Book Image

The Go Workshop

By : Delio D'Anna, Andrew Hayes, Sam Hennessy, Jeremy Leasor, Gobin Sougrakpam, Dániel Szabó
5 (2)
Book Image

The Go Workshop

5 (2)
By: Delio D'Anna, Andrew Hayes, Sam Hennessy, Jeremy Leasor, Gobin Sougrakpam, Dániel Szabó

Overview of this book

The Go Workshop will take the pain out of learning the Go programming language (also known as Golang). It is designed to teach you to be productive in building real-world software. Presented in an engaging, hands-on way, this book focuses on the features of Go that are used by professionals in their everyday work. Each concept is broken down, clearly explained, and followed up with activities to test your knowledge and build your practical skills. Your first steps will involve mastering Go syntax, working with variables and operators, and using core and complex types to hold data. Moving ahead, you will build your understanding of programming logic and implement Go algorithms to construct useful functions. As you progress, you'll discover how to handle errors, debug code to troubleshoot your applications, and implement polymorphism using interfaces. The later chapters will then teach you how to manage files, connect to a database, work with HTTP servers and REST APIs, and make use of concurrent programming. Throughout this Workshop, you'll work on a series of mini projects, including a shopping cart, a loan calculator, a working hours tracker, a web page counter, a code checker, and a user authentication system. By the end of this book, you'll have the knowledge and confidence to tackle your own ambitious projects with Go.
Table of Contents (21 chapters)
Free Chapter
1. Variables and Operators
2. Logic and Loops

Password Management

If you are managing user accounts on your website, one common way of verifying user identity is through a combination of usernames and passwords. This authentication mechanism has the risk that, if not properly managed, user credentials can be leaked. This has happened to many of the major websites around the world and remains a surprisingly common security incident.

The main rule of thumb regarding password management is to never store passwords in plaintext (either in memory or in a database). Instead, implement an approved hash algorithm to create a one-way hash of the password so that you can confirm the identity through the hash. However, it is not possible to retrieve the password from the hash. We can see this in action with an example.

The following code shows how to create a one-way hash from a plaintext string. We are using the bcrypt package to generate the hash. We then perform a comparison of the password with the hash to verify the match: