- Go
- JWT
- MongoDB
- The first route issues a pair of Access, Refresh tokens for the user with the identifier (GUID) specified in the request parameter
- The second route performs a Refresh operation on a pair of Access, Refresh tokens
- Access token type JWT, SHA512 algorithm, is strictly prohibited to store in the database.
- Refresh token is an arbitrary type, base64 transfer format, stored in the database exclusively in the form of a bcrypt hash, must be protected from changes on the client's side and reuse attempts.
- Access, Refresh tokens are mutually related, Refresh operation for Access token can be performed only by the Refresh token that was issued with it.
- go 1.19
- swag (optional, used to re-generate swagger documentation)
Create .env file in root directory and add following values:
MONGO_URI=mongodb://localhost:27017
MONGO_DB_NAME=GoJWT
JWT_KEY=asjk2sdgfs3sdg9