Book Image

Hands-On RESTful Web Services with Go - Second Edition

By : Naren Yellavula
Book Image

Hands-On RESTful Web Services with Go - Second Edition

By: Naren Yellavula

Overview of this book

Building RESTful web services can be tough as there are countless standards and ways to develop API. In modern architectures such as microservices, RESTful APIs are common in communication, making idiomatic and scalable API development crucial. This book covers basic through to advanced API development concepts and supporting tools. You’ll start with an introduction to REST API development before moving on to building the essential blocks for working with Go. You’ll explore routers, middleware, and available open source web development solutions in Go to create robust APIs, and understand the application and database layers to build RESTful web services. You’ll learn various data formats like protocol buffers and JSON, and understand how to serve them over HTTP and gRPC. After covering advanced topics such as asynchronous API design and GraphQL for building scalable web services, you’ll discover how microservices can benefit from REST. You’ll also explore packaging artifacts in the form of containers and understand how to set up an ideal deployment ecosystem for web services. Finally, you’ll cover the provisioning of infrastructure using infrastructure as code (IaC) and secure your REST API. By the end of the book, you’ll have intermediate knowledge of web service development and be able to apply the skills you’ve learned in a practical way.

Related Content you might be interested in

Current Title:

Small book image
Hands-On RESTful Web Services with Go - Second Edition
Naren Yellavula
Feb, 2020 | 404 pages
Small book image
Go Web Development Cookbook
Arpit Aggarwal
Apr, 2018 | 338 pages
Small book image
Building Distributed Applications in Gin
Mohamed Labouardy
Jul, 2021 | 482 pages
Small book image
Practical gRPC
Joshua B Humphries | Robert Ross | David Konsumer | David Muto | Carles Sistare
Nov, 2019 | 169 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Getting Started with REST API Development
Getting Started with REST API Development
Technical requirements
Types of web services
REST verbs and status codes
The rise of the REST API with SPAs
Setting up the project and running the development server
Building our first service – finding the fastest mirror site from a list
Open API and Swagger
Summary
Free Chapter
2
Handling Routing for our REST Services
Handling Routing for our REST Services
Technical requirements
Understanding Go's net/http package
ServeMux – a basic router in Go
Understanding httprouter – a lightweight HTTP router
Introducing gorilla/mux – a powerful HTTP router
SQL injection in URLs and ways to avoid them
Reader's challenge – an API for URL shortening
Summary
3
Working with Middleware and RPC
Working with Middleware and RPC
Technical requirements
What is middleware?
Multiple middleware and chaining
Painless middleware chaining with Alice
Using Gorilla handlers middleware for logging
What is RPC?
JSON-RPC using Gorilla RPC
Summary
4
Simplifying RESTful Services with Popular Go Frameworks
Simplifying RESTful Services with Popular Go Frameworks
Technical requirements
Introducing go-restful – a REST API framework
SQLite3 basics and CRUD operations
Building a Metro Rail API with go-restful
Building RESTful API with the Gin framework
Building a RESTful API with revel.go
Summary
5
Working with MongoDB and Go to Create a REST API
Working with MongoDB and Go to Create a REST API
Technical requirements
Introduction to MongoDB
Installing MongoDB and using the shell
Introducing mongo-driver, an official MongoDB driver for Go
RESTful API with gorilla/mux and MongoDB
Boosting the querying performance with indexing
Designing MongoDB documents for a delivery logistics API
Summary
6
Working with Protocol Buffers and gRPC
Working with Protocol Buffers and gRPC
Technical requirements
Introduction to protocol buffers
Protocol buffer language
Compiling a protocol buffer with protoc
Introduction to gRPC
Bidirectional streaming with gRPC
Summary
7
Working with PostgreSQL, JSON, and Go
Working with PostgreSQL, JSON, and Go
Technical requirements
Discussing PostgreSQL installation options
Introducing pq, a pure PostgreSQL database driver for Go
Implementing a URL-shortening service using PostgreSQL and pq
Exploring the JSONStore feature in PostgreSQL
Summary
8
Building a REST API Client in Go
Building a REST API Client in Go
Technical requirements
Plan for building a REST API client
Basics for writing a command-line tool in Go
Cobra, an advanced CLI library
grequests a REST API package for Go
Getting comfortable with the GitHub REST API
Creating a CLI tool as an API client for the GitHub REST API
Using Redis to cache the API data
Summary
9
Asynchronous API Design
Asynchronous API Design
Technical requirements
Understanding sync/async API requests
Fan-in/fan-out of services
Delaying API jobs with queuing
Long-running task design
Caching strategies for APIs
Event-driven API
Summary
10
GraphQL and Go
GraphQL and Go
Technical requirements
What is GraphQL?
Over-fetching and under-fetching problems in the REST API
GraphQL basics
Creating GraphQL clients in Go
Creating GraphQL servers in Go
Summary
11
Scaling our REST API Using Microservices
Scaling our REST API Using Microservices
Technical requirements
What are microservices?
Monoliths versus microservices
Introducing Go Micro, a package for building microservices
Adding logging to microservices
Summary
12
Containerizing REST Services for Deployment
Containerizing REST Services for Deployment
Technical requirements
Installing the Nginx server
What is a reverse proxy server?
Deploying a Go service using Nginx
Monitoring our Go API server with Supervisord
Makefile and Docker Compose-based deployment
Summary
13
Deploying REST Services on Amazon Web Services
Deploying REST Services on Amazon Web Services
Technical requirements
Basics for working with AWS
IaC with Terraform
Why is an API Gateway required?
Introducing Amazon API Gateway
Other API Gateways
Summary
14
Handling Authentication for our REST Services
Handling Authentication for our REST Services
Technical requirements
How simple authentication works
Introducing Postman, a visual client for testing a REST API
Persisting client sessions with Redis
Introducing JWT and OAuth2
JWT in an OAuth2.0 workflow
Exercise
Security aspects of an API
Summary
15
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Security aspects of an API

Every REST API that is developed can be either open or protected. An open API has no limit regarding the number of clients requesting the resources. But most business APIs are protected. So, what are the important things to keep in mind about security? In the following list, we'll point out all the factors that should be taken care of to secure a REST API:

  • Always use HTTPS to deliver the API Transport Layer Security (TLS).
  • Rate limit the API by using user access tokens.
  • Design various authentication and authorization roles on the API.
  • Use public key/private key encryption to sign a JWT when the client and server are internal.
  • Never store user credentials in plain files.
  • Sanitize the URL query parameters; use a POST body for incoming requests.
  • As we mentioned in the previous chapter, use an API Gateway for better performance and protection.
  • Use...
Previous Section
End of Section 9
Next Section