GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → supanadit → jwt-go

supanadit / jwt-go

Licence: MIT License
The easiest JWT library to GO

Programming Languages

go
31211 projects - #10 most used programming language

Labels

jwtencryptionauthenticationauthorizationbcrypthashesgo-jwtjwt-gogo-libray

Projects that are alternatives of or similar to jwt-go

Fernet Java8
Java 8 implementation of the Fernet Specification
Stars: ✭ 24 (+60%)
Mutual labels:  encryption, authorization
FlashPaper
One-time encrypted password/secret sharing
Stars: ✭ 85 (+466.67%)
Mutual labels:  encryption, bcrypt
powerauth-crypto
PowerAuth - Open-source solution for authentication, secure data storage and transport security in mobile banking.
Stars: ✭ 48 (+220%)
Mutual labels:  encryption, authorization
EncrypC
🔑 File Encryption Application using Python.
Stars: ✭ 14 (-6.67%)
Mutual labels:  encryption
EasyPGP
No description or website provided.
Stars: ✭ 19 (+26.67%)
Mutual labels:  encryption
sklad
Android file storage library with encryption and streaming support
Stars: ✭ 26 (+73.33%)
Mutual labels:  encryption
aes-gcm-siv
A Java implementation of AES-GCM-SIV (RFC 8452).
Stars: ✭ 32 (+113.33%)
Mutual labels:  encryption
EasyAES
AES encrypt/decrypt, Android, iOS, php compatible(兼容php, Android, iOS平台)
Stars: ✭ 79 (+426.67%)
Mutual labels:  encryption
aliceandbob-desktop
🔐 A free, light and easy to use desktop tool to generate PGP key pairs, encrypt and decrypt messages.
Stars: ✭ 25 (+66.67%)
Mutual labels:  encryption
auth analyzer
Burp Extension for testing authorization issues. Automated request repeating and parameter value extraction on the fly.
Stars: ✭ 77 (+413.33%)
Mutual labels:  authorization
jwt-signature
[READ ONLY] Signature component of the JWT Framework
Stars: ✭ 32 (+113.33%)
Mutual labels:  encryption
Ajax-Chat
Ajax Chat is a complete web chat in javascript, ajax, php and mysql compatible with Phonegap
Stars: ✭ 19 (+26.67%)
Mutual labels:  encryption
envkeygo
EnvKey's official Go client library
Stars: ✭ 36 (+140%)
Mutual labels:  encryption
Security4Delphi
Enables and use of the concept of security in your Delphi applications
Stars: ✭ 39 (+160%)
Mutual labels:  authorization
adamant-iOS
iOS native client for ADAMANT Decentralized Messenger
Stars: ✭ 20 (+33.33%)
Mutual labels:  encryption
envkey-ruby
EnvKey's official Ruby client library
Stars: ✭ 24 (+60%)
Mutual labels:  encryption
VanillaWindowsReference
A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare and see what's been added with each update.
Stars: ✭ 24 (+60%)
Mutual labels:  hashes
SharpLoader
🔮 [C#] Source code randomizer and compiler
Stars: ✭ 36 (+140%)
Mutual labels:  encryption
ProtonClient
An unofficial desktop client for ProtonMail done with electron nativefier
Stars: ✭ 50 (+233.33%)
Mutual labels:  encryption
crypto.graphics
crypto.graphics
Stars: ✭ 20 (+33.33%)
Mutual labels:  encryption
View All Similar Projects ➔

JWT Go

Build Status Go Report Card GoDoc

The easiest JWT Library that could be a starting point for your project.

Installation

go get github.com/supanadit/jwt-go

Quick Start

package main

import (
	"fmt"
	"github.com/supanadit/jwt-go"
	"log"
)

func main() {
	// Set Your JWT Secret Code, its optional but important, because default secret code is not secure
	jwt.SetJWTSecretCode("Your Secret Code")

	// Create default authorization
	auth := jwt.Authorization{
		Username: "admin",
		Password: "admin",
	}

	// Generate JWT Token from default authorization model
	token, err := auth.GenerateJWT()
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println("JWT Token : " + token)

