README.md

July 13, 2026 · View on GitHub

Note

This README was generated by SKILL, get the ZH version from here.


ECDSA JWT WITH REDIS LIFECYCLE AND DEVICE BINDING

Go Reference Release License Coverage
Coverage


A Go JWT library with Redis lifecycle, device fingerprint binding, and dual middleware

Table of Contents

Features

go get github.com/pardnchiu/go-jwt · Documentation

import "github.com/pardnchiu/go-jwt/core"
  • Redis Token Lifecycle — Manage create, verify, refresh, and revoke for Access Token and Refresh ID with Transaction Pipelines and distributed locks.
  • Device Fingerprint Binding — Bind tokens to OS, browser, and device ID via SHA-256 so stolen tokens fail on other devices.
  • Dual-Framework Middleware — Drop-in Gin and net/http middleware that verifies tokens and refreshes them transparently on expiry.
  • ES256 with Auto PEM — Sign with ECDSA P-256; load keys from path, inline PEM, or auto-generate a key pair on first run.
  • Versioned Transparent Refresh — Rebuild only the Access Token or fully rotate Refresh ID based on MaxVersion and TTL thresholds.

Architecture

Full Architecture

graph TB
    REQ[HTTP Request] --> MW[Middleware]
    MW --> V[Verify]
    V -->|Valid| AUTH[Return Auth]
    V -->|Expired| RF[Refresh]
    V -->|No Token| DENY[Deny]
    RF --> REDIS[(Redis)]
    V --> FP[Device Fingerprint]

License

This project is licensed under the MIT LICENSE.

Author

邱敬幃 Pardn Chiu

hi@pardn.io
https://www.linkedin.com/in/pardnchiu


©️ 2025 邱敬幃 Pardn Chiu