Skip to content
Keel

JWT Examples

The official runnable project is ss-keel-examples/examples/11-jwt-addon.

Issue a token from a login endpoint

Section titled “Issue a token from a login endpoint”
token, err := jwtProvider.GenerateToken(map[string]any{
    "user_id": entry.user.ID,
    "name":    entry.user.Name,
    "email":   entry.user.Email,
    "role":    entry.user.Role,
})
if err != nil {
    return core.Internal("could not issue token", err)
}
return c.OK(TokenResponse{Token: token, TokenType: "Bearer"})

Protect a route group

Section titled “Protect a route group”
api := app.Group("/api", jwtProvider.Middleware())
api.RegisterController(contracts.ControllerFunc[httpx.Route](func() []httpx.Route {
    return []httpx.Route{
        httpx.GET("/me", func(c *httpx.Ctx) error {
            claims, _ := jwt.ClaimsFromCtx(c.Ctx)
            data, _ := claims["data"].(map[string]any)
            return c.OK(data)
        }).WithSecured("bearerAuth"),
    }
}))

Refresh an existing token

Section titled “Refresh an existing token”
newToken, err := jwtProvider.RefreshToken(body.Token)
if err != nil {
    return core.Unauthorized("invalid or expired token")
}
return c.OK(TokenResponse{Token: newToken, TokenType: "Bearer"})
Section titled “Related example”

ss-keel-oauth builds on the same signer by passing jwtProvider into the OAuth manager.