A web application boilerplate with stateful authentication using the GOTTH (golang, templ, tailwind, HTMX) stack:
- Go
- Chi Lightweight and idiomatic router for Go
- Templ - Type-safe templates for Go
- Tailwind CSS - CSS framework
- HTMX - Modern frontend interactivity without JavaScript frameworks
- PostgreSQL + SQLx - Database and SQL handling
- Air - Live reload for development
Ensure you have the following installed before starting:
- Go 1.20+
- Node.js and npm
- PostgreSQL
-
Clone the repository
git clone https://github.com/lordaris/gotth-boilerplate cd gotth-boilerplate -
Install Go dependencies
go mod tidy
-
Install Node dependencies
npm install
-
Configure the PostgreSQL database
- Set up your database and update the connection details in the environment configuration.
- Create a .env file in the main folder and add the following content:
# Database Configuration
DB_HOST=localhost
DB_PORT=5432
DB_USER=postgres
DB_PASSWORD=postgres
DB_NAME=gotth_boilerplate
# Server Configuration
PORT=8080This .env file is essential for storing sensitive configuration values and should not be committed to version control.
- Run database migrations
make db-migrate- Start the development server
make dev- Visit
http://localhost:8080in your browser.
This project includes a Makefile to simplify common operations, just remove the "copy" text from the file name and modify the project and database variables to your own:
# Install required tools
make install-tools
# Start development environment (Air + Tailwind)
make dev
# Database operations
make db-create # Create the database
make db-migrate # Run migrations
make db-reset # Reset the database
# Generate Templ files
make generate-templ
# See all available commands
make helpStateful Login System
In this boilerplate, the login system has been upgraded to use a stateful approach, meaning sessions are maintained with cookies on the client-side. Upon logging in, a session token is stored in an HTTP-only cookie, which is used for subsequent requests to authenticate the user. This is a more secure approach compared to stateless systems like JWTs because the session token remains on the client and is tied to a session on the server-side. Improvements with State Management:
Session management: Instead of relying on tokens passed with each request, the server maintains sessions tied to cookies. Logout functionality: Logs out the user by clearing the session cookie, ensuring no leftover sessions are active. Redirect after logout: After logging out, users are automatically redirected to the home page or the login page as configured.
Session Flow: Login: When a user logs in, the server creates a session and stores the session ID in an HTTP-only cookie. Authentication: For every request, the server retrieves the session cookie to authenticate the user. Logout: The session cookie is cleared, and the user is logged out.
- Better HTMX usage: As I'm still learning HTMX, the implementation isn't perfect. Expect improvements in the future.
- General refinements: UI, error handling, and overall experience will be enhanced over time.
- Add CRUD elements
For now, if you modify a templ file, run:
make generate-templand restart the server using:
make run # or make devFeel free to improve on this template and make it your own. Happy coding!