{"id":18793908,"url":"https://github.com/leberkleber/simple-jwt-provider","last_synced_at":"2025-08-11T02:04:47.844Z","repository":{"id":48404217,"uuid":"228838870","full_name":"leberKleber/simple-jwt-provider","owner":"leberKleber","description":null,"archived":false,"fork":false,"pushed_at":"2023-02-25T06:42:02.000Z","size":290,"stargazers_count":38,"open_issues_count":5,"forks_count":5,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-13T15:07:12.106Z","etag":null,"topics":["awesome-go","go","golang","jwt","lightweight","postgres","postgresql","provider","simple"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/leberKleber.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-12-18T12:48:14.000Z","updated_at":"2024-11-06T11:55:03.000Z","dependencies_parsed_at":"2024-06-19T01:08:49.667Z","dependency_job_id":"e9638abc-fd3c-4c43-8b52-18a6647d0794","html_url":"https://github.com/leberKleber/simple-jwt-provider","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/leberKleber/simple-jwt-provider","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leberKleber%2Fsimple-jwt-provider","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leberKleber%2Fsimple-jwt-provider/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leberKleber%2Fsimple-jwt-provider/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leberKleber%2Fsimple-jwt-provider/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/leberKleber","download_url":"https://codeload.github.com/leberKleber/simple-jwt-provider/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leberKleber%2Fsimple-jwt-provider/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269819032,"owners_count":24480087,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-11T02:00:10.019Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["awesome-go","go","golang","jwt","lightweight","postgres","postgresql","provider","simple"],"created_at":"2024-11-07T21:27:22.698Z","updated_at":"2025-08-11T02:04:47.694Z","avatar_url":"https://github.com/leberKleber.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Mentioned in Awesome Go](https://awesome.re/mentioned-badge.svg)](https://github.com/avelino/awesome-go)\n[![Go](https://github.com/leberKleber/simple-jwt-provider/workflows/Go/badge.svg?branch=master)](https://github.com/leberKleber/simple-jwt-provider/actions?query=workflow%3Ago)\n[![Go Report Card](https://goreportcard.com/badge/github.com/leberKleber/simple-jwt-provider)](https://goreportcard.com/report/github.com/leberKleber/simple-jwt-provider)\n[![codecov](https://codecov.io/gh/leberKleber/simple-jwt-provider/branch/master/graph/badge.svg)](https://codecov.io/gh/leberKleber/simple-jwt-provider)\n\n# simple-jwt-provider\n\nSimple and lightweight JWT-Provider written in go (golang). It exhibits JWT for the in postgres or sqlite persisted user, which\ncan be managed via api. Also, a password-reset flow via mail verification is available. User specific custom-claims also\navailable for jwt-generation and mail rendering.\n\ndockerized: https://hub.docker.com/r/leberkleber/simple-jwt-provider\n\nbuild it yourself:\n\n```shell script\n# as docker-image\ndocker build . -t leberkleber/simple-jwt-provider\n\n# as binary\ngo build -o simple-jwt-provider ./cmd/provider/\n```\n\n# Table of contents\n\n- [Try it](#try-it)\n- [Getting started](#getting-started)\n - [Generate ECDSA-512 key pair](#generate-ecdsa-512-key-pair)\n - [Configuration](#configuration)\n- [API](#api)\n - [POST `/v1/auth/login`](#post-v1authlogin)\n - [POST `/v1/auth/refresh`](#post-v1authrefresh)\n - [POST `/v1/auth/password-reset-request`](#post-v1authpassword-reset-request)\n - [POST `/v1/auth/password-reset`](#post-v1authpassword-reset)\n - [POST `/v1/admin/users`](#post-v1adminusers)\n - [PUT `/v1/admin/users/{email}`](#put-v1adminusersemail)\n - [DELETE `/v1/admin/users/{email}`](#delete-v1adminusersemail)\n- [Mail](#mail)\n - [Password reset