "john.doe@example.com", "password": "securePassword123" } }'Authenticate a user and receive session information.
Request:
{ "action": "login", "body": { "identifier": "string (email or nickname)", "password": "string" } }Response:
- Status:
200 OK - Body: User data object with session information
Example:
curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "login", "body": { "identifier": "john.doe@example.com", "password": "securePassword123" } }'Verify if a session is valid.
Request:
{ "action": "authorized", "body": { "sessionID": "string (UUID)" } }Response:
- Status:
202 Accepted - Body:
"The session is valid"
Example:
curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "authorized", "body": { "sessionID": "6a09a3da-26ee-4b35-870c-d7a4f22f939c" } }'Terminate a user session.
Request:
{ "action": "logout", "body": { "sessionID": "string (UUID)" } }Response:
- Status:
200 OK - Body:
"The session is deleted"
Example:
curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "logout", "body": { "sessionID": "6a09a3da-26ee-4b35-870c-d7a4f22f939c" } }'Retrieve authenticated user information.
Request:
{ "action": "getUserData", "body": { "sessionID": "string (UUID)" } }Response:
- Status:
200 OK - Body: User data object
Example:
curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "getUserData", "body": { "sessionID": "6a09a3da-26ee-4b35-870c-d7a4f22f939c" } }'authAPI/ βββ main.go # Application entry point βββ go.mod # Go module definition βββ go.sum # Go dependencies checksum βββ Dockerfile # Docker configuration βββ README.md # This file βββ databases/ # Database files and SQL scripts β βββ sqlRequests/ β βββ createTable.sql β βββ insertNewSession.sql β βββ insertNewUser.sql βββ internals/ # Internal application logic β βββ dbManager/ # Database initialization β β βββ initDB.go β βββ handlers/ # HTTP request handlers β β βββ mainHandler.go β β βββ registerHandler.go β β βββ loginHandler.go β β βββ authorized.go β β βββ logoutHandler.go β β βββ getUserDataHandler.go β βββ tools/ # Utility functions β βββ utils.go βββ models/ # Data models β βββ user.go β βββ session.go β βββ request.go βββ script/ # Utility scripts βββ init.sh βββ push.sh This project uses the following Go packages:
- bcrypt: Password hashing and verification
- go-sqlite3: SQLite database driver
- uuid: UUID generation for sessions
# Build the binary go build -o authapi-server # Run the binary ./authapi-server# Build and run with Docker docker build -t authapi . docker run -p 8081:8081 -v $(pwd)/databases:/app/databases authapiComplete test suite with example commands:
curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "register", "body": { "nickname": "testuser", "age": 25, "gender": "female", "firstName": "Jane", "lastName": "Smith", "email": "jane.smith@example.com", "password": "testPassword456" } }'curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "login", "body": { "identifier": "jane.smith@example.com", "password": "testPassword456" } }'curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "authorized", "body": { "sessionID": "YOUR_SESSION_ID_HERE" } }'curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "getUserData", "body": { "sessionID": "YOUR_SESSION_ID_HERE" } }'curl -X POST http://localhost:8081/ \ -H "Content-Type: application/json" \ -d '{ "action": "logout", "body": { "sessionID": "YOUR_SESSION_ID_HERE" } }'Contributions are welcome! Please feel free to submit a Pull Request.
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
Note: This API is designed for educational purposes. For production use, consider additional security measures such as HTTPS, rate limiting, input validation, and comprehensive error handling.
β Star this repository if you found it helpful! β
Made with β€οΈ from πΈπ³