Question 1

How to use sjwt with Go structs for claims?

Accepted Answer

Use the sjwt.ToClaims function to marshal a Go struct into JWT claims. Ensure struct fields have JSON tags, as shown in the example with the Info struct. This enables type-safe claim handling without manual key setting.

Question 2

sjwt vs jwt-go: which is better for simple projects?

Accepted Answer

sjwt is more minimalistic and focused solely on HMAC SHA-256, making it easier for basic JWT needs. jwt-go is feature-rich but can be overkill; choose sjwt if you prioritize simplicity and only need HMAC signing.

Question 3

How to validate JWT expiration with sjwt?

Accepted Answer

After parsing the token with sjwt.Parse, call the Validate method on the claims object. It automatically checks expiration and not-before dates if set, returning an error for invalid tokens, as demonstrated in the verify example.

Question 4

Can sjwt handle encrypted tokens?

Accepted Answer

No, sjwt only supports signed tokens using HMAC SHA-256 and does not support JSON Web Encryption (JWE) for encrypted tokens. For encryption, you would need a different library like go-jose.

Question 5

What's the secret key requirement for sjwt?

Accepted Answer

The secret key must be at least 32 random bytes, as noted in the security warning. Generate keys using crypto/rand in production, such as with hex.EncodeToString, to ensure security.

Question 6

How to integrate sjwt with Gin framework?

Accepted Answer

sjwt doesn't provide built-in Gin middleware. You'll need to create custom middleware that uses sjwt.Verify and sjwt.Parse to check tokens in request headers, similar to standard JWT integration patterns in Go.

sjwt

What is sjwt?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions