Go · Gin

Authentication for Go backends

First-class Gin middleware that validates Authdog sessions on every request and gives you an idiomatic authdog.Context plus a RequireAuth gate — on the same wire as the Node SDKs.

Start building Read the docs

Attach the session

main.go

// main.go
ad, _ := authdog.New(authdog.Config{
  PublicKey: os.Getenv("PK_AUTHDOG"),
})
 
// resolve the session on every request
r.Use(ad.AttachSession())

Idiomatic Gin, not a framework

Everything Go APIs need

A drop-in middleware, a RequireAuth gate, and a typed session context — wire-compatible with the rest of your Authdog stack.

First-class Gin middleware

ad.AttachSession() decorates every gin.Context with an idiomatic *authdog.Context — read it with authdog.FromGin(c) for token, user, and IsAuthenticated.

RequireAuth gate

Mount ad.RequireAuth() on protected routes and Authdog aborts unauthenticated requests with 401 before your handler runs — the real enforcement point.

Validated at startup

authdog.New parses and validates the public key once at boot, so a malformed or untrusted key fails fast instead of at the first request.

Reads the cookie itself

AttachSession reads the authdog-session cookie or an Authorization: Bearer header on its own — no extra cookie library required.

Safe logout handler

ad.Logout clears the session cookie and redirects to a redirect_uri sanitized against open redirects, with Secure set automatically in release mode.

Same wire as Node

It mirrors @authdog/express and @authdog/fastify on the wire, so one Authdog environment serves your Node and Go services interchangeably.

Gate routes with middleware

Protect a route with RequireAuth

Mount ad.RequireAuth() on a route and Authdog rejects unauthenticated requests before your handler runs. Inside, authdog.FromGin(c) gives you the verified user — resolved once per request.

routes.go

// routes.go
r.GET("/me", ad.RequireAuth(),
  func(c *gin.Context) {
    c.JSON(200, authdog.FromGin(c).User)
})

Ship fast, secure Go services

Authdog's Go SDK validates sessions on every request and enforces auth at a single gate, with the public key checked once at startup.

1 Use()

To resolve sessions everywhere

Mount ad.AttachSession() once and every request carries an *authdog.Context — no per-route wiring.

RequireAuth

The single enforcement point

Add ad.RequireAuth() to a route and unauthenticated requests are rejected with 401 before your handler runs.

Extra cookie dependencies

The middleware parses the authdog-session cookie itself, so there's nothing else to wire up.

Add auth to your Go API.

go get the SDK, mount the middleware, and gate your routes with RequireAuth today. Free to start, with secure defaults built in.

Start Building