- Home
- Skills
- Linehaul Ai
- Linehaulai Claude Marketplace
- Goth Fundamentals
goth-fundamentals_skill
- Go
3
GitHub Stars
1
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill linehaul-ai/linehaulai-claude-marketplace --skill goth-fundamentals- SKILL.md7.9 KB
Overview
This skill provides foundational guidance for integrating github.com/markbates/goth into Go web applications. It explains core concepts, essential APIs (Provider, Session, User), and the gothic helper for common auth flows. The goal is to get a developer from zero to a working multi-provider OAuth setup with secure session handling.
How this skill works
The skill walks through installing goth, registering providers at startup, and wiring auth routes that call gothic.BeginAuthHandler and gothic.CompleteUserAuth. It explains session storage via gorilla/sessions, how goth represents users and sessions, and how to refresh tokens when needed. Practical code snippets illustrate provider registration, route handlers, session store configuration, and error handling patterns.
When to use it
- You need quick setup guidance for OAuth in Go using goth
- Implementing sign-in with Google, GitHub, Microsoft, or other providers
- Integrating multi-provider auth into standard net/http handlers or common frameworks
- Securing session storage and managing access/refresh tokens
- Understanding goth types: Provider, Session, and User
Best practices
- Register providers during application initialization and read client secrets from environment variables
- Use a secure server-side session store (gorilla/sessions) and set HttpOnly and Secure flags in production
- Limit OAuth scopes to only what your app needs (e.g., "email", "profile")
- Handle common errors explicitly (access_denied, invalid_grant) and log unexpected failures
- Refresh access tokens before expiry when RefreshTokenAvailable() is true
Example use cases
- Add social login (Google, GitHub, Facebook) to an existing Go web app using goth and gothic handlers
- Implement corporate SSO with Azure AD or Okta by registering the provider and handling callbacks
- Store authenticated user info in server-side sessions and display user profile data (name, avatar, email)
- Support multiple providers on a single auth route by using provider query param or path segment
- Implement token refresh logic for long-lived sessions using provider.RefreshToken
FAQ
Yes. Import each provider package you use (e.g., providers/google, providers/github) and pass instances to goth.UseProviders.
How does gothic select the provider?
By default it checks a "provider" query parameter or the URL path segment; you can override gothic.GetProviderName to customize selection.
Where should I store client secrets and session keys?
Store them in environment variables and load them securely (never commit them). Use a strong SESSION_SECRET for cookie stores.