How to Implement Authentication Middleware in Go

Implement authentication middleware by creating a function that wraps your handler, checks for credentials in the request headers, and returns a 401 status if they are missing or invalid.

func AuthMiddleware(next http.Handler) http.Handler {
    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        token := r.Header.Get("Authorization")
        if token == "" || !isValidToken(token) {
            http.Error(w, "Unauthorized", http.StatusUnauthorized)
            return
        }
        next.ServeHTTP(w, r)
    })
}

func isValidToken(token string) bool {
    return token == "secret-token" // Replace with real validation logic
}

Apply it to your router using http.HandlerFunc or a framework like gorilla/mux.

Authentication middleware acts like a security guard at the entrance of your application. It checks every incoming request to see if the user has a valid pass (like a token or cookie) before letting them proceed to the actual logic. If the pass is missing or fake, the guard stops the request immediately and sends an error back to the user.