Custom Auth Boilerplate
A reusable and secure set of predefined, pre-tested authentication tools designed to quickly implement custom auth into new Go projects.
What Is This?
This project serves as a proof of concept for custom authentication boilerplate. It demonstrates both session-based and JWT token-based authentication methods that can be adapted and reused across different Go projects.
The goal is to provide developers with a solid foundation of security-focused, battle-tested components that can be quickly integrated into new applications without reinventing the wheel each time.
Supported Authentication Methods
Session-Based Auth
Traditional server-side session management with secure cookie handling and database-backed session storage.
- Secure HTTP-only cookies
- Server-side session storage
- Automatic session renewal
- CSRF protection
JWT Token Auth
Stateless authentication using JSON Web Tokens with refresh token rotation and secure storage patterns.
- Access + Refresh tokens
- Token rotation strategy
- Stateless verification
- API-friendly design
Key Features
Security First
Built with security best practices including bcrypt hashing, secure sessions, and protection against common vulnerabilities.
Quick Integration
Drop-in components and clear patterns that can be adapted to any Go project within minutes.
Modular Design
Pick and choose the components you need. Use sessions, JWT, or both depending on your requirements.
Pre-Tested
All authentication flows have been tested for common edge cases and security scenarios.
Role-Based Access
Built-in support for user roles (Developer, Admin, User) with customizable permission levels.
2FA Support
Two-factor authentication with TOTP, recovery codes, and secure enable/disable flows.
Built With
Ready to Explore??
Try out the authentication flows by creating an account or logging in. Experience the full cycle of signup, email verification, login, 2FA, and account management.