	// Verify the token
	valid, err := auth.VerifyJWT(token)
	if err != nil {
		fmt.Println(err)
	}

	fmt.Print("Status : ")

	if valid {
		fmt.Println("Valid")
	} else {
		fmt.Println("Invalid")
	}
}
Custom Authorization 

package main

import (
	"fmt"
	"github.com/supanadit/jwt-go"
	"log"
)

type Login struct {
	Email    string
	Password string
	Name     string
}

func main() {
	// Set Your JWT Secret Code, its optional but important, because default secret code is not secure
	jwt.SetJWTSecretCode("Your Secret Code")

	// Create default authorization
	auth := Login{
		Email:    "[email protected]",
		Password: "asd",
		Name:     "asd",
	}

	// Generate JWT Token from default authorization model
	token, err := jwt.GenerateJWT(auth)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println("JWT Token : " + token)

	// Variable for decoded JWT token
	var dataAuth Login
	// Verify the token
	valid, err := jwt.VerifyAndBindingJWT(&dataAuth, token)
	if err != nil {
		fmt.Println(err)
	}

	// or simply you can do this, if you don't need to decode the JWT
	// valid, err := jwt.VerifyJWT(token)
	// if err != nil {
	//	 fmt.Println(err)
	// }

	fmt.Print("Status : ")

	if valid {
		fmt.Println("Valid")
	} else {
		fmt.Println("Invalid")
	}
}

Encrypt & Verify Password 

package main

import (
	"fmt"
	"github.com/supanadit/jwt-go"
	"log"
)

type Login struct {
	Email    string
	Password string
}

func main() {
	// Set Your JWT Secret Code, its optional but important, because default secret code is not secure
	jwt.SetJWTSecretCode("Your Secret Code")

	// Create authorization from your own struct
	auth := Login{
		Email:    "[email protected]",
		Password: "123",
	}

	// Encrypt password, which you can save to database
	ep, err := jwt.EncryptPassword(auth.Password)
	if err != nil {
		log.Fatal(err)
	}

	fmt.Println("Encrypted Password " + string(ep))

	// Verify Encrypted Password
	valid, err := jwt.VerifyPassword(string(ep), auth.Password)
	if err != nil {
		fmt.Println(err)
	}

	fmt.Print("Status : ")

	if valid {
		fmt.Println("Valid")
	} else {
		fmt.Println("Invalid")
	}
}

Decrypt Password

No you can't, as the thread at Stack Exchange

bcrypt is not an encryption function, it's a password hashing function, relying on Blowfish's key scheduling, not its encryption. Hashing are mathematical one-way functions, meaning there is no way to reverse the output string to get the input string.
of course only Siths deal in absolutes and there are a few attacks against hashes. But none of them are "reversing" the hashing, AFAIK.

so that enough to secure the password

Set Expired Time 

package main

import (
	"fmt"
	"github.com/supanadit/jwt-go"
	"log"
)

func main() {
	// Set Your JWT Secret Code, its optional but important, because default secret code is not secure
	jwt.SetJWTSecretCode("Your Secret Code")
 
    // You can simply do this, jwt.setExpiredTime(Hour,Minute,Second)
	jwt.SetExpiredTime(0, 0, 1)
}

Support Gin Web Framework 

package main

import (
	"github.com/gin-gonic/gin"
	"github.com/supanadit/jwt-go"
	"net/http"
)

func main() {
	// Set Your JWT Secret Code, its optional but important, because default secret code is not secure
	jwt.SetJWTSecretCode("Your Secret Code")

	// Create authorization
	auth := jwt.Authorization{
		Username: "admin",
		Password: "123",
	}

	router := gin.Default()

	// Login / Authorization for create JWT Token
	router.POST("/auth", func(c *gin.Context) {
		var a jwt.Authorization
		err := c.Bind(&a)
		if err != nil {
			c.JSON(http.StatusBadRequest, gin.H{
				"status": "Invalid body request",
				"token":  nil,
			})
		} else {
			valid, err := auth.VerifyPassword(a.Password)
			if err != nil {
				c.JSON(http.StatusBadRequest, gin.H{
					"status": "Wrong username or password",
					"token":  nil,
				})
			} else {
				if valid {
					token, err := a.GenerateJWT()
					if err != nil {
						c.JSON(http.StatusInternalServerError, gin.H{
							"status": "Can't generate JWT token",
							"token":  nil,
						})
					} else {
						c.JSON(http.StatusOK, gin.H{
							"status": "Success",
							"token":  token,
						})
					}
				} else {
					c.JSON(http.StatusBadRequest, gin.H{
						"status": "Wrong username or password",
						"token":  nil,
					})
				}
			}
		}
	})

