--- a/cmd/tokenserver/main.go	Mon Jun 11 11:53:07 2018 +0200
+++ b/cmd/tokenserver/main.go	Mon Jun 11 12:10:14 2018 +0200
@@ -5,8 +5,38 @@
 	"fmt"
 	"log"
 	"net/http"
+	"time"
+
+	jwt "github.com/dgrijalva/jwt-go"
 )
 
+func token(rw http.ResponseWriter, req *http.Request) {
+	user := req.FormValue("user")
+	password := req.FormValue("password")
+
+	_ = password
+
+	eol := time.Now().Add(45 * time.Minute)
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"user": user,
+		"eol":  eol.Unix(),
+	})
+
+	signingKey := []byte("very, very secret!")
+
+	tokenString, err := token.SignedString(signingKey)
+
+	if err != nil {
+		http.Error(rw, "Signing failed", http.StatusInternalServerError)
+		return
+	}
+
+	rw.Header().Set("Content-Type", "text/plain")
+
+	fmt.Fprintf(rw, "%s\n", tokenString)
+}
+
 func index(rw http.ResponseWriter, req *http.Request) {
 	fmt.Fprintln(rw, "I was here!")
 }
@@ -18,6 +48,7 @@
 
 	mux := http.NewServeMux()
 	mux.HandleFunc("/", index)
+	mux.HandleFunc("/token", token)
 
 	addr := fmt.Sprintf("%s:%d", *host, *port)
 	log.Fatalln(http.ListenAndServe(addr, mux))