loading...

A Simple JWT Go Package

jrpalma profile image Jose Palma Updated on ・1 min read

I just recently finished my second open source project. It is a simple Go package for creating, signing, and verifying JSON Web Tokens. Please check it out on Github

Let me know what you think. I would appreciate it if you can share improvements, feature requests, or bug reports. Ask Me Anything!

Thanks!

Discussion

markdown guide
 

Hi, awsome.

Let me give it a try. Btw, how do you manage the invalidation of the tokens?

 

Hi Joseph, thanks for your question.
TLDR
I modified the API. Please refresh your clone/fork. To invalidate your token, you can do something like this:

//Issue the token
token.Claims.Set("valid", true)
token.Sign("secret")

//Invalidate the token
token.Claims.Set("valid", false)
token.Sign("secret")

//Check if valid
verifyErr := token.Verify(base64JWT, "secret")
if verifyErr != nil {
    //Tampered token
}
valid, err := token.Claims.GetBool("valid")
if err != nil {
    //Error getting claim
}
if !valid {
    //Invalid token logic goes here
}

Long Story:
I wrote this package a couple of years ago while learning about JWT. I open-sourced the code. However, I made a mistake and used map[string]string instead of map[string]interface{}. Thanks your question, I realized that I had made a mistake. I updated the API to include some helper functions for bool, time, []byte, string, and numbers. I really appreciate your input. I will start thinking about its first release soon. Do let me know if you have more questions. That might lead to more features on the first release. Thanks!

 

Great, let check it. I will tell you soon :D

 

The link points to a arg parser? Is that intended?

Shouldn't it point to this github.com/jrpalma/jwt

 

Thanks for the correction. I'll change the link right away!