DEV Community: Gerasimos (Makis) Maropoulos The latest articles on DEV Community by Gerasimos (Makis) Maropoulos (@kataras). https://dev.to/kataras https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F12427%2Fbf5d3fe7-b162-4af7-8045-f764f7b0b019.jpg DEV Community: Gerasimos (Makis) Maropoulos https://dev.to/kataras en Introducing llms.txt — AI Transparency for the Iris Web Framework Gerasimos (Makis) Maropoulos Sat, 13 Sep 2025 09:38:21 +0000 https://dev.to/kataras/introducing-llmstxt-ai-transparency-for-the-iris-web-framework-4af https://dev.to/kataras/introducing-llmstxt-ai-transparency-for-the-iris-web-framework-4af <h2> Why Transparency Matters in AI </h2> <p>As artificial intelligence becomes more embedded in developer tooling, open-source frameworks must lead with transparency, ethics, and trust. That’s why the Iris Web Framework now includes a new file: <a href="https://iris-go.com/llms.txt" rel="noopener noreferrer"><code>llms.txt</code></a>.</p> <p>This document outlines how Iris uses—or plans to use—large language models (LLMs) to enhance developer experience, documentation, and support.</p> <h2> What’s Inside <code>llms.txt</code> </h2> <p>The file includes:</p> <ul> <li>✅ <strong>Planned LLM integrations</strong> for documentation, code generation, and developer support </li> <li>✅ <strong>Compliance with the EU AI Act</strong> and global standards like ISO/IEC 42001 </li> <li>✅ <strong>Ethical safeguards</strong> including bias mitigation and human oversight </li> <li>✅ <strong>Open-source governance</strong> with community involvement and transparency</li> </ul> <h2> Use Cases We’re Exploring </h2> <p>While Iris doesn’t currently host or train LLMs directly, we’re experimenting with:</p> <ul> <li>AI-powered documentation summaries </li> <li>Conversational developer support agents </li> <li>Code scaffolding for common web patterns </li> <li>Automated test generation and refactoring suggestions </li> <li>Natural language search across examples and docs</li> </ul> <h2> Built for Developers, With Developers </h2> <p>All AI features are optional, clearly labeled, and designed to assist—not replace—human developers. We’re committed to keeping the Iris experience fast, lightweight, and developer-first.</p> <h2> A Living Document </h2> <p><code>llms.txt</code> is versioned and will evolve with the framework. You can view it <a href="https://iris-go.com/llms.txt" rel="noopener noreferrer">here</a> and contribute via <a href="https://github.com/kataras/iris" rel="noopener noreferrer">GitHub</a>.</p> <h2> Join the Conversation </h2> <p>We welcome feedback, ideas, and concerns. Let’s build the future of web development—responsibly and collaboratively.</p> <p>— Gerasimos Maropoulos<br><br> Creator of Iris Web Framework</p> iris ai llms programming RFC: HTTP Wire Errors Gerasimos (Makis) Maropoulos Sun, 01 Dec 2024 12:52:42 +0000 https://dev.to/kataras/rfc-http-wire-errors-48jc https://dev.to/kataras/rfc-http-wire-errors-48jc <h2> Overview </h2> <p>This RFC proposes a standardized approach for handling and representing HTTP wire errors in a consistent and structured manner. The goal is to provide clear and detailed error responses that can be easily understood and processed by clients.</p> <h2> Error Response Structure </h2> <p>Each error response will follow a standardized JSON structure with the following fields:</p> <ul> <li> <code>id</code>: A unique identifier for the error instance.</li> <li> <code>http_error_code</code>: An object containing: <ul> <li> <code>canonical_name</code>: A string representing the canonical name of the error.</li> <li> <code>status</code>: An integer representing the HTTP status code.</li> </ul> </li> <li> <code>message</code>: A short, human-readable summary of the error.</li> <li> <code>detail</code>: A human-readable explanation specific to this occurrence of the error.</li> <li> <code>data</code> (optional): Additional data related to the error.</li> <li> <code>validation</code> (optional): An array of validation errors, each containing: <ul> <li> <code>field</code>: The name of the field that caused the validation error.</li> <li> <code>value</code>: The invalid value provided.</li> <li> <code>reason</code>: A human-readable explanation of why the value is invalid.</li> </ul> </li> </ul> <h3> Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"unique-error-id"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ERROR_NAME"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">400</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"short summary of the error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"detailed explanation of the error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"additional"</span><span class="p">:</span><span class="w"> </span><span class="s2">"context-specific data"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"validation"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"field"</span><span class="p">:</span><span class="w"> </span><span class="s2">"field_name"</span><span class="p">,</span><span class="w"> </span><span class="nl">"value"</span><span class="p">:</span><span class="w"> </span><span class="s2">"invalid_value"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="s2">"explanation of why the value is invalid"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> Canonical Error Names </h2> <p>The following canonical error names are defined:</p> <ul> <li> <code>INVALID_ARGUMENT</code>: Indicates that the client provided an invalid argument.</li> <li> <code>FAILED_PRECONDITION</code>: Indicates that the operation was rejected because the system is not in a state required for the operation's execution.</li> <li> <code>OUT_OF_RANGE</code>: Indicates that an operation was attempted past the valid range.</li> <li> <code>UNSUPPORTED_MEDIA_TYPE</code>: Indicates that the request entity has a media type which the server or resource does not support.</li> <li> <code>DEADLINE_EXCEEDED</code>: Indicates that the deadline expired before the operation could complete.</li> <li> <code>NOT_FOUND</code>: Indicates that the requested resource could not be found.</li> <li> <code>METHOD_NOT_ALLOWED</code>: Indicates that the HTTP method used is not supported by the resource.</li> <li> <code>ALREADY_EXISTS</code>: Indicates that the resource that a client tried to create already exists.</li> <li> <code>ABORTED</code>: Indicates that the operation was aborted, typically due to a concurrency issue.</li> <li> <code>PERMISSION_DENIED</code>: Indicates that the caller does not have permission to execute the specified operation.</li> <li> <code>UNAUTHENTICATED</code>: Indicates that the request does not have valid authentication credentials for the operation.</li> <li> <code>RESOURCE_EXHAUSTED</code>: Indicates that some resource has been exhausted, perhaps a per-user quota, or perhaps the entire file system is out of space.</li> <li> <code>TOO_LARGE</code>: Indicates that the request entity is larger than limits defined by server.</li> <li> <code>UNIMPLEMENTED</code>: Indicates that the operation is not implemented or not supported/enabled in this service.</li> <li> <code>UNAVAILABLE</code>: Indicates that the service is currently unavailable.</li> <li> <code>INTERNAL</code>: Indicates an internal server error.</li> <li> <code>DATA_LOSS</code>: Indicates unrecoverable data loss or corruption.</li> <li> <code>UNKNOWN</code>: Indicates an unknown error.</li> <li> <code>PAYMENT_REQUIRED</code>: Indicates that payment is required to access the resource.</li> <li> <code>NOT_ACCEPTABLE</code>: Indicates that the resource is not capable of generating content acceptable according to the Accept headers sent in the request.</li> <li> <code>PROXY_AUTH_REQUIRED</code>: Indicates that the client must first authenticate itself with the proxy.</li> <li> <code>REQUEST_TIMEOUT</code>: Indicates that the server timed out waiting for the request.</li> <li> <code>GONE</code>: Indicates that the resource requested is no longer available and will not be available again.</li> <li> <code>LENGTH_REQUIRED</code>: Indicates that the request did not specify the length of its content, which is required by the requested resource.</li> <li> <code>PRECONDITION_FAILED</code>: Indicates that the server does not meet one of the preconditions that the requester put on the request.</li> <li> <code>REQUEST_URI_TOO_LONG</code>: Indicates that the URI provided was too long for the server to process.</li> <li> <code>REQUESTED_RANGE_NOT_SATISFIABLE</code>: Indicates that the server cannot supply the portion of the file requested.</li> <li> <code>EXPECTATION_FAILED</code>: Indicates that the server cannot meet the requirements of the Expect request-header field.</li> <li> <code>IM_A_TEAPOT</code>: Indicates that the server refuses to brew coffee because it is, permanently, a teapot.</li> <li> <code>MISDIRECTED_REQUEST</code>: Indicates that the request was directed at a server that is not able to produce a response.</li> <li> <code>UNPROCESSABLE_ENTITY</code>: Indicates that the server understands the content type of the request entity, but was unable to process the contained instructions.</li> <li> <code>LOCKED</code>: Indicates that the resource that is being accessed is locked.</li> <li> <code>FAILED_DEPENDENCY</code>: Indicates that the request failed due to failure of a previous request.</li> <li> <code>TOO_EARLY</code>: Indicates that the server is unwilling to risk processing a request that might be replayed.</li> <li> <code>UPGRADE_REQUIRED</code>: Indicates that the client should switch to a different protocol.</li> <li> <code>PRECONDITION_REQUIRED</code>: Indicates that the origin server requires the request to be conditional.</li> <li> <code>REQUEST_HEADER_FIELDS_TOO_LARGE</code>: Indicates that the server is unwilling to process the request because its header fields are too large.</li> <li> <code>UNAVAILABLE_FOR_LEGAL_REASONS</code>: Indicates that the resource is unavailable for legal reasons.</li> <li> <code>HTTP_VERSION_NOT_SUPPORTED</code>: Indicates that the server does not support the HTTP protocol version used in the request.</li> <li> <code>VARIANT_ALSO_NEGOTIATES</code>: Indicates that the server has an internal configuration error.</li> <li> <code>INSUFFICIENT_STORAGE</code>: Indicates that the server is unable to store the representation needed to complete the request.</li> <li> <code>LOOP_DETECTED</code>: Indicates that the server detected an infinite loop while processing a request.</li> <li> <code>NOT_EXTENDED</code>: Indicates that further extensions to the request are required for the server to fulfill it.</li> <li> <code>NETWORK_AUTHENTICATION_REQUIRED</code>: Indicates that the client needs to authenticate to gain network access.</li> <li> <code>PAGE_EXPIRED</code>: Indicates that the page has expired.</li> <li> <code>BLOCKED_BY_WINDOWS_PARENTAL_CONTROLS</code>: Indicates that the request was blocked by Windows Parental Controls.</li> <li> <code>INVALID_TOKEN</code>: Indicates that the token provided is invalid.</li> <li> <code>TOKEN_REQUIRED</code>: Indicates that a token is required to access the resource.</li> <li> <code>BANDWIDTH_LIMIT_EXCEEDED</code>: Indicates that the bandwidth limit has been exceeded.</li> <li> <code>INVALID_SSL_CERTIFICATE</code>: Indicates that the SSL certificate is invalid.</li> <li> <code>SITE_OVERLOADED</code>: Indicates that the site is overloaded.</li> <li> <code>SITE_FROZEN</code>: Indicates that the site is frozen.</li> <li> <code>NETWORK_READ_TIMEOUT</code>: Indicates that there was a network read timeout error.</li> </ul> <h2> Error Handling </h2> <h3> Invalid Argument </h3> <p>When the client provides an invalid argument, the server should respond with an <code>INVALID_ARGUMENT</code> error.</p> <h4> Example </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"a1b2c3d4-e5f6-7890-abcd-ef1234567890"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"INVALID_ARGUMENT"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">400</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"invalid account number provided"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"the account number '123456789' does not exist in our records"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Failed Precondition </h3> <p>When the operation is rejected due to a failed precondition, the server should respond with a <code>FAILED_PRECONDITION</code> error.</p> <h4> Example </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"b2c3d4e5-f6a7-8901-bcde-f23456789012"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FAILED_PRECONDITION"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">400</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"insufficient funds"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"the account '987654321' has insufficient funds for the transaction"</span><span class="p">,</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"current_balance"</span><span class="p">:</span><span class="w"> </span><span class="mf">50.00</span><span class="p">,</span><span class="w"> </span><span class="nl">"required_balance"</span><span class="p">:</span><span class="w"> </span><span class="mf">100.00</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Unauthenticated </h3> <p>When the request lacks valid authentication credentials, the server should respond with an <code>UNAUTHENTICATED</code> error.