Skip to content
🔑 Secure alternative to JWT. Authenticated Encrypted API Tokens for Go.
Branch: master
Clone or download
Latest commit 10b7994 Aug 8, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore usual suspects Jan 9, 2018
.travis.yml
LICENSE usual suspects Jan 9, 2018
README.md added more tests Aug 8, 2018
branca.go gofmt move package comment Aug 8, 2018
branca_test.go

README.md

branca

Build Status Go Report Card GoDoc

branca is a secure alternative to JWT, This implementation is written in pure Go (no cgo dependencies) and implements the branca token specification.

Requirements

Go 1.5 and beyond.

Install

go get -u github.com/hako/branca

Example

package main

import (
	"fmt"
	"github.com/hako/branca"
)

func main() {
	b := branca.NewBranca("supersecretkeyyoushouldnotcommit") // This key must be exactly 32 bytes long.
	
	// Encode String to Branca Token.
	token, err := b.EncodeToString("Hello world!")
	if err != nil {
		fmt.Println(err)
	}
				
    //b.SetTTL(3600) // Uncomment this to set an expiration (or ttl) of the token (in seconds).
    //token = "87y8daMzSkn7PA7JsvrTT0JUq1OhCjw9K8w2eyY99DKru9FrVKMfeXWW8yB42C7u0I6jNhOdL5ZqL" // This token will be not allowed if a ttl is set.
	
	// Decode Branca Token.
	message, err := b.DecodeToString(token)
	if err != nil {
		fmt.Println(err) // token is expired.
		return
	}
	fmt.Println(token) // 87y8da....
	fmt.Println(message) // Hello world!
}

Todo

Here are a few things that need to be done:

  • Remove cgo dependencies.
  • Move to a pure XChaCha20 algorithm in Go.
  • Add more tests than just acceptance tests.
  • Increase test coverage.
  • Additional Methods. (Encode, Decode []byte)
  • Performance benchmarks.
  • More comments, examples and documentation.

Contributing

Contributions are welcome! Fork this repo and add your changes and submit a PR.

If you would like to fix a bug, add a feature or provide feedback you can do so in the issues section.

You can run tests by runnning go test. Running go test; go vet; golint is recommended.

License

MIT

You can’t perform that action at this time.