I use Chi, which is really good middleware. For middleware, there is JWT Auth as well as CASBIN for role base API access.
Works incredibly well. I set mine up to use both access and refresh tokens over http cookies.. no use of local storage. As a noob, it took me a bit over a week to get the majority of it working and understood.
Feel free to PM me if you have questions.