Go and JWT - Simple authentication

I’m currently making an API (with go) and I’m working on the session part. After research about what to use for session, I found JWT really interesting.

However I’m not really sure to understand how to use it after some tutorials. So this is my idea:

func main() {

    router := mux.NewRouter().StrictSlash(true)

    router.HandleFunc("/login", login)
    router.HandleFunc("/logout", logout)
    router.HandleFunc("/register", register)

    http.ListenAndServe(":8080", router)


After those requests handled, I create the differents functions.

func login(w http.ResponseWriter, r *http.Request) {
    Here I just have to search in my database (SQL, I know how to do it). If the user is registered, I create a token and give it to him, but how can I do it?                                           

 func logout(w http.ResponseWriter, r *http.Request) {
    I get a token and stop/delete it?                                                                                                                                                                    

 func register(w http.ResponseWriter, r *http.Request) {
    I search if the user isn't register and then, if it isn't, I create a user in the database (I know how to do it). I connect him but again, how to make a new token?                                  

Lot of tutorials on the web seems really hard but I just want something simple. I just want an handle package (code above) which work with a service package to have something like an engine token authentication.

A second point I’m not sure to understand is the saving of the token. If a user connects himself, then what would be best? Each time the user runs their app, the app connects itself and get a new token from saved information (user/password) or the app just save the token forever? And what about the server, is the token managed and saved automatically with JWT or do I have to put it in my sql database?

Thank for your help !


Thank you ! So after I read your answer, I encapsulated my code (token.go) like it

package services

import (

var tokenEncodeString string = "something"

func createToken(user models.User) (string, error) {
    // create the token                                                                                                                                                                                  
    token := jwt.New(jwt.SigningMethodHS256)

    // set some claims                                                                                                                                                                                   
    token.Claims["username"] = user.Username;
    token.Claims["password"] = user.Password;
    token.Claims["exp"] = time.Now().Add(time.Hour * 72).Unix()

    //Sign and get the complete encoded token as string                                                                                                                                                  
    return (token.SignedString(tokenEncodeString))

func parseToken(unparsedToken string) (bool, string) {
    token, err := jwt.Parse(unparsedToken, func(token *jwt.Token) (interface{}, error) {
            // Don't forget to validate the alg is what you expect:                                                                                                                                      
            if _, ok := token.Method.(*jwt.SigningMethodRSA); !ok {
                    return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
            return myLookupKey(token.Header["kid"]), nil

    if err == nil && token.Valid {
            return true, unparsedToken
    } else {
            return false, ""

However, I got the following error: “token.go: undefined: myLookupKey” I looked on internet and I found an encapsulated function which have this prototype:

func ExampleParse(myToken string, myLookupKey func(interface{}) (interface{}, error)) {
 /* same code in my func parseToken() */

So what are the difference between my function and this one? How can I use this one?

Thanks !