https://github.com/shaikrasheed99/golang-user-jwt-authentication

JWT Authentication using Refresh Token Rotation mechanism.
https://github.com/shaikrasheed99/golang-user-jwt-authentication

authentication authorization golang golang-authentication golang-authorization golang-jwt jwt jwt-authentication jwt-authorization users users-auth

Last synced: about 1 month ago
JSON representation

JWT Authentication using Refresh Token Rotation mechanism.

• Host: GitHub
• URL: https://github.com/shaikrasheed99/golang-user-jwt-authentication
• Owner: shaikrasheed99
• License: mit
• Created: 2023-07-20T13:12:31.000Z (over 1 year ago)
• Default Branch: master
• Last Pushed: 2023-07-28T10:00:16.000Z (over 1 year ago)
• Last Synced: 2024-10-01T17:07:53.698Z (about 2 months ago)
• Topics: authentication, authorization, golang, golang-authentication, golang-authorization, golang-jwt, jwt, jwt-authentication, jwt-authorization, users, users-auth
• Language: Go
• Homepage:
• Size: 80.1 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# Users JWT Authentication

Users JWT Authentication using Refresh Token Rotation mechanism.

## Getting started

### Clone the repo

```bash

git clone https://github.com/shaikrasheed99/golang-user-jwt-authentication.git

cd golang-user-jwt-authentication/

```

### Environment variables

For environment variables, create a `.env` file in home directory of this project.

```

DB_HOST="localhost"

DB_PORT=5432

DB_USER="postgres"

DB_PASSWORD="postgres"

DB_NAME="users"

JWT_SECRET="[jwt secret key]"

JWT_ISSUER="[issuer name]"

JWT_ACCESS_TOKEN_EXPIRATION_IN_MINUTES=10

JWT_REFRESH_TOKEN_EXPIRATION_IN_MINUTES=15

```

## Localhost server

To start the localhost server, execute the below command in the terminal.

```bash

make run

```

## API endpoints

### Signup

##### Request

```

curl --location --request POST 'http://localhost:8080/signup' \

--header 'Content-Type: application/json' \

--data-raw '{

    "first_name": "Iron",

    "last_name": "Man",

    "username": "ironman123",

    "password": "ironman@123",

    "email": "[email protected]",

}'

```

##### Response

```

{

    "status": "success",

    "code": "OK",

    "message": "successfully saved user details",

    "data": null

}

```

`Access Token` and `Refresh Token` values would be returned through the `httpOnly` cookies.

### Login

##### Request

```

curl --location --request POST 'http://localhost:8080/login' \

--header 'Content-Type: application/json' \

--data-raw '{

    "username": "ironman123",

    "password": "ironman@123"

}'

```

##### Response

```

{

    "status": "success",

    "code": "OK",

    "message": "successfully logged in",

    "data": null

}

```

`Access Token` and `Refresh Token` values would be returned through the `httpOnly` cookies.

### Logout

##### Request

User needs to provide `Access Token` in the request header to access this api.

```

curl --location --request POST 'http://localhost:8080/logout' \

--header 'Content-Type: application/json' \

--header 'Authorization: Bearer [User's access Token]' \

--data '{

    "username": "ironman123"

}'

```

##### Response

```

{

    "status": "success",

    "code": "OK",

    "message": "successfully logged out",

    "data": null

}

```

Empty `Access Token` and `Refresh Token` values would be returned through the `httpOnly` cookies.

### Refresh Access Token

##### Request

User needs to provide `Refresh Token` in the request header to access this api.

```

curl --location --request POST 'http://localhost:8080/refresh' \

--header 'Content-Type: application/json' \

--header 'Authorization: Bearer [User's refresh token]' \

--data '{

    "username": "ironman123"

}'

```

##### Response

```

{

    "status": "success",

    "code": "OK",

    "message": "successfully received access token",

    "data": null

}

```

`Access Token` and `Refresh Token` values would be returned through the `httpOnly` cookies.

### Fetch all users

This api is only accessed by Admins.

##### Request

Admin needs to provide `Access Token` in the request header to access this api.

```

curl --location --request GET 'http://localhost:8080/users' \

--header 'Authorization: Bearer [Admin's access token]' \

--data ''

```

##### Response

```

{

    "status": "success",

    "code": "OK",

    "message": "successfully got list of users",

    "data": [

        {

            "id": 1,

            "first_name": "Captain",

            "last_name": "America",

            "username": "captain12",

            "email": "[email protected]",

            "role": "user"

        },

        {

            "id": 2,

            "first_name": "Iron",

            "last_name": "Man",

            "username": "ironman123",

            "email": "[email protected]",

            "role": "admin"

        }

    ]

}

```

### Fetch users by username

This api can be accessed by Admins and particular user.

##### Request

User needs to provide `Access Token` in the request header to access this api.

```

curl --location --request GET 'http://localhost:8080/users/ironman123' \

--header 'Content-Type: application/json' \

--header 'Authorization: Bearer [User's access token]' \

--data-raw '{

    "username": "ironman123",

    "password": "ironman@123"

}'

```

##### Response

```

{

    "status": "success",

    "code": "OK",

    "message": "successfully got user details",

    "data": {

        "id": 1,

        "first_name": "Iron",

        "last_name": "Man",

        "username": "ironman123",

        "email": "[email protected]",

        "role": "admin"

    }

}

```