</p> <h4> Example </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"c3d4e5f6-a7b8-9012-cdef-345678901234"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"UNAUTHENTICATED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">401</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"unauthorized access"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"the provided credentials are invalid"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Unauthorized Access </h3> <p>Due to invalid <a href="https://datatracker.ietf.org/doc/html/rfc7517" rel="noopener noreferrer">JWK</a>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"b445b036-fd2e-4583-b4cc-61c2b8fb0b73"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"UNAUTHENTICATED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">401</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"auth: verify: jwt: unknown kid"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Permission Denied </h3> <p>When the caller does not have permission to execute the specified operation, the server should respond with a <code>PERMISSION_DENIED</code> error.</p> <h4> Example </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"d4e5f6a7-b8c9-0123-def4-567890123456"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"PERMISSION_DENIED"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">403</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"account locked"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"the account '123456789' is locked due to multiple failed login attempts"</span><span class="p">,</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"lock_duration"</span><span class="p">:</span><span class="w"> </span><span class="s2">"24 hours"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Not Found </h3> <p>When the requested resource is not found, the server should respond with a <code>NOT_FOUND</code> error.</p> <h4> Example </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"e5f6a7b8-c9d0-1234-ef56-789012345678"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"NOT_FOUND"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">404</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"transaction not found"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"the transaction with id 'tx1234567890' was not found"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Validation Error </h3> <p>When the request contains invalid fields, the server should respond with an <code>INVALID_ARGUMENT</code> error and include validation details.</p> <h4> Example </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"c30adf71-25c0-4a2b-a1f2-c3ee17efcd17"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"INVALID_ARGUMENT"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">400</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"validation failure"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"fields were invalid"</span><span class="p">,</span><span class="w"> </span><span class="nl">"validation"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"field"</span><span class="p">:</span><span class="w"> </span><span class="s2">"name"</span><span class="p">,</span><span class="w"> </span><span class="nl">"value"</span><span class="p">:</span><span class="w"> </span><span class="s2">"jo"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="s2">"name must be at least 3 characters long"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"field"</span><span class="p">:</span><span class="w"> </span><span class="s2">"email"</span><span class="p">,</span><span class="w"> </span><span class="nl">"value"</span><span class="p">:</span><span class="w"> </span><span class="s2">"invalid@comcom"</span><span class="p">,</span><span class="w"> </span><span class="nl">"reason"</span><span class="p">:</span><span class="w"> </span><span class="s2">"email must be a valid email address"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h4> Internal Server Error </h4> <p>When an unexpected error occurs while processing the request, the server should respond with an <code>INTERNAL</code> error.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"f6a7b8c9-d0e1-2345-f678-901234567890"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"INTERNAL"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">500</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"server error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"an unexpected error occurred while processing the request"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Complex Error with Nested Data </h3> <p>When an error involves multiple nested errors, the server should provide detailed context for each part of the error message.</p> <h4> Example </h4> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"9f8b7c6d-4e5f-4a2b-8c3d-1e2f3a4b5c6d"</span><span class="p">,</span><span class="w"> </span><span class="nl">"http_error_code"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"canonical_name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"FAILED_PRECONDITION"</span><span class="p">,</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">400</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"transaction failed: insufficient funds: daily withdrawal limit exceeded"</span><span class="p">,</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"transaction failed"</span><span class="p">,</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"transaction_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"tx1234567890"</span><span class="p">,</span><span class="w"> </span><span class="nl">"amount"</span><span class="p">:</span><span class="w"> </span><span class="mf">150.00</span><span class="p">,</span><span class="w"> </span><span class="nl">"currency"</span><span class="p">:</span><span class="w"> </span><span class="s2">"USD"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"insufficient funds"</span><span class="p">,</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"account_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"acc987654321"</span><span class="p">,</span><span class="w"> </span><span class="nl">"current_balance"</span><span class="p">:</span><span class="w"> </span><span class="mf">50.00</span><span class="p">,</span><span class="w"> </span><span class="nl">"required_balance"</span><span class="p">:</span><span class="w"> </span><span class="mf">150.00</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"daily withdrawal limit exceeded"</span><span class="p">,</span><span class="w"> </span><span class="nl">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"account_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"acc987654321"</span><span class="p">,</span><span class="w"> </span><span class="nl">"daily_limit"</span><span class="p">:</span><span class="w"> </span><span class="mf">1000.00</span><span class="p">,</span><span class="w"> </span><span class="nl">"amount_attempted"</span><span class="p">:</span><span class="w"> </span><span class="mf">1500.00</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>In this example, the error message is composed of three parts:</p> <ol> <li><code>transaction failed</code></li> <li><code>insufficient funds</code></li> <li><code>daily withdrawal limit exceeded</code></li> </ol> <p>Each part of the error message has its own section of data, providing detailed context for each part of the error. This structure allows clients to understand the specific context and data related to each part of the error message, making it easier to debug and resolve issues.</p> <h2> Problem Details </h2> <p>The <a href="https://tools.ietf.org/html/rfc7807" rel="noopener noreferrer">Problem Details RFC</a> is a standardized format for representing errors in HTTP APIs. It defines a structured way to provide detailed information about errors in a machine-readable format, making it easier for clients to understand and handle errors effectively.</p> <h3> Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="mi">400</span><span class="p">,</span><span class="w"> </span><span class="nl">"title"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Insufficient Funds"</span><span class="p">,</span><span class="w"> </span><span class="nl">"detail"</span><span class="p">:</span><span class="w"> </span><span class="s2">"The account '987654321' has insufficient funds for the transaction."</span><span class="p">,</span><span class="w"> </span><span class="nl">"type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://example.com/probs/insufficient-funds"</span><span class="p">,</span><span class="w"> </span><span class="nl">"instance"</span><span class="p">:</span><span class="w"> </span><span class="s2">"/accounts/12345/transactions/67890"</span><span class="p">,</span><span class="w"> </span><span class="nl">"extra_custom_key"</span><span class="p">:</span><span class="w"> </span><span class="s2">"current_balance"</span><span class="p">,</span><span class="w"> </span><span class="nl">"extra_custom_value"</span><span class="p">:</span><span class="w"> </span><span class="mf">50.00</span><span class="p">,</span><span class="w"> </span><span class="nl">"extra_custom_key2"</span><span class="p">:</span><span class="w"> </span><span class="s2">"required_balance"</span><span class="p">,</span><span class="w"> </span><span class="nl">"extra_custom_value2"</span><span class="p">:</span><span class="w"> </span><span class="mf">100.00</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Differences Between HTTP Wire Errors and Problem Details </h3> <p>While both HTTP Wire Errors and Problem Details provide a structured way to represent errors in HTTP APIs, there are some key differences:</p> <ol> <li><p><strong>Flexibility</strong>: HTTP Wire Errors offer a more flexible structure that can include additional fields such as <code>id</code>, <code>http_error_code</code>, <code>message</code>, <code>data</code>, and <code>validation</code>. This allows for more detailed and context-specific error information.</p></li> <li><p><strong>Canonical Error Names</strong>: HTTP Wire Errors define a set of canonical error names that standardize common error scenarios, making it easier to categorize and handle errors consistently across different parts of an application.</p></li> <li><p><strong>Nested Data</strong>: HTTP Wire Errors support nested data structures, allowing for detailed context for each part of a complex error message. This is particularly useful for errors that involve multiple related issues.</p></li> <li><p><strong>Validation Errors</strong>: HTTP Wire Errors include a dedicated <code>validation</code> field to provide detailed information about validation errors, including the specific fields and reasons for the validation failure.</p></li> </ol> <h3> What Problem Details Were Missing </h3> <p>Problem Details (RFC 7807) provide a standardized format for representing errors, but they lack some features that are addressed by HTTP Wire Errors:</p> <ul> <li> <strong>Canonical Error Names</strong>: Problem Details do not define a set of canonical error names, which can lead to inconsistencies in error categorization.</li> <li> <strong>Nested Data</strong>: Problem Details do not natively support nested data structures, making it harder to provide detailed context for complex errors.</li> <li> <strong>Validation Errors</strong>: Problem Details do not have a dedicated field for validation errors, which can make it harder to provide detailed information about validation issues.</li> </ul> <h3> How HTTP Wire Errors Provide a Solution </h3> <p>HTTP Wire Errors address these limitations by:</p> <ul> <li>Defining a set of canonical error names for consistent error categorization.</li> <li>Supporting nested data structures to provide detailed context for complex errors.</li> <li>Including a dedicated <code>validation</code> field for detailed validation error information.</li> </ul> <h2> Author </h2> <p><a href="https://github.com/kataras" rel="noopener noreferrer">Gerasimos Maropoulos</a> is the author of the <a href="https://www.iris-go.com" rel="noopener noreferrer">Iris web framework</a>, a highly efficient and feature-rich web framework for the Go programming language. He is well-known in the programming community for his contributions to web development and his expertise in the Go language. Gerasimos has authored numerous online articles and tutorials that help developers understand and leverage the power of Go for building scalable and high-performance web applications. His work on Iris has made it one of the most popular web frameworks in the Go ecosystem, known for its simplicity, speed, and extensive feature set.