[!NOTE] This README was generated by SKILL, get the ZH version from here.
ECDSA JWT WITH REDIS LIFECYCLE AND DEVICE BINDING
A Go JWT library with Redis lifecycle, device fingerprint binding, and dual middleware
Table of Contents
Features
go get github.com/pardnchiu/go-jwt· Documentation
import "github.com/pardnchiu/go-jwt/core"
- Redis Token Lifecycle — Manage create, verify, refresh, and revoke for Access Token and Refresh ID with Transaction Pipelines and distributed locks.
- Device Fingerprint Binding — Bind tokens to OS, browser, and device ID via SHA-256 so stolen tokens fail on other devices.
- Dual-Framework Middleware — Drop-in Gin and net/http middleware that verifies tokens and refreshes them transparently on expiry.
- ES256 with Auto PEM — Sign with ECDSA P-256; load keys from path, inline PEM, or auto-generate a key pair on first run.
- Versioned Transparent Refresh — Rebuild only the Access Token or fully rotate Refresh ID based on MaxVersion and TTL thresholds.
Architecture
graph TB
REQ[HTTP Request] --> MW[Middleware]
MW --> V[Verify]
V -->|Valid| AUTH[Return Auth]
V -->|Expired| RF[Refresh]
V -->|No Token| DENY[Deny]
RF --> REDIS[(Redis)]
V --> FP[Device Fingerprint]
License
This project is licensed under the MIT LICENSE.
Author
邱敬幃 Pardn Chiu
hi@pardn.io
https://www.linkedin.com/in/pardnchiu
©️ 2025 邱敬幃 Pardn Chiu