JSON Web Token Authentication with Golang

A guide on how to implement JSON Web Token (JWT) authentication in a Golang application. This article details how to create, sign, and verify JWTs to secure an API.

In this article, we will explore how to set up and use JWT for user authentication in a Golang application. JWT is an open standard for transmitting information securely between parties. We will build a simple API capable of authenticating users using JWT.

Golang Code

package main

import (
	"fmt"
	"net/http"
	"github.com/dgrijalva/jwt-go"
	"time"
)

var mySigningKey = []byte("secret")

// Define the structure for the token
type Claims struct {
	Username string `json:"username"`
	jwt.StandardClaims
}

// Function to create the token
func CreateToken(username string) (string, error) {
	expirationTime := time.Now().Add(5 * time.Minute)
	claims := &Claims{
		Username: username,
		StandardClaims: jwt.StandardClaims{
			ExpiresAt: expirationTime.Unix(),
		},
	}
	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
	return token.SignedString(mySigningKey)
}

// Function to validate the token
func ValidateToken(w http.ResponseWriter, r *http.Request) {
	tokenString := r.Header.Get("Authorization")
	if tokenString == "" {
		http.Error(w, "Unauthorized", http.StatusUnauthorized)
		return
	}

	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
		return mySigningKey, nil
	})

	if err != nil || !token.Valid {
		http.Error(w, "Unauthorized", http.StatusUnauthorized)
		return
	}

	fmt.Fprintf(w, "Token is valid!")
}

// Function to handle login requests
func Login(w http.ResponseWriter, r *http.Request) {
	username := r.URL.Query().Get("username")
	token, err := CreateToken(username)
	if err != nil {
		http.Error(w, "Unable to create token", http.StatusInternalServerError)
		return
	}

	w.Header().Set("Authorization", token)
	fmt.Fprintf(w, "Token: %s", token)
}

func main() {
	http.HandleFunc("/login", Login)
	http.HandleFunc("/validate", ValidateToken)
	fmt.Println("Server starting on :8080")
	http.ListenAndServe(":8080", nil)
}

Detailed explanation:

package main: Defines the main package of the application.
import: Imports necessary packages, including http and jwt-go.
var mySigningKey = []byte("secret"): Declares a secret key to sign the token.
type Claims struct {...}: Defines the Claims structure to hold information in the token.
func CreateToken(username string): Function to create a JWT.
expirationTime := time.Now().Add(5 * time.Minute): Sets the expiration time for the token.
token := jwt.NewWithClaims(...): Creates a new token with the defined Claims.
return token.SignedString(mySigningKey): Signs the token and returns it as a string.
func ValidateToken(...): Function to validate the token from the header.
token, err := jwt.Parse(...): Parses the token from the string and checks its validity.
if err != nil || !token.Valid {...}: Checks if the token is valid.
func Login(...): Handles login requests, creates, and returns a token for the user.
func main(): The main function, sets up routes for the server, and starts the server.

System requirements:

Golang version: 1.15 or higher.
Library jwt-go: can be installed using the command go get github.com/dgrijalva/jwt-go.

How to install the libraries needed to run the Golang code above:

Run the following command in your terminal to install the jwt-go library:

go get github.com/dgrijalva/jwt-go

Tips:

Use a strong and secure secret key for signing the tokens.
The expiration time of the token should be set reasonably to ensure security without disrupting user experience.

Tags: Golang, Authentication, JSON Web Token

How to open the Notepad application using Golang

A guide on how to use the `os/exec` package in Golang to open the Notepad application on Windows. This is a practical example of how to call and run external programs from a Go program.

How to Split a String in Golang Using the SplitAfterN Function

A guide on how to use the `SplitAfterN` function in Golang to split a string based on a separator and limit the number of resulting parts. This function is useful when you need to split a string but retain the separator.

How to Split a String in Golang Using the Split function

This article explains how to use the `Split` function in Go (Golang) to break a string into smaller substrings based on a delimiter. It's a common operation in Go programming when dealing with strings.

How to convert a Markdown string to HTML using Golang

A detailed guide on how to convert a Markdown string to HTML in Golang using the `blackfriday` library.

How to Post Data to API Using Golang

This article guides you on how to send data to an API using the POST method in Golang, helping you better understand how to interact with web services.

How to write data to an Excel file using Golang

A detailed guide on how to write data to an Excel file using Golang with the excelize library.

How to split a string in Golang using the SplitAfter function

A guide on how to use the `SplitAfter` function in Golang to split a string based on a specific character or substring. This article provides a detailed explanation of how the function works, along with examples.

Create a Simple Chat Application Using Socket.IO in Golang

A step-by-step guide to building a simple chat application using Socket.IO in Golang, helping you understand how real-time communication works in web applications.

Converting a string variable into Boolean, Integer or Float type in Golang

A guide on how to convert a string into Boolean, Integer, or Float types in Golang. This article will help you understand how to use Go's built-in functions to work with different data types.

How to UPDATE data in a MySQL database using Golang

A guide on how to update data in a MySQL database using Golang with Prepared Statements involving multiple parameters for enhanced security and efficiency.