</p> <p>Gerasimos wrote this RFC to address the need for a standardized approach to handling and representing HTTP wire errors. By providing a clear and consistent structure for error responses, he aims to make it easier for developers to debug and understand the context of errors in their applications. This RFC is part of his ongoing efforts to improve the developer experience and ensure that applications built with Iris are robust and maintainable.</p> <h2> Conclusion </h2> <p>This RFC defines a standardized approach for handling and representing HTTP wire errors. By following this structure, developers can ensure consistent and clear error responses, making it easier for clients to understand and handle errors effectively.</p> webdev programming HTTP Method Override Gerasimos (Makis) Maropoulos Fri, 08 Nov 2024 11:13:06 +0000 https://dev.to/kataras/http-method-override-1b6p https://dev.to/kataras/http-method-override-1b6p <h2> Introduction </h2> <p>HTTP method override is a technique used to support clients that do not support certain HTTP methods such as PUT or DELETE. This is particularly useful for web browsers and older clients that only support GET and POST methods. The Iris web framework provides a robust and flexible method override middleware that allows developers to easily implement HTTP method overriding in their applications. This guide will walk you through the features and usage of the Iris method override middleware, helping you to understand and leverage its capabilities to enhance your web applications.</p> <h2> Features of Iris Method Override Middleware </h2> <p>The Iris method override middleware offers a variety of features to handle HTTP method overriding efficiently. These features include:</p> <ol> <li> <strong>Customizable Methods</strong>: Define which HTTP methods can be overridden.</li> <li> <strong>Custom Headers</strong>: Specify custom headers to determine the method override.</li> <li> <strong>Form Field Support</strong>: Use form fields to specify the method override.</li> <li> <strong>Query Parameter Support</strong>: Use query parameters to specify the method override.</li> <li> <strong>Save Original Method</strong>: Optionally save the original HTTP method for later use.</li> </ol> <h2> Installation </h2> <p>To use the Iris method override middleware, you need to import it in your Iris application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="s">"github.com/kataras/iris/v12/middleware/methodoverride"</span> </code></pre> </div> <h2> Usage </h2> <h3> Basic Setup </h3> <p>To use the method override middleware, you need to import the necessary packages and configure the middleware in your Iris application. Here is a basic example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/methodoverride"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="c">// Create the method override middleware</span> <span class="n">mo</span> <span class="o">:=</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">New</span><span class="p">(</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">SaveOriginalMethod</span><span class="p">(</span><span class="s">"_originalMethod"</span><span class="p">),</span> <span class="p">)</span> <span class="c">// Register the middleware with UseRouter</span> <span class="n">app</span><span class="o">.</span><span class="n">UseRouter</span><span class="p">(</span><span class="n">mo</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Post</span><span class="p">(</span><span class="s">"/path"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">WriteString</span><span class="p">(</span><span class="s">"POST response"</span><span class="p">)</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">Delete</span><span class="p">(</span><span class="s">"/path"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">WriteString</span><span class="p">(</span><span class="s">"DELETE response"</span><span class="p">)</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Customizable Methods </h3> <p>You can define which HTTP methods can be overridden using the <code>Methods</code> option. By default, only the POST method can be overridden. Here is an example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">mo</span> <span class="o">:=</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">New</span><span class="p">(</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">Methods</span><span class="p">(</span><span class="s">"POST"</span><span class="p">,</span> <span class="s">"PUT"</span><span class="p">),</span> <span class="p">)</span> </code></pre> </div> <h3> Custom Headers </h3> <p>You can specify custom headers to determine the method override using the <code>Headers</code> option. By default, the middleware checks the following headers: <code>X-HTTP-Method</code>, <code>X-HTTP-Method-Override</code>, and <code>X-Method-Override</code>. Here is an example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">mo</span> <span class="o">:=</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">New</span><span class="p">(</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">Headers</span><span class="p">(</span><span class="s">"X-Custom-Method"</span><span class="p">),</span> <span class="p">)</span> </code></pre> </div> <h3> Form Field Support </h3> <p>You can use form fields to specify the method override using the <code>FormField</code> option. By default, the middleware checks the <code>_method</code> form field. Here is an example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">mo</span> <span class="o">:=</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">New</span><span class="p">(</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">FormField</span><span class="p">(</span><span class="s">"_method"</span><span class="p">),</span> <span class="p">)</span> </code></pre> </div> <h3> Query Parameter Support </h3> <p>You can use query parameters to specify the method override using the <code>Query</code> option. By default, the middleware checks the <code>_method</code> query parameter. Here is an example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">mo</span> <span class="o">:=</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">New</span><span class="p">(</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">Query</span><span class="p">(</span><span class="s">"_method"</span><span class="p">),</span> <span class="p">)</span> </code></pre> </div> <h3> Save Original Method </h3> <p>You can optionally save the original HTTP method for later use using the <code>SaveOriginalMethod</code> option. Here is an example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">mo</span> <span class="o">:=</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">New</span><span class="p">(</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">SaveOriginalMethod</span><span class="p">(</span><span class="s">"_originalMethod"</span><span class="p">),</span> <span class="p">)</span> </code></pre> </div> <h3> Example </h3> <p>Here is a complete example demonstrating how to use the method override middleware with an Iris application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/methodoverride"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="c">// Create the method override middleware</span> <span class="n">mo</span> <span class="o">:=</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">New</span><span class="p">(</span> <span class="n">methodoverride</span><span class="o">.</span><span class="n">SaveOriginalMethod</span><span class="p">(</span><span class="s">"_originalMethod"</span><span class="p">),</span> <span class="p">)</span> <span class="c">// Register the middleware with UseRouter</span> <span class="n">app</span><span class="o">.</span><span class="n">UseRouter</span><span class="p">(</span><span class="n">mo</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Post</span><span class="p">(</span><span class="s">"/path"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">WriteString</span><span class="p">(</span><span class="s">"POST response"</span><span class="p">)</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">Delete</span><span class="p">(</span><span class="s">"/path"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">WriteString</span><span class="p">(</span><span class="s">"DELETE response"</span><span class="p">)</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Conclusion </h3> <p>The Iris method override middleware provides a simple and efficient way to support clients that do not support certain HTTP methods. By leveraging the features of this middleware, you can enhance the compatibility and flexibility of your web applications.</p> webdev go Request Body Limit Middleware for Iris Gerasimos (Makis) Maropoulos Fri, 01 Nov 2024 16:18:11 +0000 https://dev.to/kataras/request-body-limit-middleware-for-iris-4999 https://dev.to/kataras/request-body-limit-middleware-for-iris-4999 <h2> Overview </h2> <p>The <a href="https://www.iris-go.com" rel="noopener noreferrer">Iris</a> Body Limit middleware is a powerful tool for controlling the size of incoming request bodies in your Iris web applications. By setting a limit on the size of request bodies, you can prevent clients from sending excessively large payloads that could potentially overwhelm your server or lead to denial-of-service (DoS) attacks. This middleware is particularly useful for applications that handle file uploads, JSON payloads, or any other type of data that could vary significantly in size.</p> <h2> Why Use Body Limit Middleware? </h2> <h3> Security </h3> <p>One of the primary reasons to use body limit middleware is to enhance the security of your application. By limiting the size of incoming request bodies, you can mitigate the risk of DoS attacks, where an attacker sends large payloads to exhaust server resources.</p> <h3> Performance </h3> <p>Limiting the size of request bodies can also improve the performance of your application. Large payloads can consume significant amounts of memory and processing power, slowing down your server and affecting the user experience. By setting a reasonable limit, you can ensure that your server remains responsive and efficient.</p> <h3> Resource Management </h3> <p>In applications that handle file uploads or large JSON payloads, it's essential to manage resources effectively. By setting a body limit, you can prevent clients from uploading excessively large files or sending huge JSON objects that could strain your server's resources.</p> <h2> Installation </h2> <p>To use the <code>bodylimit</code> middleware, you need to import it in your Iris application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="s">"github.com/kataras/iris/v12/middleware/bodylimit"</span> </code></pre> </div> <h2> Usage </h2> <h3> Basic Setup </h3> <p>To use the body limit middleware, you need to create an Iris application and register the middleware. Below is an example of how to set up the middleware with a limit of 2 MB:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/bodylimit"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">bodylimit</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="m">2</span> <span class="o">*</span> <span class="n">iris</span><span class="o">.</span><span class="n">MB</span><span class="p">))</span> <span class="c">// set the limit to 2 MB.</span> <span class="n">handler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">body</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Body</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithPlainError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Write</span><span class="p">(</span><span class="n">body</span><span class="p">)</span> <span class="c">// write the request body back to the client.</span> <span class="p">}</span> <span class="n">app</span><span class="o">.</span><span class="n">Post</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">handler</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Explanation </h3> <ul> <li> <strong>Limit</strong>: The <code>bodylimit.New</code> function takes a single parameter, which is the maximum size of the request body in bytes. In the example above, the limit is set to 10 bytes.</li> <li> <strong>Handler</strong>: The handler reads the request body and writes it back to the response. If the request body exceeds the limit, the middleware will stop the request and return a <code>413 Request Entity Too Large</code> status.</li> <li>The body limit middleware uses a <code>sync.Pool</code> to manage <code>Reader</code> instances, which are used to read the request body and enforce the size limit. This approach ensures efficient memory usage and reduces the overhead of creating new <code>Reader</code> instances for each request.</li> </ul> <h2> Testing Handlers with BodyLimit Middleware </h2> <p>To test handlers that use the BodyLimit middleware, you can use the <code>httptest</code> package provided by Iris. Here is an example of how to test a handler:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main_test</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"testing"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/httptest"</span> <span class="s">"github.com/kataras/iris/v12/middleware/bodylimit"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">TestBodyLimit</span><span class="p">(</span><span class="n">t</span> <span class="o">*</span><span class="n">testing</span><span class="o">.