# Fiber Missing JWT Middleware

- ID: go-fiber-missing-jwt
- Severity: HIGH
- CWE: CWE-306 (CWE-306)
- Languages: Go
- Frameworks: fiber

## Description

API endpoints lack JWT authentication middleware protection.

## Remediation

Add JWT middleware to protect API routes.

```go
import "github.com/gofiber/contrib/jwt"

api := app.Group("/api")
api.Use(jwtware.New(jwtware.Config{
    SigningKey: jwtware.SigningKey{Key: []byte(os.Getenv("JWT_SECRET"))},
}))
api.Post("/transfer", transferHandler)
```

Learn more: https://shoulder.dev/learn/go/cwe-306/jwt-middleware

## Related Rules

- **Django View Missing Authentication** [HIGH]: 
- **FastAPI Endpoint Missing Authentication** [HIGH]: 
- **Echo Missing JWT Middleware** [HIGH]: 
- **Gin Missing JWT Middleware** [HIGH]: 
- **NestJS Endpoint Missing Authentication Guard** [HIGH]: