# Echo Missing JWT Middleware

- ID: go-echo-missing-jwt
- Severity: HIGH
- CWE: CWE-306 (CWE-306)
- Languages: Go
- Frameworks: echo

## Description

API endpoints lack JWT authentication middleware protection.

## Remediation

Add JWT middleware to protect API routes.

```go
import "github.com/labstack/echo-jwt/v4"

api := e.Group("/api")
api.Use(echojwt.JWT([]byte(os.Getenv("JWT_SECRET"))))
api.POST("/transfer", transferHandler)
```

Learn more: https://shoulder.dev/learn/go/cwe-306/jwt-middleware

## Related Rules

- **Django View Missing Authentication** [HIGH]: 
- **FastAPI Endpoint Missing Authentication** [HIGH]: 
- **Fiber Missing JWT Middleware** [HIGH]: 
- **Gin Missing JWT Middleware** [HIGH]: 
- **NestJS Endpoint Missing Authentication Guard** [HIGH]: