JWTs in Elixir: fast parsing by plain pattern matching

JSON Web Tokens (JWTs) are the backbone of modern authentication. If you are building an API, chances are you are verifying a JWT on almost every single incoming request. Because it happens so frequently, JWT verification is a prime candidate for optimization. But if you look at how standard JWT verification works, there is a lot of hidden overhead. The Standard "Slow Path" A JWT consists of three parts separated by dots: header.payload.signature . To verify a standard token, your application typically has to do the following: Split the string by the . character using String.split/2 and/or regex. Base64-decode the header. Parse the resulting JSON string into a map. Extract the kid (Key ID) and alg (Algorithm) claims. Look up the correct public or symmetric key. Verify the signature against the payload. Steps 1 through 4 require allocating memory for new binaries, running a Base64 decoder, and firing up a JSON parser—all just to figure out which key to use. If your application is mintin