book

Go: Building Web Applications

Name: Go: Building Web Applications
ISBN: 9781787123496

by Nathan Kozyra, Mat Ryer

August 2016

Beginner to intermediate

665 pages

14h 11m

English

Packt Publishing

Read now

Unlock full access

Go: Building Web Applications
Table of Contents
Go: Building Web Applications
Go: Building Web Applications
Credits
Preface
What this learning path covers
What you need for this learning path
Who this learning path is for
Reader feedback
Customer support
Downloading the example codeErrataPiracyQuestions

1. Module 1
1. Introducing and Setting Up Go
Installing Go
Structuring a project
Code conventions
Importing packages
Handling private repositoriesDealing with versioning
Introducing the net package
Hello, Web
Summary
2. Serving and Routing
Serving files directly
Basic routing
Using more complex routing with Gorilla
Redirecting requests
Serving basic errors
Summary
3. Connecting to Data
Connecting to a databaseCreating a MySQL database
Using GUID for prettier URLs
Handling 404s
Summary
4. Using Templates
Introducing templates, context, and visibility
HTML templates and text templates
Displaying variables and security
Using logic and control structures
Summary
5. Frontend Integration with RESTful APIs
Setting up the basic API endpoint
RESTful architecture and best practices
Creating our first API endpoint
Implementing security
Creating data with POST
Modifying data with PUT
Summary
6. Sessions and Cookies
Setting cookies
Capturing user information
Creating usersEnabling sessionsLetting users registerLetting users log in
Initiating a server-side session
Creating a storeUtilizing flash messages
Summary
7. Microservices and Communication
Introducing the microservice approach
Pros and cons of utilizing microservices
Understanding the heart of microservices
Communicating between microservices
Putting a message on the wire
Reading from another service
Summary
8. Logging and Testing
Introducing logging in Go
Logging to IO
Multiple loggers
Formatting your output
Using panics and fatal errors
Introducing testing in Go
Summary
9. Security
HTTPS everywhere – implementing TLS
Preventing SQL injection
Protecting against XSS
Preventing cross-site request forgery (CSRF)
Securing cookies
Using the secure middleware
Summary
10. Caching, Proxies and Improved Performance
Identifying bottlenecks
Implementing reverse proxies
Implementing caching strategies
Using Least Recently UsedCaching by fileCaching in memory
Implementing HTTP/2
Summary
2. Module 2
1. Chat Application with Web Sockets
A simple web serverTemplatesDoing things onceUsing your own handlersProperly building and executing Go programs
Modeling a chat room and clients on the server
Modeling the clientModeling a roomConcurrency programming using idiomatic GoTurning a room into an HTTP handlerUse helper functions to remove complexityCreating and using rooms
Building an HTML and JavaScript chat client
Getting more out of templates
Tracing code to get a look under the hood
Writing a package using TDDInterfacesUnit testsRed-green testingImplementing the interfaceUnexported types being returned to usersUsing our new trace packageMaking tracing optionalClean package APIs
Summary
2. Adding Authentication
Handlers all the way down
Making a pretty social sign-in page
Endpoints with dynamic paths
OAuth2
Open source OAuth2 packages
Tell the authentication providers about your app
Implementing external logging in
Logging inHandling the response from the providerPresenting the user dataAugmenting messages with additional data
Summary
3. Three Ways to Implement Profile Pictures
Avatars from the authentication serverGetting the avatar URLTransmitting the avatar URLAdding the avatar to the user interfaceLogging outMaking things prettier
Implementing Gravatar
Abstracting the avatar URL processThe authentication service and avatar's implementationUsing an implementationGravatar implementation
Uploading an avatar picture
User identificationAn upload formHandling the uploadServing the imagesThe Avatar implementation for local filesSupporting different file typesRefactoring and optimizing our codeReplacing concrete types with interfacesChanging interfaces in a test-driven wayFixing existing implementationsGlobal variables versus fieldsImplementing our new designTidying up and testing
Combining all three implementations
Summary
4. Command-line Tools to Find Domain Names
