Go Token is a simple Golang HTTP application that provides endpoints for generating and verifying JSON Web Tokens (JWT) for user authentication.
This Go application provides token management functionalities, including token generation, token verification, and token destruction. It uses JSON Web Tokens (JWTs) to secure your endpoints and manage user sessions.
Before running this application, make sure you have the following prerequisites installed on your system:
- Go (Golang): You can download and install Go from https://golang.org/dl/.
- Clone the repository:
git clone https://github.com/ahmedMHasan/go-token.git
cd go-token- Install the required packages by running:
go get github.com/dgrijalva/jwt-go- Build and run the project:
go run main.goThe application will start and listen on port 8080.
-
Endpoint:
/generateToken -
Method: POST
-
Description: Generates a JWT token for a specified username.
-
Usage: Send a POST request to this endpoint with a JSON body containing the
usernameandpasswordfor the user you want to authenticate. The endpoint will return a JWT token along with its expiration time.Example using cURL:
curl -X POST -d '{"username": "your_username", "password": "your_password"}' http://localhost:8080/generateToken
-
Endpoint:
/verifyToken -
Method: GET
-
Description: Verifies the JWT token provided in the request header.
-
Usage: Access this endpoint with a valid JWT token in the "Token" header to check if the token is valid. It will return "Logged In" if the token is valid; otherwise, it will return "Unauthorized."
Example using cURL:
curl -H "Token: your_jwt_token" http://localhost:8080/verifyToken
-
Endpoint:
/destroyToken -
Method: POST
-
Description: Terminates the session (token) based on the username and password.
-
Usage: Send a POST request to this endpoint with a JSON body containing the
usernameandpasswordof the user for whom you want to destroy the token. If the provided credentials are correct, and a valid token exists for the user, the token will be destroyed, and subsequent requests with that token will be unauthorized.Example using cURL:
curl -X POST -d '{"username": "your_username", "password": "your_password"}' http://localhost:8080/destroyToken
-
Tokens are generated with an expiration time of 1 Hour for demonstration purposes. You can modify the
generateJWTfunction to set a different expiration time as needed. -
The application keeps track of the last valid token for each username. If a user generates a new token while a valid token exists, the application will return the last valid token along with its expiration time.
-
To destroy a token, send a request to the
/destroyTokenendpoint with valid credentials. If the token is valid and matches the last valid token for the user, it will be destroyed.
-
Open Postman or any API testing tool.
-
Create a new request for each of the following endpoints:
-
Generate Token: Set the request URL to
http://localhost:8080/generateToken, and send the request with a JSON body containingusernameandpassword. You will receive a JWT token in the response. -
Verify Token: Set the request URL to
http://localhost:8080/verifyToken. Add a header with the key "Token" and the value being the JWT token obtained from the "Generate Token" request. Send the request to verify the token. -
Destroy Token: Set the request URL to
http://localhost:8080/destroyToken. Send a POST request with a JSON body containingusernameandpasswordto destroy the token for the specified user.
-
main.go: The main Go source code file.README.md: This README file..gitignore: Git ignore file.LICENSE: License information.
Contributions are welcome! If you have any suggestions or find any issues, please open an issue or create a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.
- Thanks to the authors of the
github.com/dgrijalva/jwt-golibrary for their work on JWT token handling in Go.
Feel free to customize this template to fit your specific project details and requirements.