feat: Implement OAuth2 authentication with Google and GitHub support, including configuration and UI updates

Author: iFurySt

.env.example

@@ -232,6 +232,28 @@ OAUTH2_REDIS_DB=0
 # Path to translation files for multi-language support
 APISERVER_I18N_PATH=/etc/unla/i18n
 
+# =============================================================================
+# EXTERNAL OAUTH PROVIDERS
+# =============================================================================
+
+# Google OAuth Configuration
+# Get these from Google Cloud Console: https://console.cloud.google.com/
+# 1. Create a new project or select existing one
+# 2. Enable Google+ API
+# 3. Create OAuth 2.0 credentials
+# 4. Add authorized redirect URIs: http://localhost:5234/api/auth/oauth/google/callback
+GOOGLE_OAUTH_CLIENT_ID=
+GOOGLE_OAUTH_CLIENT_SECRET=
+GOOGLE_OAUTH_REDIRECT_URI=http://localhost:5234/api/auth/oauth/google/callback
+
+# GitHub OAuth Configuration
+# Get these from GitHub Settings: https://github.com/settings/developers
+# 1. Register a new OAuth App
+# 2. Set Authorization callback URL: http://localhost:5234/api/auth/oauth/github/callback
+GITHUB_OAUTH_CLIENT_ID=
+GITHUB_OAUTH_CLIENT_SECRET=
+GITHUB_OAUTH_REDIRECT_URI=http://localhost:5234/api/auth/oauth/github/callback
+
 # =============================================================================
 # STRIPE PAYMENT CONFIGURATION (PRO VERSION)
 # =============================================================================

.gitignore

@@ -73,4 +73,5 @@ data
 dist
 bin
 
-.history/*
+.history/*
+apiserver

cmd/apiserver/main.go

@@ -10,6 +10,7 @@ import (
 	"github.com/amoylab/unla/internal/apiserver/database"
 	apiserverHandler "github.com/amoylab/unla/internal/apiserver/handler"
 	"github.com/amoylab/unla/internal/apiserver/middleware"
+	"github.com/amoylab/unla/internal/auth"
 	"github.com/amoylab/unla/internal/auth/jwt"
 	"github.com/amoylab/unla/internal/common/cnst"
 	"github.com/amoylab/unla/internal/common/config"
@@ -149,10 +150,25 @@ func initRouter(db database.Database, store storage.Store, ntf notifier.Notifier
 		SecretKey: cfg.JWT.SecretKey,
 		Duration:  cfg.JWT.Duration,
 	})
+	
+	// Initialize OAuth auth service (for external providers)
+	authService, err := auth.NewAuth(logger, cfg.Auth)
+	if err != nil {
+		logger.Fatal("Failed to initialize auth service", zap.Error(err))
+	}
+	
 	authH := apiserverHandler.NewHandler(db, jwtService, mcpCfg, logger)
+	oauthH := apiserverHandler.NewOAuthHandler(db, jwtService, authService, logger)
 
 	authG := r.Group("/api/auth")
 	authG.POST("/login", authH.Login)
+	
+	// OAuth routes
+	authG.GET("/oauth/providers", oauthH.GetOAuthProviders)
+	authG.GET("/oauth/google/login", oauthH.GoogleLogin)
+	authG.GET("/oauth/google/callback", oauthH.GoogleCallback)
+	authG.GET("/oauth/github/login", oauthH.GitHubLogin)
+	authG.GET("/oauth/github/callback", oauthH.GitHubCallback)
 
 	// Protected routes
 	protected := r.Group("/api")

configs/apiserver.yaml

@@ -91,3 +91,17 @@ stripe:
   success_url: "${STRIPE_SUCCESS_URL:https://amoylab.com}"
   cancel_url: "${STRIPE_CANCEL_URL:https://amoylab.com}"
   webhook_secret: "${STRIPE_WEBHOOK_SECRET:whsec_}"
+
+# Authentication configuration
+auth:
+  # Google OAuth configuration (optional)
+  google:
+    client_id: "${GOOGLE_OAUTH_CLIENT_ID:}"
+    client_secret: "${GOOGLE_OAUTH_CLIENT_SECRET:}"
+    redirect_uri: "${GOOGLE_OAUTH_REDIRECT_URI:http://localhost:5234/api/auth/oauth/google/callback}"
+  
+  # GitHub OAuth configuration (optional)
+  github:
+    client_id: "${GITHUB_OAUTH_CLIENT_ID:}"
+    client_secret: "${GITHUB_OAUTH_CLIENT_SECRET:}"
+    redirect_uri: "${GITHUB_OAUTH_REDIRECT_URI:http://localhost:5234/api/auth/oauth/github/callback}"

internal/auth/auth.go

@@ -15,6 +15,10 @@ type Auth interface {
 	OAuth2
 	IsOAuth2Enabled() bool
 	GetOAuth2CORS() *config.CORSConfig
+	GetGoogleOAuth() ExternalOAuth
+	GetGitHubOAuth() ExternalOAuth
+	IsGoogleOAuthEnabled() bool
+	IsGitHubOAuthEnabled() bool
 }
 
 type OAuth2 interface {
@@ -66,6 +70,8 @@ type ClientRegistrationResponse struct {
 type auth struct {
 	OAuth2
 	cfg config.AuthConfig
+	googleOAuth *GoogleOAuth
+	githubOAuth *GitHubOAuth
 }
 
 // NewAuth creates a new auth oauth based on the configuration
@@ -80,6 +86,12 @@ func NewAuth(logger *zap.Logger, cfg config.AuthConfig) (Auth, error) {
 		}
 		a.OAuth2 = oauth2
 	}
+	if cfg.Google != nil {
+		a.googleOAuth = NewGoogleOAuth(logger, *cfg.Google)
+	}
+	if cfg.GitHub != nil {
+		a.githubOAuth = NewGitHubOAuth(logger, *cfg.GitHub)
+	}
 	return a, nil
 }
 
@@ -101,3 +113,23 @@ func (a *auth) ValidateToken(ctx context.Context, token string) error {
 
 	return a.OAuth2.ValidateToken(ctx, token)
 }
+
+// GetGoogleOAuth returns the Google OAuth provider
+func (a *auth) GetGoogleOAuth() ExternalOAuth {
+	return a.googleOAuth
+}
+
+// GetGitHubOAuth returns the GitHub OAuth provider
+func (a *auth) GetGitHubOAuth() ExternalOAuth {
+	return a.githubOAuth
+}
+
+// IsGoogleOAuthEnabled returns true if Google OAuth is enabled
+func (a *auth) IsGoogleOAuthEnabled() bool {
+	return a.cfg.Google != nil && a.googleOAuth != nil
+}
+
+// IsGitHubOAuthEnabled returns true if GitHub OAuth is enabled
+func (a *auth) IsGitHubOAuthEnabled() bool {
+	return a.cfg.GitHub != nil && a.githubOAuth != nil
+}