diff --git a/src/be/jeffcheasey88/peeratcode/framework/Client.java b/src/be/jeffcheasey88/peeratcode/framework/Client.java
index 4c4da80..0f726cc 100644
--- a/src/be/jeffcheasey88/peeratcode/framework/Client.java
+++ b/src/be/jeffcheasey88/peeratcode/framework/Client.java
@@ -41,14 +41,7 @@ public class Client extends Thread{
 		if(auth == null) return null;
 		auth = auth.substring(7);
 		try{
-			JwtConsumer jwtConsumer = new JwtConsumerBuilder()
-					.setRequireExpirationTime()
-					.setAllowedClockSkewInSeconds(30)
-					.setExpectedIssuer(this.router.getTokenIssuer())
-					.setVerificationKey(this.router.getWebKey().getKey())
-					.setJwsAlgorithmConstraints(ConstraintType.PERMIT, AlgorithmIdentifiers.RSA_USING_SHA256).build();
-
-			JwtClaims jwtClaims = jwtConsumer.processToClaims(auth);
+			JwtClaims jwtClaims = this.router.getJwtConsumer().processToClaims(auth);
 			return new User(jwtClaims);
 		}catch(Exception e){
 			writer.response(401, "Access-Control-Allow-Origin: *");
diff --git a/src/be/jeffcheasey88/peeratcode/framework/Router.java b/src/be/jeffcheasey88/peeratcode/framework/Router.java
index 6b39668..b336fa9 100644
--- a/src/be/jeffcheasey88/peeratcode/framework/Router.java
+++ b/src/be/jeffcheasey88/peeratcode/framework/Router.java
@@ -7,37 +7,52 @@ import java.security.MessageDigest;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Map.Entry;
+import java.util.function.Consumer;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
 import javax.net.ssl.SSLServerSocket;
 import javax.net.ssl.SSLServerSocketFactory;
 
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
 import org.jose4j.jwk.RsaJsonWebKey;
 import org.jose4j.jwk.RsaJwkGenerator;
 import org.jose4j.jws.AlgorithmIdentifiers;
 import org.jose4j.jws.JsonWebSignature;
 import org.jose4j.jwt.JwtClaims;
+import org.jose4j.jwt.consumer.JwtConsumer;
+import org.jose4j.jwt.consumer.JwtConsumerBuilder;
 import org.jose4j.lang.JoseException;
 
 public class Router{
 	
-	public static void main(String[] args){}
-	
 	private Map<RequestType, Map<Response, Route>> responses;
 	private Map<Response, Pattern> patterns;
 	private Response noFileFound;
 	private RsaJsonWebKey rsaJsonWebKey;
-	private String token_issuer;
-	private int token_expiration;
+	private JwtConsumer jwtConsumer;
+	private Consumer<JwtClaims> claims;
 
-	public Router(String token_issuer, int token_expiration) throws Exception{
-		this.token_issuer = token_issuer;
-		this.token_expiration = token_expiration;
+	public Router() throws Exception{
 		this.responses = new HashMap<>();
 		for(RequestType type : RequestType.values()) this.responses.put(type, new HashMap<>());
 		this.patterns = new HashMap<>();
 		this.rsaJsonWebKey = RsaJwkGenerator.generateJwk(2048);
+		
+	}
+	
+	public Router configureJwt(Consumer<JwtConsumerBuilder> consumer, Consumer<JwtClaims> claims){
+		JwtConsumerBuilder builder = new JwtConsumerBuilder()
+		.setRequireExpirationTime()
+		.setAllowedClockSkewInSeconds(30)
+		.setVerificationKey(rsaJsonWebKey.getKey())
+		.setJwsAlgorithmConstraints(ConstraintType.PERMIT, AlgorithmIdentifiers.RSA_USING_SHA256);
+		
+		consumer.accept(builder);
+		
+		this.jwtConsumer = builder.build();
+		this.claims = claims;
+		return this;
 	}
 	
 	public void listen(int port, boolean ssl) throws Exception{
@@ -110,26 +125,21 @@ public class Router{
 		if(noFileFound != null) noFileFound.exec(null, user, reader, writer);
 	}
 
-	public RsaJsonWebKey getWebKey(){
-		return this.rsaJsonWebKey;
-	}
-
-	public String getTokenIssuer(){
-		return this.token_issuer;
-	}
-	
 	public void configureSSL(String keyStore, String keyStorePassword){
 		System.setProperty("javax.net.ssl.keyStore", keyStore);
 		System.setProperty("javax.net.ssl.keyStorePassword", keyStorePassword);
 	}
+	
+	public JwtConsumer getJwtConsumer(){
+		return this.jwtConsumer;
+	}
 
 	public String createAuthUser(int id) throws JoseException{
 		JwtClaims claims = new JwtClaims();
-		claims.setIssuer(token_issuer); // who creates the token and signs it
-		claims.setExpirationTimeMinutesInTheFuture(token_expiration);
 		claims.setGeneratedJwtId(); // a unique identifier for the token
 		claims.setIssuedAtToNow(); // when the token was issued/created (now)
 		claims.setNotBeforeMinutesInThePast(2); // time before which the token is not yet valid (2 minutes ago)
+		this.claims.accept(claims);
 
 		claims.setClaim("id", id);