{"id":34231815,"url":"https://github.com/mjah/jwt-auth","last_synced_at":"2026-03-10T20:34:38.233Z","repository":{"id":57540648,"uuid":"197413908","full_name":"mjah/jwt-auth","owner":"mjah","description":"A JWT based authentication server.","archived":false,"fork":false,"pushed_at":"2020-03-17T21:50:47.000Z","size":200,"stargazers_count":4,"open_issues_count":6,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-06-20T17:41:22.037Z","etag":null,"topics":["authentication","golang","jwt","postgresql","rabbitmq"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mjah.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-07-17T15:16:02.000Z","updated_at":"2023-02-08T16:29:28.000Z","dependencies_parsed_at":"2022-09-26T18:30:39.145Z","dependency_job_id":null,"html_url":"https://github.com/mjah/jwt-auth","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/mjah/jwt-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjah%2Fjwt-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjah%2Fjwt-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjah%2Fjwt-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjah%2Fjwt-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mjah","download_url":"https://codeload.github.com/mjah/jwt-auth/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mjah%2Fjwt-auth/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30352882,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-10T15:55:29.454Z","status":"ssl_error","status_checked_at":"2026-03-10T15:54:58.440Z","response_time":106,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication","golang","jwt","postgresql","rabbitmq"],"created_at":"2025-12-16T01:22:21.234Z","updated_at":"2026-03-10T20:34:38.224Z","avatar_url":"https://github.com/mjah.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# JWT Authentication Microservice\n\n[![GoDoc Badge]][GoDoc] [![GoReportCard Badge]][GoReportCard]\n\n[GoDoc]: https://godoc.org/github.com/mjah/jwt-auth\n[GoDoc Badge]: https://godoc.org/github.com/mjah/jwt-auth?status.svg\n[GoReportCard]: https://goreportcard.com/report/github.com/mjah/jwt-auth\n[GoReportCard Badge]: https://goreportcard.com/badge/github.com/mjah/jwt-auth\n\nA simple JWT based authentication server.\n\nFeatures:\n\n* Token based stateless authentication.\n* User sign up, sign in, sign out, update, confirm, delete, and reset password.\n* Send welcome, confirm, and reset password emails.\n* Issue access and refresh token on signin.\n* Ability to store tokens in HTTPOnly cookies and/or receive in JSON response.\n* Refresh token revocation on sign out and ability to revoke all refresh tokens on sign out everywhere.\n* JWT signed using RS256 signing algorithm for asymmetric encryption.\n\n## Quick Start\n\nThis section will guide you through getting this project up and running as quickly as possible. It will only require that [docker](https://www.docker.com/) is installed and nothing else.\n\n**This quick start is recommended for experimenting/testing purposes only.**\n\n### Run Postgresql\n\n```sh\ndocker run -it --rm \\\n--name postgres \\\n-p 5432:5432 \\\n-e POSTGRES_DB=jwt-auth \\\n-e POSTGRES_USER=postgres \\\n-e POSTGRES_PASSWORD=postgres \\\npostgres:11-alpine\n```\n\nNote: If you want to use an existing Postgresql setup with same port, then ensure that the jwt-auth database is created.\n\n### Run Rabbitmq\n\n```sh\ndocker run -it --rm \\\n--name rabbitmq \\\n-p 5672:5672 \\\n-p 15672:15672 \\\nrabbitmq:3-management\n```\n\n### Generate an RSA keypair with a 2048 bit private key\n\n```sh\nJA_KEYS_DIR=\"$HOME/.jwt-auth/keys\"\n\nmkdir -p \"$JA_KEYS_DIR\"\nopenssl genpkey -algorithm RSA -out \"$JA_KEYS_DIR/private_key.pem\" -pkeyopt rsa_keygen_bits:2048\nopenssl rsa -pubout -in \"$JA_KEYS_DIR/private_key.pem\" -out \"$JA_KEYS_DIR/public_key.pem\"\n```\n\n### Run application\n\n```sh\ndocker run \\\n--network host \\\n--volume \"$JA_KEYS_DIR\":/keys \\\n-e JA_TOKEN_PRIVATE_KEY_PATH=/keys/private_key.pem \\\n-e JA_TOKEN_PUBLIC_KEY_PATH=/keys/public_key.pem \\\ndocker.pkg.github.com/mjah/jwt-auth/jwt-auth:latest serve\n```\n\nGo to [localhost:9096/ping](http://localhost:9096/ping), if you receive a pong then you are now up and running.