Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
package main
import (
type handler struct{}
// Most of the code is taken from the echo guide
func (h *handler) login(c echo.Context) error {
username := c.FormValue("username")
password := c.FormValue("password")
// Check in your db if the user exists or not
if username == "jon" && password == "password" {
// Create token
token := jwt.New(jwt.SigningMethodHS256)
// Set claims
// This is the information which frontend can use
// The backend can also decode the token and get admin etc.
claims := token.Claims.(jwt.MapClaims)
claims["name"] = "Jon Doe"
claims["admin"] = true
claims["exp"] = time.Now().Add(time.Hour * 72).Unix()
// Generate encoded token and send it as response.
// The signing string should be secret (a generated UUID works too)
t, err := token.SignedString([]byte("secret"))
if err != nil {
return err
return c.JSON(http.StatusOK, map[string]string{
"token": t,
return echo.ErrUnauthorized
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment