PASETO - a better alternative to JWT

v4.local.OPJGFORYNS3QmwllF3YSHTjtFzZxewVK1Hl1jpfq3ZCdoV5wyro37YJU30S2tkFWLPx709hcaQ4LzXuOdFGJ_6KIWobqcggDW6S5tSViDrcmgv2lp1osn-y-XhzFDa7pepqU0Zevv3ZiJVE0Thx1tjVW8U4gC_1CKVi-7tWqzKtpILRWwp0v-KiTW0JMt14LRyKpyrc.L0NvbnRyb2wvTG9n
package main

import (
	"fmt"
	"log"
	"time"

	"aidanwoods.dev/go-paseto"
)

const (
	footer   = "/Control/Log"
	implicit = "implicit bytes"
)

func main() {
	t := paseto.NewToken()
	t.SetFooter([]byte(footer))
	t.SetString("role", "daemon")
	t.SetIssuedAt(time.Now())
	t.SetExpiration(time.Now().Add(time.Minute * 5))

	// must be kept secret
	key := paseto.NewV4SymmetricKey()
	fmt.Printf("Secret key: %s\n", key.ExportHex())

	enc := t.V4Encrypt(key, []byte(implicit))
	fmt.Printf("Token: %s\n", enc)

	// extract footer without decrypting the token
	p := paseto.NewParser()
	f, err := p.UnsafeParseFooter(paseto.V4Local, enc)
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("footer: %s\n", string(f))

	// decrypt the token
	token, err := p.ParseV4Local(key, enc, []byte(implicit))
	if err != nil {
		log.Fatal(err)
	}

	role, err := token.GetString("role")
	if err != nil {
		log.Fatal(err)
	}
	fmt.Printf("role: %s\n", role)
}
#Cryptography#Paseto