</span><span class="n">T</span><span class="p">)</span> <span class="p">{</span> <span class="n">limit</span> <span class="o">:=</span> <span class="kt">int64</span><span class="p">(</span><span class="m">10</span><span class="p">)</span> <span class="c">// set the limit to 10 bytes for the shake of the test.</span> <span class="n">handler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">body</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Body</span><span class="p">()</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithPlainError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Write</span><span class="p">(</span><span class="n">body</span><span class="p">)</span> <span class="p">}</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">bodylimit</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">limit</span><span class="p">))</span> <span class="n">app</span><span class="o">.</span><span class="n">Post</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">handler</span><span class="p">)</span> <span class="n">e</span> <span class="o">:=</span> <span class="n">httptest</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">t</span><span class="p">,</span> <span class="n">app</span><span class="p">)</span> <span class="c">// Test with a body that is smaller than the limit.</span> <span class="n">e</span><span class="o">.</span><span class="n">POST</span><span class="p">(</span><span class="s">"/"</span><span class="p">)</span><span class="o">.</span><span class="n">WithText</span><span class="p">(</span><span class="s">"123456789"</span><span class="p">)</span><span class="o">.</span><span class="n">Expect</span><span class="p">()</span><span class="o">.</span><span class="n">Status</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusOK</span><span class="p">)</span><span class="o">.</span><span class="n">Body</span><span class="p">()</span><span class="o">.</span><span class="n">IsEqual</span><span class="p">(</span><span class="s">"123456789"</span><span class="p">)</span> <span class="c">// Test with a body that is equal to the limit.</span> <span class="n">e</span><span class="o">.</span><span class="n">POST</span><span class="p">(</span><span class="s">"/"</span><span class="p">)</span><span class="o">.</span><span class="n">WithText</span><span class="p">(</span><span class="s">"1234567890"</span><span class="p">)</span><span class="o">.</span><span class="n">Expect</span><span class="p">()</span><span class="o">.</span><span class="n">Status</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusOK</span><span class="p">)</span><span class="o">.</span><span class="n">Body</span><span class="p">()</span><span class="o">.</span><span class="n">IsEqual</span><span class="p">(</span><span class="s">"1234567890"</span><span class="p">)</span> <span class="c">// Test with a body that is bigger than the limit.</span> <span class="n">e</span><span class="o">.</span><span class="n">POST</span><span class="p">(</span><span class="s">"/"</span><span class="p">)</span><span class="o">.</span><span class="n">WithText</span><span class="p">(</span><span class="s">"12345678910"</span><span class="p">)</span><span class="o">.</span><span class="n">Expect</span><span class="p">()</span><span class="o">.</span><span class="n">Status</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusRequestEntityTooLarge</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> Conclusion </h2> <p>The Iris Body Limit middleware provides a simple yet effective way to control the size of incoming request bodies in your Iris web applications. By setting a limit on the size of request bodies, you can enhance the security, performance, and resource management of your application. With easy integration and advanced features, this middleware is a valuable tool for any Iris developer.</p> webdev go iris programming Basic Authentication Middleware for Iris Gerasimos (Makis) Maropoulos Thu, 31 Oct 2024 10:10:55 +0000 https://dev.to/kataras/basic-authentication-middleware-for-iris-42k8 https://dev.to/kataras/basic-authentication-middleware-for-iris-42k8 <h2> Overview </h2> <p>The Basic Authentication middleware provides a robust and flexible way to secure your <a href="https://www.iris-go.com" rel="noopener noreferrer">Iris</a> web applications. It supports various user storage methods, including in-memory lists, files, and databases, and offers advanced features such as password encryption, custom error handling, and session expiration.</p> <h2> Installation </h2> <p>To use the <code>basicauth</code> middleware, you need to import it in your Iris application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="s">"github.com/kataras/iris/v12/middleware/basicauth"</span> </code></pre> </div> <h2> Features </h2> <h3> Authentication Function </h3> <p>The core of the middleware is the <code>Allow</code> field, which is a function with the following signature:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="n">any</span><span class="p">,</span> <span class="kt">bool</span><span class="p">)</span> </code></pre> </div> <p>This function is responsible for validating the username and password. It returns a user object (or any other type) and a boolean indicating whether the authentication was successful.</p> <h3> User Structure (Helper) </h3> <p>While the middleware does not require a specific user structure, you can use a helper structure to manage user data more conveniently. Here is an example of a user structure:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">type</span> <span class="n">User</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Username</span> <span class="kt">string</span> <span class="s">`json:"username"`</span> <span class="n">Password</span> <span class="kt">string</span> <span class="s">`json:"password"`</span> <span class="n">Roles</span> <span class="p">[]</span><span class="kt">string</span> <span class="s">`json:"roles"`</span> <span class="p">}</span> </code></pre> </div> <h3> In-Memory User Storage </h3> <p>You can store users in memory using a slice of user structures. This is useful for small applications or testing purposes.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">var</span> <span class="n">users</span> <span class="o">=</span> <span class="p">[]</span><span class="n">User</span><span class="p">{</span> <span class="p">{</span><span class="s">"admin"</span><span class="p">,</span> <span class="s">"admin"</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{</span><span class="s">"admin"</span><span class="p">}},</span> <span class="p">{</span><span class="s">"kataras"</span><span class="p">,</span> <span class="s">"kataras_pass"</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{</span><span class="s">"manager"</span><span class="p">,</span> <span class="s">"author"</span><span class="p">}},</span> <span class="p">{</span><span class="s">"george"</span><span class="p">,</span> <span class="s">"george_pass"</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{</span><span class="s">"member"</span><span class="p">}},</span> <span class="p">{</span><span class="s">"john"</span><span class="p">,</span> <span class="s">"john_pass"</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{}},</span> <span class="p">}</span> </code></pre> </div> <h3> Basic Setup </h3> <p>To set up the middleware, create an instance of <code>basicauth.Options</code> and pass it to <code>basicauth.New</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">opts</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">Realm</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">DefaultRealm</span><span class="p">,</span> <span class="n">MaxAge</span><span class="o">:</span> <span class="m">10</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">,</span> <span class="n">GC</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">GC</span><span class="p">{</span> <span class="n">Every</span><span class="o">:</span> <span class="m">2</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Hour</span><span class="p">,</span> <span class="p">},</span> <span class="n">Allow</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">AllowUsers</span><span class="p">(</span><span class="n">users</span><span class="p">),</span> <span class="p">}</span> <span class="n">auth</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">opts</span><span class="p">)</span> </code></pre> </div> <h3> Using a File for User Storage </h3> <p>You can load users from a file (JSON or YAML). This is useful for applications where user data changes frequently.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">auth</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Load</span><span class="p">(</span><span class="s">"users.yml"</span><span class="p">)</span> </code></pre> </div> <h3> BCRYPT Option </h3> <p>The <code>BCRYPT</code> option allows you to use bcrypt for password hashing. Bcrypt is a password hashing function designed to be computationally intensive to resist brute-force attacks. It is widely used for securely storing passwords.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">auth</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Load</span><span class="p">(</span><span class="s">"users.yml"</span><span class="p">,</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">BCRYPT</span><span class="p">)</span> </code></pre> </div> <p>You can also use the <code>BCRYPT</code> option with other user fetching methods, such as in-memory or database storage.</p> <h3> Using a Database for User Storage </h3> <p>For more dynamic user management, you can validate users against a database. Here is an example of how to set up the middleware using a MySQL database:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"context"</span> <span class="s">"database/sql"</span> <span class="s">"fmt"</span> <span class="s">"os"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/basicauth"</span> <span class="n">_</span> <span class="s">"github.com/go-sql-driver/mysql"</span> <span class="p">)</span> <span class="k">type</span> <span class="n">User</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ID</span> <span class="kt">int64</span> <span class="s">`db:"id" json:"id"`</span> <span class="n">Username</span> <span class="kt">string</span> <span class="s">`db:"username" json:"username"`</span> <span class="n">Password</span> <span class="kt">string</span> <span class="s">`db:"password" json:"password"`</span> <span class="n">Email</span> <span class="kt">string</span> <span class="s">`db:"email" json:"email"`</span> <span class="p">}</span> <span class="k">func</span> <span class="p">(</span><span class="n">u</span> <span class="n">User</span><span class="p">)</span> <span class="n">GetUsername</span><span class="p">()</span> <span class="kt">string</span> <span class="p">{</span> <span class="k">return</span> <span class="n">u</span><span class="o">.</span><span class="n">Username</span> <span class="p">}</span> <span class="k">func</span> <span class="p">(</span><span class="n">u</span> <span class="n">User</span><span class="p">)</span> <span class="n">GetPassword</span><span class="p">()</span> <span class="kt">string</span> <span class="p">{</span> <span class="k">return</span> <span class="n">u</span><span class="o">.</span><span class="n">Password</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">dsn</span> <span class="o">:=</span> <span class="n">fmt</span><span class="o">.</span><span class="n">Sprintf</span><span class="p">(</span><span class="s">"%s:%s@tcp(%s:3306)/%s?parseTime=true&amp;charset=utf8mb4&amp;collation=utf8mb4_unicode_ci"</span><span class="p">,</span> <span class="n">getenv</span><span class="p">(</span><span class="s">"MYSQL_USER"</span><span class="p">,</span> <span class="s">"user_myapp"</span><span class="p">),</span> <span class="n">getenv</span><span class="p">(</span><span class="s">"MYSQL_PASSWORD"</span><span class="p">,</span> <span class="s">"dbpassword"</span><span class="p">),</span> <span class="n">get</span> <span class="n">env</span><span class="p">(</span><span class="s">"MYSQL_HOST"</span><span class="p">,</span> <span class="s">"localhost"</span><span class="p">),</span> <span class="n">getenv</span><span class="p">(</span><span class="s">"MYSQL_DATABASE"</span><span class="p">,</span> <span class="s">"myapp"</span><span class="p">),</span> <span class="p">)</span> <span class="n">db</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">connect</span><span class="p">(</span><span class="n">dsn</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="nb">panic</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="c">// Validate a user from database.</span> <span class="n">allowFunc</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span> <span class="kt">string</span><span class="p">)</span> <span class="p">(</span><span class="n">any</span><span class="p">,</span> <span class="kt">bool</span><span class="p">)</span> <span class="p">{</span> <span class="n">user</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">db</span><span class="o">.