Documentation

API Reference

Exported types and methods from package goJwt (github.com/pardnchiu/go-jwt/core).

New

func New(c Config) (*JWTAuth, error)

Creates a JWTAuth instance, connects Redis, and loads or generates ECDSA keys.

Close

func (j *JWTAuth) Close() error

Closes the Redis connection.

Create

func (j *JWTAuth) Create(w http.ResponseWriter, r *http.Request, auth *Auth) JWTAuthResult

Issues Access Token and Refresh ID, sets cookies, and stores refresh state plus JTI in Redis.

Verify

func (j *JWTAuth) Verify(w http.ResponseWriter, r *http.Request) JWTAuthResult

Verifies the Access Token, checks revocation and device fingerprint, and refreshes transparently when expired.

Revoke

func (j *JWTAuth) Revoke(w http.ResponseWriter, r *http.Request) JWTAuthResult

Revokes the current session: clears cookies, shortens Refresh ID TTL, and marks the Access Token as revoked.

GinMiddleware

func (j *JWTAuth) GinMiddleware() gin.HandlerFunc

Gin middleware that runs Verify and stores *Auth under the user context key.

HTTPMiddleware

func (j *JWTAuth) HTTPMiddleware(next http.Handler) http.Handler

Standard library middleware that runs Verify and stores *Auth in request.Context.

GetAuthDataFromGinContext

func GetAuthDataFromGinContext(c *gin.Context) (*Auth, bool)

Reads authenticated user data from a Gin context.

GetAuthDataFromHTTPRequest

func GetAuthDataFromHTTPRequest(r *http.Request) (*Auth, bool)

Reads authenticated user data from an http.Request context.

Auth

Field Type Description
ID string User ID
Name string Display name
Email string Email
Thumbnail string Avatar URL
Scope []string Permission scopes
Role string Role
Level int Level

JWTAuthResult

Field Type Description
StatusCode int HTTP status code
Success bool Whether the operation succeeded
Data *Auth Authenticated user data
Token *TokenResult Issued token pair
Error string Error message
ErrorTag string Machine-readable error tag

TokenResult

Field Type Description
Token string Access Token
RefreshId string Refresh ID

Headers

Header Direction Description
Authorization: Bearer <token> Request Access Token (cookie alternative)
X-Refresh-ID Request Refresh ID (cookie alternative)
X-Device-FP Request Override device fingerprint
X-Device-ID Request Stable device ID
X-New-Access-Token Response New Access Token after refresh
X-New-Refresh-ID Response New Refresh ID after full rebuild

Error tags

Tag Meaning
data_missing Required auth / refresh data missing
data_invalid Token parse or claim validation failed
unauthorized Not logged in or session invalid
revoked Access Token marked revoked
not_found Refresh data not found
not_matched Fingerprint or claim mismatch
failed_to_update Redis update failed
failed_to_create Create path failed
failed_to_sign JWT signing failed
failed_to_store Redis store failed
failed_to_get Redis get failed
中文