Code Room
Code reviewMediumcr-g431
Subject Jwt misuseLevel Mid–Senior~18 minCommon in Code quality & review interviewsIndustries Software development, Technology

Question

Review this Go JWT middleware.

What a strong answer looks like

Separate real bugs from style. Rank issues by severity, point at the root cause rather than the symptom, and suggest a concrete fix — specific and kind.

Talk through your review
Code to reviewgo
func Authenticate(next http.Handler) http.Handler {	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {		raw := strings.TrimPrefix(r.Header.Get("Authorization"), "Bearer ")		tok, err := jwt.Parse(raw, func(t *jwt.Token) (interface{}, error) {			if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {				return nil, errors.New("bad alg")			}			return hmacKey, nil		})		claims := tok.Claims.(jwt.MapClaims)		r = r.WithContext(context.WithValue(r.Context(), userKey, claims["sub"]))		next.ServeHTTP(w, r)	})}
Run or narrate your approach, then ask the coach.