</span><span class="n">getUserByUsernameAndPassword</span><span class="p">(</span><span class="n">context</span><span class="o">.</span><span class="n">Background</span><span class="p">(),</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="p">)</span> <span class="k">return</span> <span class="n">user</span><span class="p">,</span> <span class="n">err</span> <span class="o">==</span> <span class="no">nil</span> <span class="p">}</span> <span class="n">opts</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">Realm</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">DefaultRealm</span><span class="p">,</span> <span class="n">ErrorHandler</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">DefaultErrorHandler</span><span class="p">,</span> <span class="n">Allow</span><span class="o">:</span> <span class="n">allowFunc</span><span class="p">,</span> <span class="p">}</span> <span class="n">auth</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">opts</span><span class="p">)</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">auth</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">index</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">index</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">user</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">User</span><span class="p">()</span><span class="o">.</span><span class="n">GetRaw</span><span class="p">()</span> <span class="c">// user is a type of main.User</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">user</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Custom Error Handling </h3> <p>You can customize the error handling behavior by setting the <code>ErrorHandler</code> field in the <code>basicauth.Options</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">opts</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">ErrorHandler</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">err</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StatusCode</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusUnauthorized</span><span class="p">)</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">Map</span><span class="p">{</span><span class="s">"error"</span><span class="o">:</span> <span class="s">"Unauthorized"</span><span class="p">})</span> <span class="p">},</span> <span class="p">}</span> </code></pre> </div> <h3> Session Expiration </h3> <p>The middleware supports session expiration. You can set the <code>MaxAge</code> field to specify the duration after which the user must re-authenticate.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">opts</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">MaxAge</span><span class="o">:</span> <span class="m">10</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">,</span> <span class="p">}</span> </code></pre> </div> <h3> Garbage Collection </h3> <p>To clear expired users from memory, you can set the <code>GC</code> field.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">opts</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">GC</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">GC</span><span class="p">{</span> <span class="n">Every</span><span class="o">:</span> <span class="m">2</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Hour</span><span class="p">,</span> <span class="p">},</span> <span class="p">}</span> </code></pre> </div> <h2> Testing Handlers with BasicAuth Middleware </h2> <p>To test handlers that use the BasicAuth middleware, you can use the </p> <p>httptest</p> <p>package provided by Iris. Here is an example of how to test a handler:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main_test</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"testing"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/httptest"</span> <span class="s">"github.com/kataras/iris/v12/middleware/basicauth"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">TestIndexHandler</span><span class="p">(</span><span class="n">t</span> <span class="o">*</span><span class="n">testing</span><span class="o">.</span><span class="n">T</span><span class="p">)</span> <span class="p">{</span> <span class="n">opts</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">Realm</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">DefaultRealm</span><span class="p">,</span> <span class="n">Allow</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">AllowUsers</span><span class="p">(</span><span class="n">users</span><span class="p">),</span> <span class="p">}</span> <span class="n">auth</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">opts</span><span class="p">)</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">auth</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">index</span><span class="p">)</span> <span class="n">e</span> <span class="o">:=</span> <span class="n">httptest</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">t</span><span class="p">,</span> <span class="n">app</span><span class="p">)</span> <span class="c">// Test with valid credentials</span> <span class="n">e</span><span class="o">.</span><span class="n">GET</span><span class="p">(</span><span class="s">"/"</span><span class="p">)</span><span class="o">.</span><span class="n">WithBasicAuth</span><span class="p">(</span><span class="s">"admin"</span><span class="p">,</span> <span class="s">"admin"</span><span class="p">)</span><span class="o">.</span><span class="n">Expect</span><span class="p">()</span><span class="o">.</span><span class="n">Status</span><span class="p">(</span><span class="n">httptest</span><span class="o">.</span><span class="n">StatusOK</span><span class="p">)</span><span class="o">.</span><span class="n">JSON</span><span class="p">()</span><span class="o">.</span><span class="n">Object</span><span class="p">()</span><span class="o">.</span><span class="n">Value</span><span class="p">(</span><span class="s">"username"</span><span class="p">)</span><span class="o">.</span><span class="n">Equal</span><span class="p">(</span><span class="s">"admin"</span><span class="p">)</span> <span class="c">// Test with invalid credentials</span> <span class="n">e</span><span class="o">.</span><span class="n">GET</span><span class="p">(</span><span class="s">"/"</span><span class="p">)</span><span class="o">.</span><span class="n">WithBasicAuth</span><span class="p">(</span><span class="s">"admin"</span><span class="p">,</span> <span class="s">"wrongpassword"</span><span class="p">)</span><span class="o">.</span><span class="n">Expect</span><span class="p">()</span><span class="o">.</span><span class="n">Status</span><span class="p">(</span><span class="n">httptest</span><span class="o">.</span><span class="n">StatusUnauthorized</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> Example </h2> <p>Here is a complete example that demonstrates how to set up the middleware with in-memory user storage:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/basicauth"</span> <span class="p">)</span> <span class="k">type</span> <span class="n">User</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Username</span> <span class="kt">string</span> <span class="s">`json:"username"`</span> <span class="n">Password</span> <span class="kt">string</span> <span class="s">`json:"password"`</span> <span class="n">Roles</span> <span class="p">[]</span><span class="kt">string</span> <span class="s">`json:"roles"`</span> <span class="p">}</span> <span class="k">var</span> <span class="n">users</span> <span class="o">=</span> <span class="p">[]</span><span class="n">User</span><span class="p">{</span> <span class="p">{</span><span class="s">"admin"</span><span class="p">,</span> <span class="s">"admin"</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{</span><span class="s">"admin"</span><span class="p">}},</span> <span class="p">{</span><span class="s">"kataras"</span><span class="p">,</span> <span class="s">"kataras_pass"</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{</span><span class="s">"manager"</span><span class="p">,</span> <span class="s">"author"</span><span class="p">}},</span> <span class="p">{</span><span class="s">"george"</span><span class="p">,</span> <span class="s">"george_pass"</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{</span><span class="s">"member"</span><span class="p">}},</span> <span class="p">{</span><span class="s">"john"</span><span class="p">,</span> <span class="s">"john_pass"</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{}},</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">opts</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">Realm</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">DefaultRealm</span><span class="p">,</span> <span class="n">MaxAge</span><span class="o">:</span> <span class="m">10</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">,</span> <span class="n">GC</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">GC</span><span class="p">{</span> <span class="n">Every</span><span class="o">:</span> <span class="m">2</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Hour</span><span class="p">,</span> <span class="p">},</span> <span class="n">Allow</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">AllowUsers</span><span class="p">(</span><span class="n">users</span><span class="p">),</span> <span class="p">}</span> <span class="n">auth</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">opts</span><span class="p">)</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">auth</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">index</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">index</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">user</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">User</span><span class="p">()</span><span class="o">.</span><span class="n">GetRaw</span><span class="p">()</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">user</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> Conclusion </h2> <p>The <a href="https://github.com/kataras/iris/tree/main/_examples/auth/basicauth" rel="noopener noreferrer">Basic Authentication middleware</a> provides a comprehensive solution for securing your Iris web applications. With support for various user storage methods, advanced features like password encryption and custom error handling, and easy integration, it is a powerful tool for developers.</p> go webdev programming tutorial Request Rate Limiting Middleware for Iris Gerasimos (Makis) Maropoulos Wed, 30 Oct 2024 20:47:44 +0000 https://dev.to/kataras/request-rate-limiting-middleware-for-iris-2k1p https://dev.to/kataras/request-rate-limiting-middleware-for-iris-2k1p <h2> Overview </h2> <p>The <code>rate</code> middleware provides rate limiting capabilities for the <a href="https://www.iris-go.com" rel="noopener noreferrer">Iris</a> web framework. It allows developers to control the rate of requests to their applications, ensuring fair usage and preventing abuse. The middleware is based on the token bucket algorithm, which is a popular method for rate limiting.</p> <h2> Installation </h2> <p>To use the <code>rate</code> middleware, you need to import it in your Iris application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="s">"github.com/kataras/iris/v12/middleware/rate"</span> </code></pre> </div> <h2> Usage </h2> <h3> Basic Setup </h3> <p>To use the rate limiter, you need to create an Iris application and register the middleware. Below is an example of how to set up the rate limiter:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/rate"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Logger</span><span class="p">()</span><span class="o">.</span><span class="n">SetLevel</span><span class="p">(</span><span class="s">"debug"</span><span class="p">)</span> <span class="n">limit</span> <span class="o">:=</span> <span class="n">rate</span><span class="o">.</span><span class="n">Limit</span><span class="p">(</span><span class="m">1</span><span class="p">,</span> <span class="m">5</span><span class="p">,</span> <span class="n">rate</span><span class="o">.</span><span class="n">PurgeEvery</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">,</span> <span class="m">5</span><span class="o">*</span><span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">))</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">limit</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">index</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/other"</span><span class="p">,</span> <span class="n">other</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">index</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">HTML</span><span class="p">(</span><span class="s">"&lt;h1&gt;Index Page&lt;/h1&gt;"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">other</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">HTML</span><span class="p">(</span><span class="s">"&lt;h1&gt;Other Page&lt;/h1&gt;"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>This example allows 1 request per second with a maximum burst size of 5. It also purges old entries every minute if they haven't been seen for 5 minutes.</p> <h3> Using <code>rate.Every</code> Helper </h3> <p>This example demonstrates how to use the <code>rate.Every</code> helper to set up a rate limiter:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/rate"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Logger</span><span class="p">()</span><span class="o">.</span><span class="n">SetLevel</span><span class="p">(</span><span class="s">"debug"</span><span class="p">)</span> <span class="c">// Use rate.Every helper to set up the rate limiter.</span> <span class="n">limit</span> <span class="o">:=</span> <span class="n">rate</span><span class="o">.</span><span class="n">Limit</span><span class="p">(</span><span class="n">rate</span><span class="o">.</span><span class="n">Every</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">),</span> <span class="m">5</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">limit</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">index</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/other"</span><span class="p">,</span> <span class="n">other</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">index</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">HTML</span><span class="p">(</span><span class="s">"&lt;h1&gt;Index Page&lt;/h1&gt;"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">other</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">HTML</span><span class="p">(</span><span class="s">"&lt;h1&gt;Other Page&lt;/h1&gt;"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Using API Key for Rate Limiting </h3> <p>This example demonstrates how to set up a rate limiter that uses an API key instead of the client's remote IP address:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/rate"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Logger</span><span class="p">()</span><span class="o">.</span><span class="n">SetLevel</span><span class="p">(</span><span class="s">"debug"</span><span class="p">)</span> <span class="c">// Use API key for rate limiting.</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">useAPIKey</span><span class="p">)</span> <span class="n">limit</span> <span class="o">:=</span> <span class="n">rate</span><span class="o">.</span><span class="n">Limit</span><span class="p">(</span><span class="n">rate</span><span class="o">.</span><span class="n">Every</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">),</span> <span class="m">300</span><span class="p">,</span> <span class="n">rate</span><span class="o">.</span><span class="n">PurgeEvery</span><span class="p">(</span><span class="m">5</span><span class="o">*</span><span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">,</span> <span class="m">15</span><span class="o">*</span><span class="n">time</span><span class="o">.</span><span class="n">Minute</span><span class="p">))</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">limit</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/list"</span><span class="p">,</span> <span class="n">list</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">useAPIKey</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">apiKey</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Header</span><span class="p">(</span><span class="s">"X-API-Key"</span><span class="p">)</span> <span class="k">if</span> <span class="n">apiKey</span> <span class="o">==</span> <span class="s">""</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithStatus</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusForbidden</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="n">rate</span><span class="o">.</span><span class="n">SetIdentifier</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="n">apiKey</span><span class="p">)</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Next</span><span class="p">()</span> <span class="p">}</span> <span class="k">func</span> <span class="n">list</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">Map</span><span class="p">{</span><span class="s">"key"</span><span class="o">:</span> <span class="s">"value"</span><span class="p">})</span> <span class="p">}</span> </code></pre> </div> <h3> Custom Exceed Handler </h3> <p>This example demonstrates how to set a custom handler to be executed when the rate limit is exceeded:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/rate"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Logger</span><span class="p">()</span><span class="o">.</span><span class="n">SetLevel</span><span class="p">(</span><span class="s">"debug"</span><span class="p">)</span> <span class="c">// Set a custom exceed handler.</span> <span class="n">limit</span> <span class="o">:=</span> <span class="n">rate</span><span class="o">.</span><span class="n">Limit</span><span class="p">(</span><span class="m">1</span><span class="p">,</span> <span class="m">5</span><span class="p">,</span> <span class="n">rate</span><span class="o">.</span><span class="n">ExceedHandler</span><span class="p">(</span><span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithStatus</span><span class="p">(</span><span class="m">429</span><span class="p">)</span> <span class="p">}))</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">limit</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">index</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/other"</span><span class="p">,</span> <span class="n">other</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">index</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">HTML</span><span class="p">(</span><span class="s">"&lt;h1&gt;Index Page&lt;/h1&gt;"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">other</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">HTML</span><span class="p">(</span><span class="s">"&lt;h1&gt;Other Page&lt;/h1&gt;"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Custom Client Data </h3> <p>This example demonstrates how to store custom data for each client:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/rate"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">Logger</span><span class="p">()</span><span class="o">.</span><span class="n">SetLevel</span><span class="p">(</span><span class="s">"debug"</span><span class="p">)</span> <span class="c">// Store custom data for each client.</span> <span class="n">limit</span> <span class="o">:=</span> <span class="n">rate</span><span class="o">.</span><span class="n">Limit</span><span class="p">(</span><span class="m">1</span><span class="p">,</span> <span class="m">5</span><span class="p">,</span> <span class="n">rate</span><span class="o">.</span><span class="n">ClientData</span><span class="p">(</span><span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="n">any</span> <span class="p">{</span> <span class="k">return</span> <span class="n">ctx</span><span class="o">.</span><span class="n">RemoteAddr</span><span class="p">()</span> <span class="p">}))</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">limit</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">index</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/other"</span><span class="p">,</span> <span class="n">other</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">index</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">HTML</span><span class="p">(</span><span class="s">"&lt;h1&gt;Index Page&lt;/h1&gt;"</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">other</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">HTML</span><span class="p">(</span><span class="s">"&lt;h1&gt;Other Page&lt;/h1&gt;"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h3> Explanation </h3> <ul> <li> <p><strong>Rate Limiting</strong>: The <code>rate.Limit</code> function is used to create a new rate limiter. It takes three parameters:</p> <ul> <li> <code>limit</code>: The maximum number of requests allowed per second.</li> <li> <code>burst</code>: The maximum burst size.</li> <li> <code>options</code>: Additional options such as <code>PurgeEvery</code> for cleaning up old entries.</li> </ul> </li> <li><p><strong>Token Bucket Algorithm</strong>: This algorithm controls the rate of requests by maintaining a bucket of tokens. Each request consumes a token, and tokens are added to the bucket at a fixed rate. If the bucket is empty, the request is denied.</p></li> </ul> <h2> Token Bucket Algorithm </h2> <p>The token bucket algorithm is a simple and efficient way to control the rate of requests. It works as follows:</p> <ol> <li> <strong>Initialization</strong>: A bucket is initialized with a certain number of tokens.</li> <li> <strong>Token Addition</strong>: Tokens are added to the bucket at a fixed rate.</li> <li> <strong>Request Handling</strong>: Each request consumes a token. If the bucket is empty, the request is denied.</li> <li> <strong>Burst Handling</strong>: The bucket can hold a maximum number of tokens, allowing for bursts of traffic.</li> </ol> <p>For more details, refer to the <a href="https://en.wikipedia.org/wiki/Token_bucket" rel="noopener noreferrer">Wikipedia article on Token Bucket</a>.</p> <h2> Conclusion </h2> <p>This middleware provides a robust and flexible way to implement rate limiting in your Iris applications. By using the token bucket algorithm, it ensures fair usage and prevents abuse, making your application more reliable and secure.</p> <p>For more examples and detailed usage, refer to the <a href="https://github.com/kataras/iris/tree/main/_examples/request-ratelimit/rate-middleware" rel="noopener noreferrer">official Iris documentation</a>.</p> webdev go tutorial softwaredevelopment AccessLog Middleware for Iris Gerasimos (Makis) Maropoulos Wed, 30 Oct 2024 18:30:20 +0000 https://dev.to/kataras/accesslog-middleware-for-iris-4lhm https://dev.to/kataras/accesslog-middleware-for-iris-4lhm <p>The <code>accesslog</code> middleware for the Iris web framework provides detailed logging for incoming HTTP requests. This middleware is highly configurable and can log various aspects of the request and response, including custom fields.</p> <h2> Features </h2> <ul> <li>Logs request and response details.</li> <li>Supports multiple output formats (JSON, CSV, custom templates).</li> <li>Can log to multiple destinations (files, stdout, etc.).</li> <li>Asynchronous logging support.</li> <li>Customizable log fields.</li> <li>Middleware can be conditionally applied.</li> </ul> <h2> Installation </h2> <p>To use the <code>accesslog</code> middleware, you need to import it in your Iris application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="p">(</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/accesslog"</span> <span class="p">)</span> </code></pre> </div> <h2> Basic Usage </h2> <p>Here is a basic example of how to use the <code>accesslog</code> middleware in an Iris application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/accesslog"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">makeAccessLog</span><span class="p">()</span> <span class="o">*</span><span class="n">accesslog</span><span class="o">.</span><span class="n">AccessLog</span> <span class="p">{</span> <span class="n">ac</span> <span class="o">:=</span> <span class="n">accesslog</span><span class="o">.</span><span class="n">File</span><span class="p">(</span><span class="s">"./access.log"</span><span class="p">)</span> <span class="n">ac</span><span class="o">.</span><span class="n">Delim</span> <span class="o">=</span> <span class="sc">'|'</span> <span class="n">ac</span><span class="o">.</span><span class="n">TimeFormat</span> <span class="o">=</span> <span class="s">"2006-01-02 15:04:05"</span> <span class="n">ac</span><span class="o">.</span><span class="n">Async</span> <span class="o">=</span> <span class="no">false</span> <span class="n">ac</span><span class="o">.</span><span class="n">IP</span> <span class="o">=</span> <span class="no">true</span> <span class="n">ac</span><span class="o">.</span><span class="n">BytesReceivedBody</span> <span class="o">=</span> <span class="no">true</span> <span class="n">ac</span><span class="o">.</span><span class="n">BytesSentBody</span> <span class="o">=</span> <span class="no">true</span> <span class="n">ac</span><span class="o">.</span><span class="n">BytesReceived</span> <span class="o">=</span> <span class="no">false</span> <span class="n">ac</span><span class="o">.</span><span class="n">BytesSent</span> <span class="o">=</span> <span class="no">false</span> <span class="n">ac</span><span class="o">.</span><span class="n">RequestBody</span> <span class="o">=</span> <span class="no">true</span> <span class="n">ac</span><span class="o">.</span><span class="n">ResponseBody</span> <span class="o">=</span> <span class="no">false</span> <span class="n">ac</span><span class="o">.</span><span class="n">KeepMultiLineError</span> <span class="o">=</span> <span class="no">true</span> <span class="n">ac</span><span class="o">.