JWT Example shows timing attack #100
Description
In https://echo.labstack.com/cookbook/jwt , == results in a timing attack (even if you are comparing hashes like this: hash(webPassword) == savedHashedPassword).
The example code should probably have at least a comment // example only; string comparisons are vulnerable to timing attacks and perhaps another comment that even just hashed passwords should use the timing-attack-resistant comparison functions within the hash library, rather than a regular == string comparison.