Client JavaScript (`goauth.js`)

The client/goauth.js helper supports browser token flows and OAuth popups.

Include

<script src="/static/goauth.js"></script>

Or bundle from client/ in your frontend build.

Storage shape

Tokens are stored in localStorage under the key goauth:

{
  "sessionId": "uuid-v4",
  "accessToken": "...",
  "refreshToken": "...",
  "expiresAt": 1780478790,
  "user": { "id": "1", "email": "..." }
}

Use sessionId (not user.id) when correlating sessions client-side.

// Pseudocode — see client/README.md for full API
goauth.signIn("github", {
  callbackUrl: "/dashboard",
  redirect: false, // popup
});

The popup loads the OAuth callback; the HTML callback page posts tokens back to the opener.

Redirect URL

Pass callbackUrl when starting sign-in so goauth knows where to send the user after success (cookie flows) or which page to load after token storage.

Full examples: client/README.md in the repository.

Include​

Storage shape​

Popup sign-in (advanced)​

Redirect URL​

Include

Storage shape

Popup sign-in (advanced)

Redirect URL