Middleware

Auth

JWT middleware for protected routes in TurboGo.

Auth Middleware

TurboGo provides JWT authentication middleware for protecting routes using Authorization: Bearer <token> headers.

Basic Usage

app.Use(
  middleware.Recover(),
  middleware.AuthJWT("my-secret-key"),
)

How It Works

Extracts the Authorization header.
Validates JWT using HMAC SHA.
Aborts request with 401 if the token is missing or invalid.
Sets the first string claim into session: c.SetSession("user", ...)

Example Behavior

Authorization: Bearer <your-jwt-token>

If token is valid, the request proceeds. Otherwise:

{
  "error": "unauthorized",
  "message": "invalid token"
}

Use Cases

Protecting APIs with JWT
User-based route access
Token verification in chained handlers

Context

The request context system used in TurboGo handlers.

Recovery

Panic recovery middleware to prevent server crashes in TurboGo.

On this page

Auth Middleware Basic Usage How It Works Example Behavior Use Cases