MCPcopy Index your code
hub / github.com/Darkness4/auth-htmx

github.com/Darkness4/auth-htmx @v1.6.2

Chat with this repo
repository ↗ · DeepWiki ↗ · release v1.6.2 ↗ · + Follow
111 symbols 287 edges 21 files 67 documented · 60% updated 1d ago★ 1071 open issues
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Go + HTMX + OAuth2/OIDC + WebAuthn

A very simple example HTMX with OAuth2 with:

  • Go HTML templating engine.
  • HTMX solution for SSR.
  • OAuth2 with Github Auth and OIDC. OAuth2 delegates authentication to another authentication service. OIDC provides identities.
  • CSRF protection measures for OAuth2 and all requests.
  • SQLite3 with sqlc and golang-migrate.
  • Optional users in database as Identity Provider. Authentication is through WebAuthn, a solution to delegate authentication directly to the user.
  • JWT is used a session token.

Embellishment:

  • Notyf to notify about errors, include HTMX errors.
  • Added Hyperscript for edge cases.

Motivation

For the hype.

Usage

  1. Edit the config.yaml to set the OAuth2 providers.

  2. Set the necessary parameters or environment variables:

shell ## .env.local ## A 32 bytes hex secret () CSRF_SECRET=51b22632498f26d9131c4743b72c362567b5b4c96ac5e0f4fef7cb58ecac5684 ## A unique string secret JWT_SECRET=secret ## PUBLIC_URL will be used as redirect url which is ${PUBLIC_URL}/callback PUBLIC_URL=http://localhost:3000 # redirectURL: http://localhost:3000/callback DB_PATH=/data/db.sqlite3 # CONFIG_PATH=/path/to/config.yaml

  1. Run the binary:

shell ./auth-htmx

Help:

NAME:
   auth-htmx - Demo of Auth and HTMX.

USAGE:
   auth-htmx [global options] command [command options] [arguments...]

COMMANDS:
   help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --csrf.secret value            A 32 bytes hex secret [$CSRF_SECRET]
   --jwt.secret value             A unique string secret [$JWT_SECRET]
   --config.path value, -c value  Path of the configuration file. (default: "./config.yaml") [$CONFIG_PATH]
   --public-url value             An URL pointing to the server. (default: "http://localhost:3000") [$PUBLIC_URL]
   --db.path value                SQLite3 database file path. (default: "./db.sqlite3") [$DB_PATH]
   --help, -h                     show help
   --version, -v                  print the version

Application Flow

  • A home page:
  • Show login button if not logged in.
  • Else, show a welcome with routing.
  • A protected counter page.

The login process follows the standard OAuth2 process, which is fully documented on GitHub.

Fetching identity is through OIDC or GitHub API.

Extension points exported contracts — how you extend this code

Core symbols most depended-on inside this repo

Shape

Method 62
Struct 23
Function 19
Interface 4
TypeAlias 2
FuncType 1

Languages

Go100%

Modules by API surface

database/queries.sql.go14 symbols
jwt/jwt.go12 symbols
database/user/user_repository.go10 symbols
database/user/user.go9 symbols
auth/webauthn/webauthn.go9 symbols
database/db.go8 symbols
auth/webauthn/user/user_repository.go8 symbols
auth/oauth/oauth_provider.go8 symbols
auth/oauth/oauth_github_provider.go5 symbols
database/counter/counter.go4 symbols
auth/webauthn/session/memory/memory_session_store.go4 symbols
main.go3 symbols

For agents

$ claude mcp add auth-htmx \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact

Ask about this repo answers extend the page