Single Sign-On (SSO) service with OAuth/OIDC support, admin management, and a web admin UI.
- OAuth 2.0 + OIDC endpoints
- Admin setup and user management
- Role/permission model
- Scope management
- Web admin UI (Astro + React)
- Go 1.25.6+
- Node.js 20+ (for frontend dev)
- PostgreSQL 18+ (or SQLite for local testing)
- Docker (optional)
- Build and run:
docker-compose up -d --build- API health check:
curl http://localhost:8080/healthCopy env.example to .env:
cp env.example .envDisabling Features:
- Email: Leave
EMAIL_SMTP_HOSTblank (email will be logged instead) - OAuth Providers: Leave
GOOGLE_CLIENT_ID,DISCORD_CLIENT_IDblank
See env.example for all available configuration options.
docker-compose up -d dbgo run main.goSee web/README.md for the web UI dev server.
Initialize the admin account on first run:
curl -X POST http://localhost:8080/auth/admin/init \
-H "Content-Type: application/json" \
-d '{
"email": "admin@example.com",
"username": "admin",
"password": "SecurePassword123!"
}'Response (success):
{
"success": true,
"message": "Admin account initialized successfully",
"admin_user": {
"id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"email": "admin@example.com",
"username": "admin"
},
"admin_role": {
"id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"name": "admin"
}
}Automatically created:
- ✅ Admin role with full system access
- ✅ Admin user (email pre-verified)
- ✅ 5 default permissions (oauth:register, users:manage, roles:manage, scopes:manage, permissions:manage)
- ✅ All permissions assigned to admin role
Once initialized, access the admin UI at: http://localhost:8080/panel/clients
- Health:
GET /health - Admin Init:
POST /auth/admin/init - OIDC Discovery:
GET /.well-known/openid-configuration - Swagger UI:
GET /swagger/index.html