# Gin Missing JWT Middleware

- ID: go-gin-missing-jwt
- Severity: HIGH
- CWE: CWE-306 (CWE-306)
- Languages: Go
- Frameworks: gin

## Description

API endpoints lack JWT authentication middleware protection.

## Detection Message

Gin application missing JWT authentication middleware

## Remediation

Add JWT middleware to protect API routes.

```go
import jwt "github.com/appleboy/gin-jwt/v2"

auth, _ := jwt.New(&jwt.GinJWTMiddleware{
    Realm: "api",
    Key:   []byte(os.Getenv("JWT_SECRET")),
})
api := r.Group("/api")
api.Use(auth.MiddlewareFunc())
api.POST("/transfer", transferHandler)
```

Learn more: https://shoulder.dev/learn/go/cwe-306/jwt-middleware

## Related Rules

- **Django View Missing Authentication** [HIGH]: 
- **FastAPI Endpoint Missing Authentication** [HIGH]: 
- **Echo Missing JWT Middleware** [HIGH]: 
- **Fiber Missing JWT Middleware** [HIGH]: 
- **NestJS Endpoint Missing Authentication Guard** [HIGH]: