diff --git a/models/admin.go b/models/admin.go
index 07bdea3..2b9c9f5 100644
--- a/models/admin.go
+++ b/models/admin.go
@@ -2,8 +2,11 @@ package models
 
 import (
 	"errors"
+	"time"
 
+	"github.com/golang-jwt/jwt"
 	"github.com/yxzzy-wtf/gin-gonic-prepack/database"
+	"github.com/yxzzy-wtf/gin-gonic-prepack/util"
 )
 
 type Admin struct {
@@ -11,8 +14,26 @@ type Admin struct {
 	Email string
 }
 
+const adminJwtDuration = time.Hour * 2
+
+var adminHmac = util.GenerateHmac()
+
 func (a *Admin) GetJwt() (string, int) {
-	return "", 0
+	exp := time.Now().Add(adminJwtDuration)
+	j := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"sub":  a.Uid.String(),
+		"iat":  time.Now(),
+		"exp":  exp,
+		"role": "admin",
+	})
+
+	jstr, err := j.SignedString(adminHmac)
+	if err != nil {
+		// we should ALWAYS be able to build and sign a str
+		panic(err)
+	}
+
+	return jstr, int(adminJwtDuration.Seconds())
 }
 
 func (a *Admin) ByEmail(email string) error {
diff --git a/models/user.go b/models/user.go
index b168b19..43a8bf6 100644
--- a/models/user.go
+++ b/models/user.go
@@ -2,8 +2,11 @@ package models
 
 import (
 	"errors"
+	"time"
 
+	"github.com/golang-jwt/jwt"
 	"github.com/yxzzy-wtf/gin-gonic-prepack/database"
+	"github.com/yxzzy-wtf/gin-gonic-prepack/util"
 )
 
 type User struct {
@@ -11,8 +14,27 @@ type User struct {
 	Email string `gorm:"unique"`
 }
 
+const userJwtDuration = time.Hour * 24
+
+var userHmac = util.GenerateHmac()
+
 func (u *User) GetJwt() (string, int) {
-	return "", 0
+	exp := time.Now().Add(userJwtDuration)
+	j := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"sub":  u.Uid.String(),
+		"iat":  time.Now(),
+		"exp":  exp,
+		"role": "user",
+		"tid":  u.Tenant.String(),
+	})
+
+	jstr, err := j.SignedString(userHmac)
+	if err != nil {
+		// we should ALWAYS be able to build and sign a str
+		panic(err)
+	}
+
+	return jstr, int(userJwtDuration.Seconds())
 }
 
 func (u *User) ByEmail(email string) error {
diff --git a/util/util.go b/util/util.go
new file mode 100644
index 0000000..a4b2c7c
--- /dev/null
+++ b/util/util.go
@@ -0,0 +1,12 @@
+package util
+
+import "crypto/rand"
+
+func GenerateHmac() []byte {
+	b := make([]byte, 64)
+	if _, err := rand.Read(b); err != nil {
+		panic(err)
+	}
+
+	return b
+}