The go-oauth2-server contains simple web forms (which you can style to match your UI) to handle the full authorization and implicit flows of OAuth2 so you would connect to the oauth2 server from your app, log in and be redirected back to the app with authorization code and then the app can obtain access and refresh tokens from the oauth2 server via API call.
This is a normal authorization flow people are used to from Facebook/Github/LinkedIn, works the same way. See README for images of how the forms look out of the box, without any customization.
If you want to have in app login system, then for such scenario usual way I have implemented this before is to have a separate frontend layer and it works something like this:
1) Frontend (mobile/web app) displays login form
2) Enter username and password
3) Use resource owner credentials grant to obtain access token via API call
4) Now you can make authenticated API calls with the access token (and use refresh token in the background to renew your access token)
In case of web application frontend (let's say NodeJS app), the app would store client ID and secret server side (so you would proxy all requests from client app to Node proxy because we don't want to keep client ID and secret in public JS).
Just in addition to my answer above, yes there is a way to log in in my project. See the README which showcases the built in web forms.
The database contains a simple table to store usernames and passwords for resource owner credentials grant.
There is no API for registering a new user account though which is what I meant.
You can do that manually buy running SQL statement to insert new username and password, or by using the cli and load it from fixtures.
How you handle registering user accounts, updating user data, resetting passwords, all of that I wanted to leave open to implementation as there are various ways in which this can be done and other people might prefer one over another so I didn't want to prescribe a specific way to do it.
I offer my preferred implementation using JSON HAL in my extending project I mentioned above. If anybody is interested, they can still fork my example-api and customize that.
This is a normal authorization flow people are used to from Facebook/Github/LinkedIn, works the same way. See README for images of how the forms look out of the box, without any customization.
If you want to have in app login system, then for such scenario usual way I have implemented this before is to have a separate frontend layer and it works something like this:
1) Frontend (mobile/web app) displays login form
2) Enter username and password
3) Use resource owner credentials grant to obtain access token via API call
4) Now you can make authenticated API calls with the access token (and use refresh token in the background to renew your access token)
In case of web application frontend (let's say NodeJS app), the app would store client ID and secret server side (so you would proxy all requests from client app to Node proxy because we don't want to keep client ID and secret in public JS).