The first part of this is the UX - if you go with HTTP basic authentication, you can probably avoid writing any code, assuming there's a webserver in front of your app most will have authentication support. If you want to stick to go, http.Request
makes handling basic pretty easy, and there are many ways of composing net/http
based handlers together, so bikeshed away.
If you require an integrated login form, then of course you'll have to write that logic, but you can take a micro service style approach, and implement that logic by calling to an HTTP basic auth based service internally. I think this approach makes sense if you prefer to use a generic LDAP authentication (e.g. nginx/apache module or something like that), but not if you want to talk to the LDAP server yourself.
As for the actual credentials, if you do need to do that manually, there are multiple LDAP implementations in go. I've had success with go-ldap for both binding and legacy password validation by fetching fields as an admin user.