</span><span class="n">PanicLog</span> <span class="o">=</span> <span class="n">accesslog</span><span class="o">.</span><span class="n">LogHandler</span> <span class="n">ac</span><span class="o">.</span><span class="n">SetFormatter</span><span class="p">(</span><span class="o">&amp;</span><span class="n">accesslog</span><span class="o">.</span><span class="n">JSON</span><span class="p">{</span> <span class="n">Indent</span><span class="o">:</span> <span class="s">" "</span><span class="p">,</span> <span class="n">HumanTime</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="p">})</span> <span class="k">return</span> <span class="n">ac</span> <span class="p">}</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">ac</span> <span class="o">:=</span> <span class="n">makeAccessLog</span><span class="p">()</span> <span class="k">defer</span> <span class="n">ac</span><span class="o">.</span><span class="n">Close</span><span class="p">()</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">app</span><span class="o">.</span><span class="n">UseRouter</span><span class="p">(</span><span class="n">ac</span><span class="o">.</span><span class="n">Handler</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">WriteString</span><span class="p">(</span><span class="s">"OK"</span><span class="p">)</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> Configuration Options </h2> <h3> Output Destination </h3> <p>You can set the output destination for the logs using the <code>File</code> or <code>New</code> functions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span> <span class="o">:=</span> <span class="n">accesslog</span><span class="o">.</span><span class="n">File</span><span class="p">(</span><span class="s">"./access.log"</span><span class="p">)</span> <span class="c">// or</span> <span class="n">ac</span> <span class="o">:=</span> <span class="n">accesslog</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">os</span><span class="o">.</span><span class="n">Stdout</span><span class="p">)</span> </code></pre> </div> <h3> Log Format </h3> <p>The default log format is:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Time|Latency|Code|Method|Path|IP|Path Params Query Fields|Bytes Received|Bytes Sent|Request|Response| </code></pre> </div> <p>You can customize the log format using different formatters:</p> <h4> JSON Formatter </h4> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span><span class="o">.</span><span class="n">SetFormatter</span><span class="p">(</span><span class="o">&amp;</span><span class="n">accesslog</span><span class="o">.</span><span class="n">JSON</span><span class="p">{</span> <span class="n">Indent</span><span class="o">:</span> <span class="s">" "</span><span class="p">,</span> <span class="n">HumanTime</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="p">})</span> </code></pre> </div> <h4> CSV Formatter </h4> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span><span class="o">.</span><span class="n">SetFormatter</span><span class="p">(</span><span class="o">&amp;</span><span class="n">accesslog</span><span class="o">.</span><span class="n">CSV</span><span class="p">{})</span> </code></pre> </div> <h4> Custom Template Formatter </h4> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span><span class="o">.</span><span class="n">SetFormatter</span><span class="p">(</span><span class="o">&amp;</span><span class="n">accesslog</span><span class="o">.</span><span class="n">Template</span><span class="p">{</span><span class="n">Text</span><span class="o">:</span> <span class="s">"{{.Code}}"</span><span class="p">})</span> </code></pre> </div> <h3> Custom Fields </h3> <p>You can add custom fields to the log entries:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span><span class="o">.</span><span class="n">AddFields</span><span class="p">(</span><span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">f</span> <span class="o">*</span><span class="n">accesslog</span><span class="o">.</span><span class="n">Fields</span><span class="p">)</span> <span class="p">{</span> <span class="k">for</span> <span class="n">k</span><span class="p">,</span> <span class="n">v</span> <span class="o">:=</span> <span class="k">range</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Request</span><span class="p">()</span><span class="o">.</span><span class="n">Header</span> <span class="p">{</span> <span class="n">value</span> <span class="o">:=</span> <span class="n">strings</span><span class="o">.</span><span class="n">Join</span><span class="p">(</span><span class="n">v</span><span class="p">,</span> <span class="s">", "</span><span class="p">)</span> <span class="n">f</span><span class="o">.</span><span class="n">Set</span><span class="p">(</span><span class="s">"request.header."</span><span class="o">+</span><span class="n">k</span><span class="p">,</span> <span class="n">value</span><span class="p">)</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <h3> Asynchronous Logging </h3> <p>Enable asynchronous logging to improve performance:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span><span class="o">.</span><span class="n">Async</span> <span class="o">=</span> <span class="no">true</span> </code></pre> </div> <h3> Conditional Logging </h3> <p>You can skip logging for specific routes or conditions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">app</span><span class="o">.</span><span class="n">UseRouter</span><span class="p">(</span><span class="n">accesslog</span><span class="o">.</span><span class="n">SkipHandler</span><span class="p">)</span> </code></pre> </div> <h2> Advanced Usage </h2> <h3> Logging to Multiple Destinations </h3> <p>You can log to multiple destinations using <code>io.MultiWriter</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span><span class="o">.</span><span class="n">SetOutput</span><span class="p">(</span><span class="n">io</span><span class="o">.</span><span class="n">MultiWriter</span><span class="p">(</span><span class="n">os</span><span class="o">.</span><span class="n">Stdout</span><span class="p">,</span> <span class="n">accesslog</span><span class="o">.</span><span class="n">File</span><span class="p">(</span><span class="s">"./access.log"</span><span class="p">)))</span> </code></pre> </div> <h3> Custom Clock </h3> <p>You can set a custom clock for the log timestamps, useful for testing:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span><span class="o">.</span><span class="n">Clock</span> <span class="o">=</span> <span class="n">accesslog</span><span class="o">.</span><span class="n">TClock</span><span class="p">(</span><span class="n">time</span><span class="o">.</span><span class="n">Now</span><span class="p">())</span> </code></pre> </div> <h3> Middleware Integration </h3> <p>Integrate the <code>accesslog</code> middleware with other middlewares:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">app</span><span class="o">.</span><span class="n">UseRouter</span><span class="p">(</span><span class="n">ac</span><span class="o">.</span><span class="n">Handler</span><span class="p">)</span> <span class="n">app</span><span class="o">.</span><span class="n">UseRouter</span><span class="p">(</span><span class="n">otherMiddleware</span><span class="p">)</span> </code></pre> </div> <h2> Examples </h2> <h3> Log Requests to a JSON File </h3> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">ac</span> <span class="o">:=</span> <span class="n">accesslog</span><span class="o">.</span><span class="n">File</span><span class="p">(</span><span class="s">"access_log.json"</span><span class="p">)</span> <span class="n">ac</span><span class="o">.</span><span class="n">SetFormatter</span><span class="p">(</span><span class="o">&amp;</span><span class="n">accesslog</span><span class="o">.</span><span class="n">JSON</span><span class="p">{</span> <span class="n">Indent</span><span class="o">:</span> <span class="s">" "</span><span class="p">,</span> <span class="n">HumanTime</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">UseRouter</span><span class="p">(</span><span class="n">ac</span><span class="o">.</span><span class="n">Handler</span><span class="p">)</span> </code></pre> </div> <h3> Using Log Rotation </h3> <p>Refer to the <a href="https://github.com/kataras/iris/tree/main/_examples/logging/request-logger/accesslog" rel="noopener noreferrer">log rotation example</a> for more details.</p> <h3> Custom Fields and Template </h3> <p>Refer to the <a href="https://github.com/kataras/iris/tree/main/_examples/logging/request-logger/accesslog-template" rel="noopener noreferrer">custom fields and template example</a> for more details.</p> <h3> Listen and Render Logs to a Client </h3> <p>Refer to the <a href="https://github.com/kataras/iris/tree/main/_examples/logging/request-logger/accesslog-broker" rel="noopener noreferrer">log broker example</a> for more details.</p> <h2> Conclusion </h2> <p>The <code>accesslog</code> middleware for Iris is a powerful tool for logging HTTP requests and responses. With its flexible configuration options and support for custom fields and formats, it can be tailored to meet the needs of any application.</p> <p>For more examples and detailed usage, refer to the <a href="https://github.com/kataras/iris/tree/main/_examples/logging/request-logger" rel="noopener noreferrer">official Iris documentation</a>.</p> webdev programming tutorial go How to use hCAPTCHA with Iris Gerasimos (Makis) Maropoulos Fri, 14 Jul 2023 03:58:12 +0000 https://dev.to/kataras/how-to-use-hcaptcha-with-iris-54nl https://dev.to/kataras/how-to-use-hcaptcha-with-iris-54nl <p>In this article, we will learn how to use hCAPTCHA with Iris, a web framework for Go that provides fast and easy development of web applications. hCAPTCHA is a service that protects websites from bots and spam by presenting challenges to human visitors. By using hCAPTCHA, we can ensure that only real users can access our website and prevent automated attacks.</p> <h2> What is hCAPTCHA? </h2> <p>hCAPTCHA is a service that provides a widget that can be embedded in any web page. The widget displays a challenge that requires human intelligence to solve, such as identifying objects in images or typing words. The widget communicates with the hCAPTCHA server and verifies if the user has passed the challenge or not. If the user passes the challenge, the widget generates a token that can be used to validate the user's request on the server side.</p> <p>hCAPTCHA is similar to reCAPTCHA, another popular service that offers similar functionality. However, hCAPTCHA claims to have some advantages over reCAPTCHA, such as:</p> <ul> <li>Better privacy: hCAPTCHA does not track users across websites or collect personal data.</li> <li>Better performance: hCAPTCHA uses less resources and loads faster than reCAPTCHA.</li> <li>Better rewards: hCAPTCHA pays website owners for using their service and supports various causes and charities.</li> </ul> <h2> How to use hCAPTCHA with Iris? </h2> <p>To use hCAPTCHA with Iris, we need to do two things:</p> <ul> <li>Import the <code>github.com/kataras/iris/v12/middleware/hcaptcha</code> package, which provides an Iris middleware for hCAPTCHA.</li> <li>Use the <code>hcaptcha.New</code> function to create an <code>iris.Handler</code> and register it in our Iris app.</li> </ul> <p>First, we need to install the Iris Web Framework, which contains the middleware too:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>go get github.com/kataras/iris/v12@latest </code></pre> </div> <p>Then, we need to import it in our main.go file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="p">(</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/hcaptcha"</span> <span class="p">)</span> </code></pre> </div> <p>Next, we need to use the <code>hcaptcha.New</code> function to create an <code>iris.Handler</code>. The function takes two arguments: a secret key and, optionally, one or more functions to configure the hCAPTCHA Client instance. The secret key is a string that we can obtain from the hCAPTCHA website after creating an account and registering our website. We'll register an error handler through the second article. The error handler (<code>FailureHandler</code>) is a function that handles any errors that may occur during the validation process.</p> <p>We can use the following code to create the handler:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// Replace with your own secret key.</span> <span class="n">secret</span> <span class="o">:=</span> <span class="s">"0x123456789abcdef"</span> <span class="c">// Create a hcaptcha middleware with the secret key and a custom error handler.</span> <span class="n">hcaptchaMiddleware</span> <span class="o">:=</span> <span class="n">hcaptcha</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">secret</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">c</span> <span class="o">*</span><span class="n">hcaptcha</span><span class="o">.</span><span class="n">Client</span><span class="p">)</span> <span class="p">{</span> <span class="n">c</span><span class="o">.