	// Test Authorization
	router.GET("/test", func(c *gin.Context) {
		// Variable for binding if you need decoded JWT
		var dataAuth jwt.Authorization
		// Verify and binding JWT
		token, valid, err := jwt.VerifyAndBindingGinHeader(&dataAuth, c)

		// in case if you don't want to decode the JWT, simply use this code
		// token, valid, err := jwt.VerifyGinHeader(c)

		if err != nil {
			c.JSON(http.StatusOK, gin.H{
				"status": err.Error(),
			})
		} else {
			if valid {
				c.JSON(http.StatusOK, gin.H{
					"status": token + " is valid",
				})
			} else {
				c.JSON(http.StatusBadRequest, gin.H{
					"status": "Invalid",
				})
			}
		}
	})

	_ = router.Run(":8080")
}

Support Echo Web Framework 

package main

import (
	"github.com/labstack/echo/v4"
	"github.com/supanadit/jwt-go"
	"net/http"
)

func main() {
	// Set Your JWT Secret Code, its optional but important, because default secret code is not secure
	jwt.SetJWTSecretCode("Your Secret Code")

	// Create authorization
	auth := jwt.Authorization{
		Username: "admin",
		Password: "123",
	}

	e := echo.New()

	// Login / Authorization for create JWT Token
	e.POST("/auth", func(c echo.Context) error {
		a := new(jwt.Authorization)
		// Create struct for response, or you can create globally by your self
		var r struct {
			Status string
			Token  string
		}
		err := c.Bind(a)
		if err != nil {
			r.Status = "Invalid body request"
			return c.JSON(http.StatusBadRequest, &r)
		} else {
			valid, err := auth.VerifyPassword(a.Password)
			if err != nil {
				r.Status = "Wrong username or password"
				return c.JSON(http.StatusBadRequest, &r)
			} else {
				if valid {
					token, err := a.GenerateJWT()
					if err != nil {
						r.Status = "Can't generate JWT Token"
						return c.JSON(http.StatusInternalServerError, &r)
					} else {
						r.Status = "Success"
						r.Token = token
						return c.JSON(http.StatusOK, &r)
					}
				} else {
					r.Status = "Wrong username or password"
					return c.JSON(http.StatusBadRequest, &r)
				}
			}
		}
	})

	// Test Authorization
	e.GET("/test", func(c echo.Context) error {
		// Create struct for response
		var r struct {
			Status string
		}
		// Variable for binding if you need decoded JWT
		dataAuth := new(jwt.Authorization)
		// Verify and binding JWT
		token, valid, err := jwt.VerifyAndBindingEchoHeader(&dataAuth, c)

		// in case if you don't want to decode the JWT, simply use this code
		// Token, valid, err := jwt.VerifyEchoHeader(c)

		if err != nil {
			r.Status = err.Error()
			return c.JSON(http.StatusBadRequest, &r)
		} else {
			if valid {
				r.Status = token + " is valid"
				return c.JSON(http.StatusOK, &r)
			} else {
				r.Status = "Invalid"
				return c.JSON(http.StatusBadRequest, &r)
			}
		}
	})

	// Start server
	e.Logger.Fatal(e.Start(":1323"))
}

Disable & Enable Authorization 

package main

import (
	"github.com/supanadit/jwt-go"
)

func main() {
	// Set Your JWT Secret Code, its optional but important, because default secret code is not secure
	jwt.SetJWTSecretCode("Your Secret Code")

    // Disable authorization, meaning when verify jwt token it will return true even if the token was expired or invalid
	jwt.DisableAuthorization()

	// or

    // Enable authorization
	jwt.EnableAuthorization()
}

Set HMAC Signing Method 

package main

import "github.com/supanadit/jwt-go"

func main() {
	// Set HMAC signing method
	jwt.SetHMACSigningMethod(jwt.HS256()) // or jwt.HS384(), jwt.HS512()
}

Thanks to

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].