request](#password-reset-request)\n- [Development](#development)\n - [mocks](#mocks)\n - [component tests](#component-tests)\n\n## Try it\n\n```shell script\ngit clone git@github.com:leberKleber/simple-jwt-provider.git\ndocker-compose -f example/docker-compose.yml up\n\n# create user via admin-api\n./example/create-user.sh test.test@test.test password {}\n\n# login with created user\n./example/login.sh test.tscest@test.test password\n\n# reset password\n# 1) create password reset request\n# - mail with reset token would be send\n# 2) reset password with received token\n# 3) do crud operations on user\n\n# 1) create password reset request \n./example/create-password-reset-request.sh test.test@test.test\n# 1.1) open browser at http://127.0.0.1:8025/ and copy reset token (token only not the url)\n# 2) reset password with received token\n./example/reset-password.sh test.test@test.test newPassword {reset-token}\n# verify new password\n./example/login.sh test.test@test.test newPassword\n\n# 3) do crud operations on user\n# see ./example/*.sh\n```\n\n## Getting started\n\n### Generate ECDSA-512 key pair\n\n```sh\n# private key\nopenssl ecparam -genkey -name secp521r1 -noout -out ecdsa-p521-private.pem\n# public key\nopenssl ec -in ecdsa-p521-private.pem -pubout -out ecdsa-p521-public.pem \n```\n\n### Configuration\n\n| Environment variable | Description | Required | Default |\n| --------------------------------- |:-------------------------------------------------------------------------------------:| -----------------------------------:|----------------------:|\n| SJP_LOG_LEVEL | Log-Level can be TRACE DEBUG INFO WARN ERROR FATAL or PANIC | no | INFO |\n| SJP_SERVER_ADDRESS | Server-address network-interface to bind on e.g.: '127.0.0.1:8080' | no | 0.0.0.0:80 |\n| SJP_JWT_LIFETIME | Lifetime of JWT | no | 4h |\n| SJP_JWT_PRIVATE_KEY | JWT PrivateKey ECDSA512 | yes | - |\n| SJP_JWT_AUDIENCE | Audience private claim which will be applied in each JWT | no | - |\n| SJP_JWT_ISSUER | Issuer private claim which will be applied in each JWT | no | - |\n| SJP_JWT_SUBJECT | Subject private claim which will be applied in each JWT | no | - |\n| SJP_DATABASE_TYPE | Database type. Currently supported postgres and sqlite | yes | - |\n| SJP_DATABASE_DSN | Data Source Name for persistence | yes | - |\n| SJP_ADMIN_API_ENABLE | Enable admin API to manage stored users (true / false) | no | false |\n| SJP_ADMIN_API_USERNAME | Basic Auth Username if enable-admin-api = true | yes, when enable-admin-api = true | - |\n| SJP_ADMIN_API_PASSWORD | Basic Auth Password if enable-admin-api = true when is bcrypted prefix with 'bcrypt:' | yes, when enable-admin-api = true | - |\n| SJP_MAIL_TEMPLATES_FOLDER_PATH | Path to mail-templates folder | no | /mail-templates |\n| SJP_MAIL_SMTP_HOST | SMTP host to connect to | yes | - |\n| SJP_MAIL_SMTP_PORT | SMTP port to connect to | no | 587 |\n| SJP_MAIL_SMTP_USERNAME | SMTP username to authorize with | yes | - |\n| SJP_MAIL_SMTP_PASSWORD | SMTP password to authorize with | yes | - |\n| SJP_MAIL_TLS_INSECURE_SKIP_VERIFY | true if certificates should not be verified | no | false |\n| SJP_MAIL_TLS_SERVER_NAME | name of the server who expose the certificate | no | - |\n\n## API\n\n### POST `/v1/auth/login`\n\nThis endpoint will check the email/password combination and will set the respond with an jwtauthToken if correct:\n\nRequest body:\n```json\n{\n \"email\": \"info@leberkleber.io\",\n \"password\": \"s3cr3t\"\n}\n```\n\nResponse body (200 - OK):\n```json\n{\n \"access_token\": \"\u003caccess-jwt\u003e\",\n \"refresh_token\": \"\u003crefresh-jwt\u003e\"\n}\n```\n\n### POST `/v1/auth/refresh`\n\nThis endpoint will return a new access and refresh token. The submitted refresh-token will no longer be valid.