Book Image

Building Distributed Applications in Gin

By : Mohamed Labouardy
4 (1)
Book Image

Building Distributed Applications in Gin

4 (1)
By: Mohamed Labouardy

Overview of this book

Gin is a high-performance HTTP web framework used to build web applications and microservices in Go. This book is designed to teach you the ins and outs of the Gin framework with the help of practical examples. You’ll start by exploring the basics of the Gin framework, before progressing to build a real-world RESTful API. Along the way, you’ll learn how to write custom middleware and understand the routing mechanism, as well as how to bind user data and validate incoming HTTP requests. The book also demonstrates how to store and retrieve data at scale with a NoSQL database such as MongoDB, and how to implement a caching layer with Redis. Next, you’ll understand how to secure and test your API endpoints with authentication protocols such as OAuth 2 and JWT. Later chapters will guide you through rendering HTML templates on the server-side and building a frontend application with the React web framework to consume API responses. Finally, you’ll deploy your application on Amazon Web Services (AWS) and learn how to automate the deployment process with a continuous integration and continuous delivery (CI/CD) pipeline. By the end of this Gin book, you will be able to design, build, and deploy a production-ready distributed application from scratch using the Gin framework.
Table of Contents (16 chapters)
1
Section 1: Inside the Gin Framework
3
Section 2: Distributed Microservices
9
Section 3: Beyond the Basics

Discovering security vulnerabilities

There are many tools that help in identifying major security vulnerabilities in your Gin web application. In this section, we will cover two tools, out of a few, that you can adopt while building a Gin application: Snyk and Golang Security Checker (Gosec).

In the upcoming sections, we will demonstrate how to use these tools to inspect security vulnerabilities in a Gin application.

Gosec

Gosec is a tool written in Golang that inspects the source code for security problems by scanning the Go abstract syntax tree (AST). Before we inspect the Gin application code, we need to install the Gosec binary.

The binary can be downloaded with the following cURL command. Here, version 2.7.0 is being used:

curl -sfL https://raw.githubusercontent.com/securego/gosec/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v2.7.0

Once the command is installed, run the following command on your project folder. The ./... argument is set to recursively...