Book Image

Building RESTful Web services with Go

By : Naren Yellavula
Book Image

Building RESTful Web services with Go

By: Naren Yellavula

Overview of this book

REST is an architectural style that tackles the challenges of building scalable web services and in today's connected world, APIs have taken a central role on the web. APIs provide the fabric through which systems interact, and REST has become synonymous with APIs. The depth, breadth, and ease of use of Go, makes it a breeze for developers to work with it to build robust Web APIs. This book takes you through the design of RESTful web services and leverages a framework like Gin to implement these services. The book starts with a brief introduction to REST API development and how it transformed the modern web. You will learn how to handle routing and authentication of web services along with working with middleware for internal service. The book explains how to use Go frameworks to build RESTful web services and work with MongoDB to create REST API. You will learn how to integrate Postgres SQL and JSON with a Go web service and build a client library in Go for consuming REST API. You will learn how to scale APIs using the microservice architecture and deploy the REST APIs using Nginx as a proxy server. Finally you will learn how to metricize a REST API using an API Gateway. By the end of the book you will be proficient in building RESTful APIs in Go.
Table of Contents (20 chapters)
Title Page
Credits
About the Author
Acknowledgments
About the Reviewer
www.PacktPub.com
Customer Feedback
Preface

Introduction to JSON Web Tokens (JWT) and OAuth2


The previous style of authentication is a plain username/password and session-based. It has a limitation of managing sessions by saving them in the program memory or Redis/SQLite3. The modern REST API implements token-based authentication. Here, tokens can be any strings generated by the server, which allows the client to access resources by showing the token. Here, the token is computed in such a way that the client and the server only know how to encode/decode the token. JWT tries to solve this problem by enabling us to create tokens that we can pass around.

Whenever a client passes the authentication details to the server, the server generates a token and passes it back to the client. The client saves that in some kind of storage, such as a database or local storage (in case of browser). The client uses that token to ask for resources from any API defined by the server:

The steps can be summarized more briefly as follows:

  1. The client passes...