\n\nRequest body:\n```json\n{\n \"refresh_token\": \"\u003crefresh_jwt\u003e\"\n}\n```\n\nResponse body (200 - OK):\n```json\n{\n \"access_token\": \"\u003cnew-access-jwt\u003e\",\n \"refresh_token\": \"\u003cnew-refresh-jwt\u003e\"\n}\n```\n### POST `/v1/auth/password-reset-request`\n\nThis endpoint will trigger a password reset request. The user gets a token per mail. With this token, the password can\nbe reset via POST@`/v1/auth/password-reset`.\n\nRequest body:\n```json\n{\n \"email\": \"info@leberkleber.io\"\n}\n```\n\nResponse (201 - CREATED)\n\n### POST `/v1/auth/password-reset`\n\nThis endpoint will reset the password of the given user if the reset-token is valid and matches to the given email.\n\nRequest body:\n```json\n{\n \"email\": \"info@leberkleber.io\",\n \"reset_token\": \"rAnDoMsHiT456\",\n \"password\": \"SeCReT\"\n}\n```\n\nResponse (204 - NO CONTENT)\n\n### POST `/v1/admin/users`\n\nThis endpoint will create a new user if admin api auth was successfully:\n\nRequest body:\n```json\n{\n \"email\": \"info@leberkleber.io\",\n \"password\": \"s3cr3t\",\n \"claims\": {\n \"myCustomClaim\": \"custom claims for jwt and mail templates\"\n }\n}\n```\n\nResponse body (201 - CREATED)\n\n### PUT `/v1/admin/users/{email}`\n\nThis endpoint will update the given properties (excluding email) of the user with the given email when the admin api\nauth was successfully:\n\nRequest body:\n```json\n{\n \"password\": \"n3wS3cr3t\",\n \"claims\": {\n \"updatedClaim\": \"now updated\"\n }\n}\n```\n\nResponse body (200 - NO CONTENT)\n\n```json\n{\n \"email\": \"info@leberkleber.io\",\n \"password\": \"**********\",\n \"claims\": {\n \"updatedClaim\": \"now updated\"\n }\n}\n```\n\n### DELETE `/v1/admin/users/{email}`\n\nThis endpoint will delete the user with the given email when there are no tokens which referred to this user, and the\nadmin api auth was successfully:\n\nResponse body (201 - NO CONTENT)\n\n## Mail\n\nMails will be generated based on a set of templates which should be prepared for productive usage.\n\n- `\u003cmailType\u003e.html` represents the html body of the mail and can be templated with `html.template` syntax\n (https://golang.org/pkg/html/template/). Available templating arguments listed in detailed template type description.\n- `\u003cmailType\u003e.txt` represents the text body of the mail and can be templated with `text.template` syntax\n (https://golang.org/pkg/text/template/). Available templating arguments listed in detailed template type description.\n- `\u003cmailType\u003e.yml` represents the header of the mail. In this template headers e.g. `From`, `To` or `Subject`\n can be set `text.template` syntax (https://golang.org/pkg/text/template/). Available templating arguments listed in\n detailed template type description.\n\n### Password reset request\n\nAn example of this mail type can be found in `/mail-templates/password-reset-request.*`. Available template arguments:\n\n| Argument | Content | Example usage |\n|--------------------|--------------------------------------------------------|-------------------------------------|\n| Recipient | Users email address | `{{.Recipient}}` |\n| PasswordResetToken | The token which is required to reset the password | `{{.PasswordResetToken}}` |\n| Claims | All custom-claims which stored in relation to the user | `{{if index .Claims \"first_name\"}}` |\n\n## Development\n\n### mocks\n\nMocks will be generated with github.com/matryer/moq. Execute the following for generation:\n\n```shell script\ngo get github.com/matryer/moq\ngo generate ./...\n```\n\n### component tests\n\nComponent tests can be executed locally with:\n\n```shell script\n# build simple-jwt-provider from source code\n# setup infrastructure\n# run all test file with build-tag component in /cmd/provider \n./component-tests.sh\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleberkleber%2Fsimple-jwt-provider","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fleberkleber%2Fsimple-jwt-provider","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleberkleber%2Fsimple-jwt-provider/lists"}