\n\n## Configuration\n\nSee the [config.example.yml](https://github.com/mjah/jwt-auth/blob/master/config.example.yml) file for an example of the configuration.\n\nEnvironment variables are also supported. This will be the configuration name in all capital letters, 'JA\\_' prefixed, and '.' replaced with '\\_'. E.g. *email.smtp_host* becomes *JA_EMAIL_SMTP_HOST*.\n\n## API\n\n### Public Routes\n\n\u003ctable\u003e\n  \u003cthead\u003e\n    \u003ctr\u003e\n      \u003cth\u003ePath\u003c/th\u003e\n      \u003cth\u003eMethod\u003c/th\u003e\n      \u003cth\u003eJSON Data\u003c/th\u003e\n      \u003cth\u003eShared Error Responses\u003c/th\u003e\n      \u003cth\u003eFurther Error Responses\u003c/th\u003e\n    \u003c/tr\u003e\n  \u003c/thead\u003e\n  \u003ctbody\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/signup\u003c/td\u003e\n      \u003ctd\u003ePOST\u003c/td\u003e\n      \u003ctd\u003e\n        email (string, required)\u003cbr\u003e\n        username (string, required)\u003cbr\u003e\n        password (string, required)\u003cbr\u003e\n        first_name (string, required)\u003cbr\u003e\n        last_name (string, required)\u003cbr\u003e\n        confirm_email_url (string, required)\n      \u003c/td\u003e\n      \u003ctd rowspan=0\u003e\n        DetailsInvalid\u003cbr\u003e\n        DatabaseConnectionFailed\u003cbr\u003e\n        DatabaseQueryFailed\n      \u003c/td\u003e\n      \u003ctd\u003e\n        EmailAndUsernameAlreadyExists\u003cbr\u003e\n        EmailAlreadyExists\u003cbr\u003e\n        UsernameAlreadyExists\u003cbr\u003e\n        DefaultRoleAssignFailed\u003cbr\u003e\n        PasswordGenerationFailed\u003cbr\u003e\n        MessageQueueFailed\n      \u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/signin\u003c/td\u003e\n      \u003ctd\u003ePOST\u003c/td\u003e\n      \u003ctd\u003e\n        email (string, required)\u003cbr\u003e\n        password (string, required)\u003cbr\u003e\n        remember_me (bool, required)\n      \u003c/td\u003e\n      \u003ctd\u003e\n        EmailDoesNotExist\u003cbr\u003e\n        PasswordInvalid\u003cbr\u003e\n        AccessTokenIssueFailed\u003cbr\u003e\n        RefreshTokenIssueFailed\n      \u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/confirm-email\u003c/td\u003e\n      \u003ctd\u003ePOST\u003c/td\u003e\n      \u003ctd\u003e\n        email (string, required)\u003cbr\u003e\n        confirm_email_token (string, required)\n      \u003c/td\u003e\n      \u003ctd\u003e\n        EmailDoesNotExist\u003cbr\u003e\n        EmailAlreadyConfirmed\u003cbr\u003e\n        UUIDTokenDoesNotMatch\u003cbr\u003e\n        UUIDTokenExpired\n      \u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/reset-password\u003c/td\u003e\n      \u003ctd\u003ePOST\u003c/td\u003e\n      \u003ctd\u003e\n        email (string, required)\u003cbr\u003e\n        reset_password_token (string, required)\u003cbr\u003e\n        password (string, required)\n      \u003c/td\u003e\n      \u003ctd\u003e\n        EmailDoesNotExist\u003cbr\u003e\n        UUIDTokenDoesNotMatch\u003cbr\u003e\n        UUIDTokenExpired\u003cbr\u003e\n        PasswordGenerationFailed\n      \u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/send-confirm-email\u003c/td\u003e\n      \u003ctd\u003ePOST\u003c/td\u003e\n      \u003ctd\u003e\n        email (string, required)\u003cbr\u003e\n        confirm_email_url (string, required)\n      \u003c/td\u003e\n      \u003ctd\u003e\n        EmailDoesNotExist\u003cbr\u003e\n        EmailAlreadyConfirmed\u003cbr\u003e\n        MessageQueueFailed\n      \u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/send-reset-password\u003c/td\u003e\n      \u003ctd\u003ePOST\u003c/td\u003e\n      \u003ctd\u003e\n        email (string, required)\u003cbr\u003e\n        reset_password_url (string, required)\n      \u003c/td\u003e\n      \u003ctd\u003e\n        EmailDoesNotExist\u003cbr\u003e\n        MessageQueueFailed\n      \u003c/td\u003e\n    \u003c/tr\u003e\n  \u003c/tbody\u003e\n\u003c/table\u003e\n\n### Private Routes\n\nAccessing private routes will require the refresh token in the authorization bearer.\n\n\u003ctable\u003e\n  \u003cthead\u003e\n    \u003ctr\u003e\n      \u003cth\u003ePath\u003c/th\u003e\n      \u003cth\u003eMethod\u003c/th\u003e\n      \u003cth\u003eJSON Data\u003c/th\u003e\n      \u003cth\u003eShared Error Responses\u003c/th\u003e\n      \u003cth\u003eFurther Error Responses\u003c/th\u003e\n    \u003c/tr\u003e\n  \u003c/thead\u003e\n  \u003ctbody\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/user\u003c/td\u003e\n      \u003ctd\u003eGET\u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n      \u003ctd rowspan=0\u003e\n        AuthorizationBearerTokenEmpty\u003cbr\u003e\n        RefreshTokenCookieEmpty\u003cbr\u003e\n        JWTTokenInvalid\u003cbr\u003e\n        DatabaseConnectionFailed\u003cbr\u003e\n        DatabaseQueryFailed\u003cbr\u003e\n        UserDoesNotExist\u003cbr\u003e\n        UserIsNotActive\u003cbr\u003e\n        RefreshTokenIsRevoked\n      \u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/user\u003c/td\u003e\n      \u003ctd\u003ePATCH\u003c/td\u003e\n      \u003ctd\u003e\n        email (string, optional)\u003cbr\u003e\n        username (string, optional)\u003cbr\u003e\n        password (string, optional)\u003cbr\u003e\n        first_name (string, optional)\u003cbr\u003e\n        last_name (string, optional)\n      \u003c/td\u003e\n      \u003ctd\u003e\n        DetailsInvalid\u003cbr\u003e\n        EmailAndUsernameAlreadyExists\u003cbr\u003e\n        EmailAlreadyExists\u003cbr\u003e\n        UsernameAlreadyExists\u003cbr\u003e\n        PasswordGenerationFailed\n      \u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/user\u003c/td\u003e\n      \u003ctd\u003eDELETE\u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/signout\u003c/td\u003e\n      \u003ctd\u003eGET\u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/signout-all\u003c/td\u003e\n      \u003ctd\u003eGET\u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n    \u003c/tr\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e/refresh-token\u003c/td\u003e\n      \u003ctd\u003eGET\u003c/td\u003e\n      \u003ctd\u003e\u003c/td\u003e\n      \u003ctd\u003e\n        AccessTokenIssueFailed\n      \u003c/td\u003e\n    \u003c/tr\u003e\n  \u003c/tbody\u003e\n\u003c/table\u003e\n\n### Error Responses\n\nError responses and their codes can be seen in [errors/codes.go](https://github.com/mjah/jwt-auth/blob/master/errors/codes.go)\n\n## Example Client\n\nTo see an implementation of the jwt-auth API, please see the following [example client](https://github.com/mjah/jwt-auth-client-example).\n\n## Contributing\n\nAny feedback and pull requests are welcome and highly appreciated. Please open an issue first if you intend to send in a larger pull request or want to add additional features.\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](https://github.com/mjah/jwt-auth/blob/master/LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmjah%2Fjwt-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmjah%2Fjwt-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmjah%2Fjwt-auth/lists"}