Pipe design for command-line tools
Five simple programs
SprinkleExercise – configurable transformationsDomainifyExercise – making top-level domains configurableCoolifySynonymsUsing environment variables for configurationConsuming a web APIGetting domain suggestionsAvailable
Composing all five programs
One program to rule them all
Summary
5. Building Distributed Systems and Working with Flexible Data
System designDatabase design
Installing the environment
NSQNSQ driver for GoMongoDBMongoDB driver for GoStarting the environment
Votes from Twitter
Authorization with TwitterExtracting the connectionReading environment variablesReading from MongoDBReading from TwitterSignal channelsPublishing to NSQGracefully starting and stoppingTesting
Counting votes
Connecting to the databaseConsuming messages in NSQKeeping the database updatedResponding to Ctrl + C
Running our solution
Summary
6. Exposing Data and Functionality through a RESTful Data Web Service API
RESTful API design
Sharing data between handlers
Wrapping handler functions
API keyDatabase sessionPer request variablesCross-browser resource sharing
Responding
Understanding the request
A simple main function to serve our API
Using handler function wrappers
Handling endpoints
Using tags to add metadata to structsMany operations with a single handlerReading pollsCreating a pollDeleting a pollCORS supportTesting our API using curl
A web client that consumes the API
An index page showing a list of pollsA page to create a new pollA page to show details of the poll
Running the solution
Summary
7. Random Recommendations Web Service
Project overviewProject design specifics
Representing data in code
Public views of Go structs
Generating random recommendations
Google Places API keyEnumerators in GoTest-driven enumeratorQuerying the Google Places APIBuilding recommendationsHandlers that use query parametersCORSTesting our APIWeb application
Summary
8. Filesystem Backup
Solution designProject structure
Backup package
Obvious interfaces?Implementing ZIPHas the filesystem changed?Checking for changes and initiating a backupHardcoding is OK for a short while
The user command-line tool
Persisting small dataParsing argumentsListing the pathsString representations for your own typesAdding pathsRemoving pathsUsing our new tool
The daemon backup tool
Duplicated structuresCaching dataInfinite loopsUpdating filedb records
Testing our solution
Summary
3. Module 3
1. An Introduction to Concurrency in Go
Introducing goroutinesA patient goroutine
Implementing the defer control mechanism
Using Go's schedulerUsing system variables
Understanding goroutines versus coroutines
Implementing channels
Channel-based sorting at the letter capitalization factoryCleaning up our goroutinesBuffered or unbuffered channelsUsing the select statement
Closures and goroutines
Building a web spider using goroutines and channels
Summary
2. Understanding the Concurrency Model
Understanding the working of goroutines
Synchronous versus asynchronous goroutines
Designing the web server plan
Visualizing concurrency
RSS in action
An RSS reader with self diagnosticsImposing a timeout
A little bit about CSP
The dining philosophers problem
Go and the actor model
Object orientation
Demonstrating simple polymorphism in Go
Using concurrency
Managing threads
Using sync and mutexes to lock data
Summary
3. Developing a Concurrent Strategy
Applying efficiency in complex concurrency
Identifying race conditions with race detection
Using mutual exclusionsExploring timeoutsImportance of consistency
Synchronizing our concurrent operations
The project – multiuser appointment calendar
Visualizing a concurrent patternDeveloping our server requirementsWeb serverThe Gorilla toolkitUsing templatesTimeEndpointsCustom structs
A multiuser Appointments Calendar
A note on style
A note on immutability
Summary
4. Data Integrity in an Application
Getting deeper with mutexes and sync
The cost of goroutines
Working with files
Getting low – implementing C
Touching memory in cgoThe structure of cgoThe other way aroundGetting even lower – assembly in Go
Distributed Go
Some common consistency models
Distributed shared memoryFirst-in-first-out – PRAMLooking at the master-slave modelThe producer-consumer problemLooking at the leader-follower modelAtomic consistency / mutual exclusionRelease consistency
Using memcached
Circuit
Summary
