This codebase has been generated by Autostrada.
Make sure that you're in the root of the project directory, fetch the dependencies with go mod tidy, then run the application using go run ./cmd/api:
$ go mod tidy
$ go run ./cmd/api
If you make a request to the GET /status endpoint using curl you should get a response like this:
$ curl -i localhost:4444/status
HTTP/1.1 200 OK
Content-Type: application/json
Date: Mon, 09 May 2022 20:46:37 GMT
Content-Length: 23
{
"Status": "OK",
}
You can also start the application with live reload support by using the run task in the Makefile:
$ make run
Everything in the codebase is designed to be editable. Feel free to change and adapt it to meet your needs.
cmd/api |
Your application-specific code (handlers, routing, middleware, helpers) for dealing with HTTP requests and responses. |
↳ cmd/api/errors.go |
Contains helpers for managing and responding to error conditions. |
↳ cmd/api/handlers.go |
Contains your application HTTP handlers. |
↳ cmd/api/helpers.go |
Contains helper functions for common tasks. |
↳ cmd/api/main.go |
The entry point for the application. Responsible for parsing configuration settings initializing dependencies and running the server. Start here when you're looking through the code. |
↳ cmd/api/middleware.go |
Contains your application middleware. |
↳ cmd/api/routes.go |
Contains your application route mappings. |
↳ cmd/api/server.go |
Contains a helper functions for starting and gracefully shutting down the server. |
internal |
Contains various helper packages used by the application. |
↳ internal/env |
Contains helper functions for reading configuration settings from environment variables. |
↳ internal/request/ |
Contains helper functions for decoding JSON requests. |
↳ internal/response/ |
Contains helper functions for sending JSON responses. |
↳ internal/validator/ |
Contains validation helpers. |
↳ internal/version/ |
Contains the application version number definition. |
Configuration settings are managed via environment variables, with the environment variables read into your application in the run() function in the main.go file.
You can try this out by setting a HTTP_PORT environment variable to configure the network port that the server is listening on:
$ export HTTP_PORT="9999"
$ go run ./cmd/api
Feel free to adapt the run() function to parse additional environment variables and store their values in the config struct. The application uses helper functions in the internal/env package to parse environment variable values or return a default value if no matching environment variable is set. It includes env.GetString(), env.GetInt() and env.GetBool() functions for reading string, integer and bool values from environment variables. Again, you can add any additional helper functions that you need.
Handlers are defined as http.HandlerFunc methods on the application struct. They take the pattern:
func (app *application) yourHandler(w http.ResponseWriter, r *http.Request) {
// Your handler logic...
}
Handlers are defined in the cmd/api/handlers.go file. For small applications, it's fine for all handlers to live in this file. For larger applications (10+ handlers) you may wish to break them out into separate files.
Any dependencies that your handlers have should be initialized in the run() function cmd/api/main.go and added to the application struct. All of your handlers, helpers and middleware that are defined as methods on application will then have access to them.
You can see an example of this in the cmd/api/main.go file where we initialize a new logger instance and add it to the application struct.
Gorilla mux is used for routing. Routes are defined in the routes() method in the cmd/api/routes.go file. For example:
func (app *application) routes() http.Handler {
mux := mux.NewRouter()
mux.HandleFunc("/your/path", app.yourHandler).Methods("GET")
mux.Get("/your/path", app.yourHandler)
return mux
}
For more information about Gorilla mux and example usage, please see the official documentation.
Middleware is defined as methods on the application struct in the cmd/api/middleware.go file. Feel free to add your own. They take the pattern:
func (app *application) yourMiddleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Your middleware logic...
next.ServeHTTP(w, r)
})
}
JSON responses and a specific HTTP status code can be sent using the response.JSON() function. The data parameter can be any JSON-marshalable type.
func (app *application) yourHandler(w http.ResponseWriter, r *http.Request) {
data := map[string]string{"hello": "world"}
err := response.JSON(w, http.StatusOK, data)
if err != nil {
app.serverError(w, r, err)
}
}
Specific HTTP headers can optionally be sent with the response too:
func (app *application) yourHandler(w http.ResponseWriter, r *http.Request) {
data := map[string]string{"hello": "world"}
headers := make(http.Header)
headers.Set("X-Server", "Go")
err := response.JSONWithHeaders(w, http.StatusOK, data, headers)
if err != nil {
app.serverError(w, r, err)
}
}
HTTP requests containing a JSON body can be decoded using the request.DecodeJSON() function. For example, to decode JSON into an input struct:
func (app *application) yourHandler(w http.ResponseWriter, r *http.Request) {
var input struct {
Name string `json:"Name"`
Age int `json:"Age"`
}
err := request.DecodeJSON(w, r, &input)
if err != nil {
app.badRequest(w, r, err)
return
}
...
}
Note: The target decode destination passed to request.DecodeJSON() (which in the example above is &input) must be a non-nil pointer.
The request.DecodeJSON() function returns friendly, well-formed, error messages that are suitable to be sent directly to the client using the app.badRequest() helper.
There is also a request.DecodeJSONStrict() function, which works in the same way as request.DecodeJSON() except it will return an error if the request contains any JSON fields that do not match a name in the the target decode destination.
The internal/validator package includes a simple (but powerful) validator.Validator type that you can use to carry out validation checks.
Extending the example above:
func (app *application) yourHandler(w http.ResponseWriter, r *http.Request) {
var input struct {
Name string `json:"Name"`
Age int `json:"Age"`
Validator validator.Validator `json:"-"`
}
err := request.DecodeJSON(w, r, &input)
if err != nil {
app.badRequest(w, r, err)
return
}
input.Validator.CheckField(input.Name != "", "Name", "Name is required")
input.Validator.CheckField(input.Age != 0, "Age", "Age is required")
input.Validator.CheckField(input.Age >= 21, "Age", "Age must be 21 or over")
if input.Validator.HasErrors() {
app.failedValidation(w, r, input.Validator)
return
}
...
}
The app.failedValidation() helper will send a 422 status code along with any validation error messages. For the example above, the JSON response will look like this:
{
"FieldErrors": {
"Age": "Age must be 21 or over",
"Name": "Name is required"
}
}
In the example above we use the CheckField() method to carry out validation checks for specific fields. You can also use the Check() method to carry out a validation check that is not related to a specific field. For example:
input.Validator.Check(input.Password == input.ConfirmPassword, "Passwords do not match")
The validator.AddError() and validator.AddFieldError() methods also let you add validation errors directly:
input.Validator.AddFieldError("Email", "This email address is already taken")
input.Validator.AddError("Passwords do not match")
The internal/validator/helpers.go file also contains some helper functions to simplify validations that are not simple comparison operations.
NotBlank(value string) |
Check that the value contains at least one non-whitespace character. |
MinRunes(value string, n int) |
Check that the value contains at least n runes. |
MaxRunes(value string, n int) |
Check that the value contains no more than n runes. |
Between(value, min, max T) |
Check that the value is between the min and max values inclusive. |
Matches(value string, rx *regexp.Regexp) |
Check that the value matches a specific regular expression. |
In(value T, safelist ...T) |
Check that a value is in a 'safelist' of specific values. |
AllIn(values []T, safelist ...T) |
Check that all values in a slice are in a 'safelist' of specific values. |
NotIn(value T, blocklist ...T) |
Check that the value is not in a 'blocklist' of specific values. |
NoDuplicates(values []T) |
Check that a slice does not contain any duplicate (repeated) values. |
IsEmail(value string) |
Check that the value has the formatting of a valid email address. |
IsURL(value string) |
Check that the value has the formatting of a valid URL. |
For example, to use the Between check your code would look similar to this:
input.Validator.CheckField(validator.Between(input.Age, 18, 30), "Age", "Age must between 18 and 30")
Feel free to add your own helper functions to the internal/validator/helpers.go file as necessary for your application.
Leveled logging is supported using the slog and tint packages.
By default, a logger is initialized in the main() function. This logger writes all log messages above Debug level to os.Stdout.
logger := slog.New(tint.NewHandler(os.Stdout, &tint.Options{Level: slog.LevelDebug}))
Feel free to customize this further as necessary.
Also note: Any messages that are automatically logged by the Go http.Server are output at the Warn level.
The cmd/api/middleware.go file contains a basicAuth middleware that you can use to protect your application — or specific application routes — with HTTP basic authentication.
You can try this out by visiting the https://localhost:4444//basic-auth-protected endpoint in any web browser and entering the default user name and password:
User name: admin
Password: pa55word
You can change the user name and password by setting the BASIC_AUTH_USERNAME environment variable and BASIC_AUTH_HASHED_PASSWORD environment variable. For example:
$ export BASIC_AUTH_USERNAME='alice'
$ export BASIC_AUTH_HASHED_PASSWORD='$2a$10$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
$ go run ./cmd/api
Note: You will probably need to wrap the username and password in ' quotes to prevent your shell interpreting dollar and slash symbols as special characters.
The value for the BASIC_AUTH_HASHED_PASSWORD environment variable should be a bcrypt hash of the password, not the plaintext password itself. An easy way to generate the bcrypt hash for a password is to use the gophers.dev/cmds/bcrypt-tool package like so:
$ go run gophers.dev/cmds/bcrypt-tool@latest hash 'your_pa55word'
If you want to change the default values for username and password you can do so by editing the default command-line flag values in the cmd/api/main.go file.
The Makefile in the project root contains commands to easily run common admin tasks:
$ make tidy |
Format all code using go fmt and tidy the go.mod file. |
$ make audit |
Run go vet, staticheck, govulncheck, execute all tests and verify required modules. |
$ make test |
Run all tests. |
$ make test/cover |
Run all tests and outputs a coverage report in HTML format. |
$ make build |
Build a binary for the cmd/api application and store it in the /tmp/bin folder. |
$ make run |
Build and then run a binary for the cmd/api application. |
$ make run/live |
Build and then run a binary for the cmd/api application (uses live reloading). |
When you use make run/live to run the application, the application will automatically be rebuilt and restarted whenever you make changes to any files with the following extensions:
.go
.tpl, .tmpl, .html
.css, .js, .sql
.jpeg, .jpg, .gif, .png, .bmp, .svg, .webp, .ico
Behind the scenes the live reload functionality uses the cosmtrek/air tool. You can configure how it works (including which file extensions and folders are watched for changes) by editing the Makefile file.
A backgroundTask() helper is included in the cmd/api/helpers.go file. You can call this in your handlers, helpers and middleware to run any logic in a separate background goroutine. This useful for things like sending emails, or completing slow-running jobs.
You can call it like so:
func (app *application) yourHandler(w http.ResponseWriter, r *http.Request) {
...
app.backgroundTask(r, func() error {
// The logic you want to execute in a background task goes here.
// It should return an error, or nil.
err := doSomething()
if err != nil {
return err
}
return nil
})
...
}
Using the backgroundTask() helper will automatically recover any panics in the background task logic, and when performing a graceful shutdown the application will wait for any background tasks to finish running before it exits.
The application version number is defined in a Get() function in the internal/version/version.go file. Feel free to change this as necessary.
package version
func Get() string {
return "0.0.1"
}
The module path is currently set to apiapp. If you want to change this please find and replace all instances of apiapp in the codebase with your own module path.