Go (Golang) JWT Authentication Tutorial

In this episode we are going to implement JWT authentication for an endpoint in our JSON REST APIs which we have seen in our previous episode 👉 https://www.youtube.com/watch?v=8S30eoBSojU

We are going to:

• See how the JWT is structured (header, payload, signature)
• Different Algorithms that can be used (HMAC-based, RSA, ECDSA)
• Implement a “auth” endpoint which generates a JWT
• Implement a “authorizer” handler which verifies a provided JWT token and ensures only authenticated users can access that handler

JWT is a fantastic standard that allows us to verify users (or anything for that matter) in a stateless way. Once the user has been firstly identifier and issued a token, any further request coming from the user carrying the JWT token will be verified without having to check the database or any other authentication system, we can just verify the authenticity of the token to verify the user.

JWT (JSON Web Token) Wiki - https://en.wikipedia.org/wiki/JSON_Web_Token
Official JWT Spec (lots of details here) - https://tools.ietf.org/html/rfc7519
JWT Algorithms Overview by Auth0 - https://auth0.com/blog/json-web-token-signing-algorithms-overview/

Source Code - https://play.golang.org/p/PZZ9c6nwVrs
Go JWT Library used - https://pkg.go.dev/github.com/dgrijalva/jwt-go

💼 Golang Cafe - https://golang.cafe
📬 Golang Cafe Jobs Newsletter - https://golang.cafe/newsletter
🐦 Golang Cafe Twitter - https://twitter.com/golangcafe
📣 Telegram Channel - https://t.me/golangcafe

#golang #go #jwt authentication