5. Locks, Blocks, and Better Channels
Understanding blocking methods in GoBlocking method 1 – a listening, waiting channelSending more data types via channelsCreating a function channelUsing an interface channelUsing structs, interfaces, and more complex channelsThe net package – a chat server with interfaced channelsHandling direct messagesExamining our clientBlocking method 2 – the select statement in a loop
Cleaning up goroutines
Blocking method 3 – network connections and reads
Creating channels of channels
Pprof – yet another awesome tool
Handling deadlocks and errors
Summary
6. C10K – A Non-blocking Web Server in Go
Attacking the C10K problemFailing of servers at 10,000 concurrent connectionsUsing concurrency to attack C10KTaking another approach
Building our C10K web server
Benchmarking against a blocking web serverHandling requestsRouting requests
Serving pages
Parsing our templateExternal dependenciesConnecting to MySQL
Multithreading and leveraging multiple cores
Exploring our web server
Timing out and moving on
Summary
7. Performance and Scalability
High performance in GoGetting deeper into pprofParallelism's and concurrency's impact on I/O pprof
Using the App Engine
Distributed Go
Types of topologiesType 1 – starType 2 – meshThe Publish and Subscribe modelSerialized dataRemote code executionOther topologiesMessage Passing Interface
Some helpful libraries
Nitro profilerHekaGoFlow
Memory preservation
Garbage collection in Go
Summary
8. Concurrent Application Architecture
Designing our concurrent application
Identifying our requirements
Using NoSQL as a data store in Go
MongoDBRedisTiedotCouchDBCassandraCouchbaseSetting up our data store
Monitoring filesystem changes
Managing logfiles
Handling configuration files
Detecting file changes
Sending changes to clientsChecking records against Couchbase
Backing up our files
Designing our web interface
Reverting a file's history – command line
Using Go in daemons and as a service
Checking the health of our server
Summary
9. Logging and Testing Concurrency in Go
Handling errors and loggingBreaking out goroutine logsUsing the LiteIDE for richer and easier debuggingSending errors to screenLogging errors to fileLogging errors to memory
Using the log4go package for robust logging
PanickingRecoveringLogging our panicsCatching stack traces with concurrent code
Using the runtime package for granular stack traces
Summary
10. Advanced Concurrency and Best Practices
Going beyond the basics with channels
Building workers
Implementing nil channel blocks
Using nil channels
Implementing more granular control over goroutines with tomb
Timing out with channels
Building a load balancer with concurrent patterns
Choosing unidirectional and bidirectional channels
Using receive-only or send-only channels
Using an indeterminate channel type
Using Go with unit testing
GoCheckGinkgo and Gomega
Using Google App Engine
Utilizing best practices
Structuring your codeDocumenting your codeMaking your code available via go getKeeping concurrency out of your packages
Summary
A. Bibliography
Index

Content preview from Go: Building Web Applications

Using the secure middleware

One of the more helpful packages for quickly implementing some of the security fixes (and others) mentioned in this chapter is a package from Cory Jacobsen called, helpfully, secure.

Secure offers a host of useful utilities, such as SSLRedirects (as we implemented in this chapter), allowed Hosts, HSTS options, and X-Frame-Options shorthand for preventing your site from being loaded into frames.

A good amount of this covers some of the topics that we looked at in this chapter and is largely the best practice. As a piece of middleware, secure can be an easy way to quickly cover some of those best practices in one swoop.

Note

To grab secure, simply go get it at github.com/unrolled/secure.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781787123496

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Go: Building Web Applications

by Nathan Kozyra, Mat Ryer

Using the secure middleware

Note

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

More than 5,000 organizations count on O’Reilly

Julian F.

Addison B.

Amir M.

Mark W.

You might also like

Hands-On Full Stack Development with Go

Quartz Job Scheduling Framework

Expert Apache Cassandra Administration

Apache Cassandra in Action

Publisher Resources