API Reference
Exported types and methods from package goJwt (github.com/pardnchiu/go-jwt/core).
New
func New(c Config) (*JWTAuth, error)
Creates a JWTAuth instance, connects Redis, and loads or generates ECDSA keys.
Close
func (j *JWTAuth) Close() error
Closes the Redis connection.
Create
func (j *JWTAuth) Create(w http.ResponseWriter, r *http.Request, auth *Auth) JWTAuthResult
Issues Access Token and Refresh ID, sets cookies, and stores refresh state plus JTI in Redis.
Verify
func (j *JWTAuth) Verify(w http.ResponseWriter, r *http.Request) JWTAuthResult
Verifies the Access Token, checks revocation and device fingerprint, and refreshes transparently when expired.
Revoke
func (j *JWTAuth) Revoke(w http.ResponseWriter, r *http.Request) JWTAuthResult
Revokes the current session: clears cookies, shortens Refresh ID TTL, and marks the Access Token as revoked.
GinMiddleware
func (j *JWTAuth) GinMiddleware() gin.HandlerFunc
Gin middleware that runs Verify and stores *Auth under the user context key.
HTTPMiddleware
func (j *JWTAuth) HTTPMiddleware(next http.Handler) http.Handler
Standard library middleware that runs Verify and stores *Auth in request.Context.
GetAuthDataFromGinContext
func GetAuthDataFromGinContext(c *gin.Context) (*Auth, bool)
Reads authenticated user data from a Gin context.
GetAuthDataFromHTTPRequest
func GetAuthDataFromHTTPRequest(r *http.Request) (*Auth, bool)
Reads authenticated user data from an http.Request context.
Auth
| Field | Type | Description |
|---|---|---|
ID |
string |
User ID |
Name |
string |
Display name |
Email |
string |
|
Thumbnail |
string |
Avatar URL |
Scope |
[]string |
Permission scopes |
Role |
string |
Role |
Level |
int |
Level |
JWTAuthResult
| Field | Type | Description |
|---|---|---|
StatusCode |
int |
HTTP status code |
Success |
bool |
Whether the operation succeeded |
Data |
*Auth |
Authenticated user data |
Token |
*TokenResult |
Issued token pair |
Error |
string |
Error message |
ErrorTag |
string |
Machine-readable error tag |
TokenResult
| Field | Type | Description |
|---|---|---|
Token |
string |
Access Token |
RefreshId |
string |
Refresh ID |
Headers
| Header | Direction | Description |
|---|---|---|
Authorization: Bearer <token> |
Request | Access Token (cookie alternative) |
X-Refresh-ID |
Request | Refresh ID (cookie alternative) |
X-Device-FP |
Request | Override device fingerprint |
X-Device-ID |
Request | Stable device ID |
X-New-Access-Token |
Response | New Access Token after refresh |
X-New-Refresh-ID |
Response | New Refresh ID after full rebuild |
Error tags
| Tag | Meaning |
|---|---|
data_missing |
Required auth / refresh data missing |
data_invalid |
Token parse or claim validation failed |
unauthorized |
Not logged in or session invalid |
revoked |
Access Token marked revoked |
not_found |
Refresh data not found |
not_matched |
Fingerprint or claim mismatch |
failed_to_update |
Redis update failed |
failed_to_create |
Create path failed |
failed_to_sign |
JWT signing failed |
failed_to_store |
Redis store failed |
failed_to_get |
Redis get failed |