Go login handlers for authentication providers (OAuth1, OAuth2)
2k
Stars
146
Forks
8
Open issues
12
Contributors
AI Analysis
gologin provides chainable HTTP handlers for implementing OAuth1 and OAuth2 authentication flows in Go applications. It supports multiple providers (Google, GitHub, Twitter, Facebook, Bitbucket, Tumblr) and handles both web login flows and mobile token logins by passing authenticated user data through request context. This library is purpose-built for developers who need standardized, composable authentication handlers rather than building OAuth flows from scratch.
Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.
AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.
Lightweight OAuth chainable handlers for Go; narrow but durable niche in simple web auth flows
gologin is a Go library providing pre-built http.Handler chains for OAuth1 and OAuth2 authentication against providers like GitHub, Google, Twitter, and Facebook. It abstracts common login flows by composing handlers that manage state, token exchange, and user fetching. Used by teams building simple web applications requiring social login without the complexity of full-featured proxy or session-layer solutions. Adoption appears limited to direct integrations rather than as a framework dependency.
Created in 2015 by dghubble during the early maturation of Go web standards. Emerged as a convenience wrapper around the standard oauth2 library, addressing the pattern of chaining auth handlers. Has remained relatively stable with periodic maintenance, reflecting steady but not accelerating demand.
Star count plateaued around 2,000 with minimal recent gains (0 stars in past 7 days). Last commit 2026-06-22 indicates active maintenance, but no evidence of viral adoption or new use-case discovery. Growth appears capped by the narrow scope: projects either adopt it early or build custom solutions. Comparable projects (goth, oauth2-proxy) have significantly higher star counts, suggesting gologin occupies a smaller, more specific niche.
Adoption not verified. README cites examples and tutorial apps but does not mention production deployments, organizational use, or case studies. GitHub sponsors badge suggests author receives support, but sponsor count not disclosed. Star count (1,956) and fork count (146) are modest relative to comparable libraries. No public evidence of enterprise adoption or integration into major projects.
Based on README: library provides chainable http.Handler wrappers around golang/oauth2 and custom OAuth1 implementations. Handlers pass user/token data via Go context. Appears to follow idiomatic Go net/http patterns. No assertion possible about internal code quality, error handling rigor, or edge case coverage without source inspection.
README references test workflow badge and examples directory, but does not disclose coverage percentage or testing strategy. CI/CD appears active but depth unknown.
Last push 2026-06-22 (11 days before analysis date) confirms recent activity. GitHub Actions workflow badge present and passing. No recent commits visible in truncated metadata, but push date is current. Suggests active stewardship but likely low commit velocity. No evidence of major version churn or API instability from README.
ADOPT IF: building a Go web app that requires social login via one of the supported providers (GitHub, Google, Twitter, Facebook, etc.), prefers idiomatic Go http.Handler composition, and wants to avoid oauth2 boilerplate without pulling in heavier frameworks. AVOID IF: need multi-provider flexibility beyond included providers, require session management or user persistence (out of scope), or prefer a proxy-based auth layer. MONITOR IF: considering gologin alongside goth; goth's higher adoption and broader provider set may indicate gravitational pull toward that ecosystem over time.
Independent dimensions
Mainstream potential
3/10
Technical importance
6/10
Adoption evidence
2/10
- Narrow provider set: only 6 built-in OAuth providers. Custom OAuth1/2 flows possible but still constrained vs. goth or ory/kratos.
- Adoption plateau: star growth stalled around 2,000. May indicate market saturation in the niche or preference migration toward alternatives (goth, oauth2-proxy).
- Single-maintainer project: author dghubble is primary contributor. Bus factor risk if support lapses, though current maintenance appears steady.
- No session/user management: handlers extract tokens and users but do not implement session storage, cookies, or user persistence. Responsibility passes entirely to caller.
- Provider API churn: social login provider APIs evolve (e.g., Twitter API v2). gologin's pre-built handlers may require updates; no evidence of rapid response cycle to provider changes.
gologin will likely remain a stable, low-churn maintenance project serving its niche of Go developers building simple multi-provider OAuth flows. Unlikely to grow significantly in star count or usage share. May gradually lose relative share to goth (if goth's broader provider set becomes table-stakes) or to custom solutions (if golang/oauth2 continues to mature). Sustainability depends on author's continued willingness to maintain and respond to provider API changes.
Explore similar
Newsletter
Get analyses like this every Monday
Free weekly digest of the most interesting open-source discoveries.
Languages
Information
- Language
- Go
- License
- MIT
- Last updated
- 14h ago
- Created
- 135mo ago
- Analyzed with
- anthropic/claude-haiku-4-5
Stars over time
Contributors over time
Top 100 contributors only — repos with more will plateau at 100.
Open issues
No open issues — clean slate.
Top contributors
Recent releases
Similar repos
oauth2-proxy/oauth2-proxy
OAuth2 Proxy is a reverse proxy and middleware component that adds OAuth2/OIDC...
| Repository | Stars | Week Δ | Language | Score | Updated |
|---|---|---|---|---|---|
|
|
2k | +2 | Go | 8/10 | 14h ago |
|
|
1.3k | — | Go | 8/10 | 13h ago |
|
|
5.9k | — | Go | 8/10 | 4mo ago |
|
|
6.6k | — | Go | 8/10 | 5mo ago |
|
|
14.6k | — | Go | 8/10 | 3d ago |
|
|
2.8k | — | Go | 7/10 | 1mo ago |
Lower-level standard library oauth2 package. gologin wraps this. oauth2 requires more boilerplate but offers maximum flexibility. gologin trades control for convenience in specific provider flows.
Similar scope but broader provider coverage and higher star count (6,568 vs 1,956). goth appears to have captured larger market share for multi-provider login abstractions. gologin's handler-chaining model differs from goth's package-per-provider approach.
Operates at different layer: full reverse proxy + session management. Solves auth for any upstream app, not as a Go library. Much higher adoption (14,612 stars). Incompatible use case: oauth2-proxy for network-level auth, gologin for embedded application logic.
Developers can implement the same flows using oauth2 directly with custom handlers. gologin eliminates repetition but adds a dependency. For simple single-provider auth, custom code may be lower overhead than adding a library.
Full identity platform with user management, MFA, account recovery. Orders of magnitude more complex. gologin solves narrower problem (stateless OAuth handler chains) vs. Kratos's identity-as-a-service. Different abstraction layers.