Containerized BetterAuth and Go?
🤔Question
Svelte Kit
Svelte KitI'm currently working on laying out the architecture/etc. for an app that I want to start working on, and I have a question or two!
I'm wanting to set up BetterAuth in its own Docker container to serve as a standalone auth provider for a project I'm working on.
The front-end will be written with SvelteKit (front-end only) and I had planeed to write the backend API in Go.
The question I have is...after reading the documentation, I wasn't sure if there were any tokens I could use on the backend (accessed on the Go/API side) to handle protecting the API. I know it stores session details in the DB (which will also be in a Docker container)...but are there any details (JWT, for instance) that live on the client (after being logged in) that I can pass to my Go-driven API?
I figured one of two things would need to be done:
- Read/validate a JWT if that's something the client would have when an API endpoint is called
- Read something like the Session token from the client and then check it against the DB manually (access the PostgresDB on the server via Go) to make sure it's good to go.
Which of these things (depending on what's POSSIBLE) is the better plan?
I'm wanting to set up BetterAuth in its own Docker container to serve as a standalone auth provider for a project I'm working on.
The front-end will be written with SvelteKit (front-end only) and I had planeed to write the backend API in Go.
The question I have is...after reading the documentation, I wasn't sure if there were any tokens I could use on the backend (accessed on the Go/API side) to handle protecting the API. I know it stores session details in the DB (which will also be in a Docker container)...but are there any details (JWT, for instance) that live on the client (after being logged in) that I can pass to my Go-driven API?
I figured one of two things would need to be done:
- Read/validate a JWT if that's something the client would have when an API endpoint is called
- Read something like the Session token from the client and then check it against the DB manually (access the PostgresDB on the server via Go) to make sure it's good to go.
Which of these things (depending on what's POSSIBLE) is the better plan?
