Book Image

Building RESTful Web services with Go

By : Naren Yellavula
Book Image

Building RESTful Web services with Go

By: Naren Yellavula

Overview of this book

REST is an architectural style that tackles the challenges of building scalable web services and in today's connected world, APIs have taken a central role on the web. APIs provide the fabric through which systems interact, and REST has become synonymous with APIs. The depth, breadth, and ease of use of Go, makes it a breeze for developers to work with it to build robust Web APIs. This book takes you through the design of RESTful web services and leverages a framework like Gin to implement these services. The book starts with a brief introduction to REST API development and how it transformed the modern web. You will learn how to handle routing and authentication of web services along with working with middleware for internal service. The book explains how to use Go frameworks to build RESTful web services and work with MongoDB to create REST API. You will learn how to integrate Postgres SQL and JSON with a Go web service and build a client library in Go for consuming REST API. You will learn how to scale APIs using the microservice architecture and deploy the REST APIs using Nginx as a proxy server. Finally you will learn how to metricize a REST API using an API Gateway. By the end of the book you will be proficient in building RESTful APIs in Go.
Table of Contents (20 chapters)
Title Page
Credits
About the Author
Acknowledgments
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface

API authentication in Kong


As we mentioned, an API gateway should take care of authentication for the multiple APIs running behind the gateway. Many plugins are available to provide authentication on the fly in Kong. In the next chapter, we will see the authentication concept in detail. For now, using these plugins, we can add authentication for a given API by calling the Kong admin API.

An API key-based authentication is becoming famous these days. Kong provides the following authentication patterns:

  • API key-based authentication
  • OAuth2 authentication
  • JWT authentication

For the sake of simplicity, let us implement API key-based authentication. In simple words, key-based authentication allows an external client to consume the REST API with a unique token. For that in Kong, enable the key authentication plugin first. To enable the plugin, make a POST request to the http://localhost:8001/apis/myapi/plugins URL with two things in the JSON body:

  1. The name is key-auth.
  2. config.hide_credentials is true...