</span><span class="n">FailureHandler</span> <span class="o">=</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="c">// Handle the error as you wish, for example:</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithText</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusBadRequest</span><span class="p">,</span> <span class="s">"hcaptcha verification failed: %v"</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>The secret key can be found through: <a href="https://dashboard.hcaptcha.com" rel="noopener noreferrer">https://dashboard.hcaptcha.com</a>. Please store it on a secure and private place. To test hCAPTCHA on a local environment please read the following instructions at: <a href="https://docs.hcaptcha.com/#localdev" rel="noopener noreferrer">https://docs.hcaptcha.com/#localdev</a>.</p> <p>Finally, we need to register the hcaptcha middleware in our Iris app. We can use the <code>app.UseRouter</code> method to apply the middleware to all routes, or the <code>app.Use/UseGlobal</code> method to apply it to all non-error routes. For example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// Create an Iris app instance.</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="c">// Apply the hcaptcha middleware to all non-error routes.</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">hcaptchaMiddleware</span><span class="p">)</span> <span class="c">// Or apply the hcaptcha middleware to specific routes.</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/protected"</span><span class="p">,</span> <span class="n">hcaptchaMiddleware</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="c">// This route is protected by hcaptcha.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">WriteString</span><span class="p">(</span><span class="s">"Hello, human!"</span><span class="p">)</span> <span class="p">})</span> </code></pre> </div> <h2> Conclusion </h2> <p>In this article, we have learned how to use basic hCAPTCHA middleware with Iris. For a more complete example please navigate through: <a href="https://github.com/kataras/iris/tree/master/_examples/auth/hcaptcha" rel="noopener noreferrer">https://github.com/kataras/iris/tree/master/_examples/auth/hcaptcha</a>. By using these kind of features, we can create a more secure, user-friendly, and robust web application.</p> <p>I hope you enjoyed this article and found it useful. If you have any questions or feedback, please feel free to leave a comment below. Thank you for reading! 😊</p> go iris security webdev How to use JWT authentication with Iris Gerasimos (Makis) Maropoulos Sun, 09 Jul 2023 16:55:57 +0000 https://dev.to/kataras/how-to-use-jwt-authentication-with-iris-1l4k https://dev.to/kataras/how-to-use-jwt-authentication-with-iris-1l4k <p>In this tutorial, we will learn how to use JWT (JSON Web Token) authentication with <a href="https://www.iris-go.com/" rel="noopener noreferrer">Iris</a>, a fast and simple web framework for Go. JWT is a standard for securely transmitting information between parties as a JSON object. It can be used to authenticate users and protect API endpoints from unauthorized access.</p> <h2> Prerequisites </h2> <p>To follow this tutorial, you will need:</p> <ul> <li>Go 1.20 or higher installed on your machine</li> <li>A basic understanding of Go and Iris</li> <li>A text editor or IDE of your choice (e.g. <a href="https://code.visualstudio.com/" rel="noopener noreferrer">VS Code</a>)</li> </ul> <h2> Creating a new Iris project </h2> <p>First, we will create a new Iris project using the <code>go mod</code> command. To do that, run the following commands:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span><span class="nb">mkdir </span>iris-jwt <span class="nv">$ </span><span class="nb">cd </span>iris-jwt <span class="nv">$ </span>go mod init iris-jwt <span class="nv">$ </span>go get github.com/kataras/iris/v12@latest </code></pre> </div> <p>This will create a new folder called <code>iris-jwt</code> with the following files:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>iris-jwt ├── go.mod └── go.sum </code></pre> </div> <p>The <code>go.mod</code> file contains the module name and the dependency on Iris. The <code>go.sum</code> file contains the checksums of the dependencies.</p> <p>Next, we will create a file called <code>main.go</code> in the same folder and write some basic code to start an Iris server on port 8080. We will modify this file later to add our JWT logic.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="c">// Create a new Iris application.</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="c">// Register a simple GET handler at the root path.</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">WriteString</span><span class="p">(</span><span class="s">"Hello, world!"</span><span class="p">)</span> <span class="p">})</span> <span class="c">// Start the server at http://localhost:8080.</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>To run the server, run the following command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>go run main.go </code></pre> </div> <p>You should see something like this in your terminal:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>Now listening on: http://localhost:8080 Application started. Press CTRL+C to shut down. </code></pre> </div> <p>You can also visit <a href="http://localhost:8080" rel="noopener noreferrer">http://localhost:8080</a> in your browser and see the message "Hello, world!".</p> <h2> Defining the user model and the JWT claims </h2> <p>Now, we will define a simple user model and a custom JWT claims struct in our <code>main.go</code> file. The user model will represent the data of our users, such as username and password. The JWT claims struct will contain the information that we want to store in our JWT tokens, such as user ID and expiration time.</p> <p>We will also define some constants for our secret keys and token expiration durations.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/jwt"</span> <span class="p">)</span> <span class="c">// User is a simple user model.</span> <span class="k">type</span> <span class="n">User</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ID</span> <span class="kt">int64</span> <span class="s">`json:"id"`</span> <span class="n">Username</span> <span class="kt">string</span> <span class="s">`json:"username"`</span> <span class="n">Password</span> <span class="kt">string</span> <span class="s">`json:"password"`</span> <span class="p">}</span> <span class="c">// Claims is a custom JWT claims struct.</span> <span class="k">type</span> <span class="n">Claims</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">jwt</span><span class="o">.</span><span class="n">Claims</span> <span class="c">// embeds standard claims iat, exp and sub.</span> <span class="n">UserID</span> <span class="kt">int64</span> <span class="s">`json:"user_id"`</span> <span class="p">}</span> <span class="c">// Define some constants for our secret keys and token expiration durations.</span> <span class="k">const</span> <span class="p">(</span> <span class="n">accessSecret</span> <span class="o">=</span> <span class="s">"my-access-secret"</span> <span class="n">refreshSecret</span> <span class="o">=</span> <span class="s">"my-refresh-secret"</span> <span class="n">accessExpire</span> <span class="o">=</span> <span class="m">15</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Minute</span> <span class="n">refreshExpire</span> <span class="o">=</span> <span class="m">24</span> <span class="o">*</span> <span class="n">time</span><span class="o">.</span><span class="n">Hour</span> <span class="p">)</span> </code></pre> </div> <h2> Creating a signer and a verifier for JWT </h2> <p>Next, we will create a signer and a verifier for JWT using the Iris middleware/jwt package. The signer will be used to generate and sign JWT tokens with our secret keys and claims. The verifier will be used to verify and validate JWT tokens from the client requests.</p> <p>We will create two signers and one verifiers, one pair for the access token and one signer for the refresh token. We will also use encryption for our tokens to add an extra layer of security.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/jwt"</span> <span class="p">)</span> <span class="c">// ...</span> <span class="c">// Create a signer for the access token.</span> <span class="n">accessSigner</span> <span class="o">:=</span> <span class="n">jwt</span><span class="o">.</span><span class="n">NewSigner</span><span class="p">(</span><span class="n">jwt</span><span class="o">.</span><span class="n">HS256</span><span class="p">,</span> <span class="n">accessSecret</span><span class="p">,</span> <span class="n">accessExpire</span><span class="p">)</span><span class="o">.</span> <span class="c">// Use encryption for the access token.</span> <span class="n">WithEncryption</span><span class="p">([]</span><span class="kt">byte</span><span class="p">(</span><span class="s">"my-access-encryption-key"</span><span class="p">),</span> <span class="no">nil</span><span class="p">)</span> <span class="c">// Create a signer for the refresh token.</span> <span class="n">refreshSigner</span> <span class="o">:=</span> <span class="n">jwt</span><span class="o">.</span><span class="n">NewSigner</span><span class="p">(</span><span class="n">jwt</span><span class="o">.</span><span class="n">HS256</span><span class="p">,</span> <span class="n">refreshSecret</span><span class="p">,</span> <span class="n">refreshExpire</span><span class="p">)</span><span class="o">.</span> <span class="c">// Use encryption for the refresh token.</span> <span class="n">WithEncryption</span><span class="p">([]</span><span class="kt">byte</span><span class="p">(</span><span class="s">"my-refresh-encryption-key"</span><span class="p">),</span> <span class="no">nil</span><span class="p">)</span> <span class="c">// Create a verifier for the access token.</span> <span class="n">accessVerifier</span> <span class="o">:=</span> <span class="n">jwt</span><span class="o">.</span><span class="n">NewVerifier</span><span class="p">(</span><span class="n">jwt</span><span class="o">.</span><span class="n">HS256</span><span class="p">,</span> <span class="n">accessSecret</span><span class="p">)</span><span class="o">.</span> <span class="c">// Use decryption for the access token.</span> <span class="n">WithDecryption</span><span class="p">([]</span><span class="kt">byte</span><span class="p">(</span><span class="s">"my-access-encryption-key"</span><span class="p">),</span> <span class="no">nil</span><span class="p">)</span> <span class="c">// Use a blocklist to revoke tokens.</span> <span class="c">// .WithDefaultBlocklist()</span> </code></pre> </div> <h2> Creating some mock users and a login handler </h2> <p>For the sake of simplicity, we will create some mock users in a map and use them to simulate authentication. In a real application, you would use a database or another storage system to store and retrieve your users.</p> <p>We will also create a login handler that will take a username and password from the client request, check if they match with one of our mock users, and if so, generate an access token and a refresh token for that user and send them back to the client.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/jwt"</span> <span class="p">)</span> <span class="c">// ...</span> <span class="c">// Create some mock users in a map.</span> <span class="n">users</span> <span class="o">:=</span> <span class="k">map</span><span class="p">[</span><span class="kt">string</span><span class="p">]</span><span class="n">User</span><span class="p">{</span> <span class="s">"alice"</span><span class="o">:</span> <span class="p">{</span><span class="n">ID</span><span class="o">:</span> <span class="m">1</span><span class="p">,</span> <span class="n">Username</span><span class="o">:</span> <span class="s">"alice"</span><span class="p">,</span> <span class="n">Password</span><span class="o">:</span> <span class="s">"1234"</span><span class="p">},</span> <span class="s">"bob"</span><span class="o">:</span> <span class="p">{</span><span class="n">ID</span><span class="o">:</span> <span class="m">2</span><span class="p">,</span> <span class="n">Username</span><span class="o">:</span> <span class="s">"bob"</span><span class="p">,</span> <span class="n">Password</span><span class="o">:</span> <span class="s">"5678"</span><span class="p">},</span> <span class="p">}</span> <span class="c">// Create a login handler that will generate JWT tokens for authenticated users.</span> <span class="n">loginHandler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="c">// Get the username and password from the request body.</span> <span class="k">var</span> <span class="n">user</span> <span class="n">User</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">ReadJSON</span><span class="p">(</span><span class="o">&amp;</span><span class="n">user</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusBadRequest</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Check if the username and password match with one of our mock users.</span> <span class="k">if</span> <span class="n">u</span><span class="p">,</span> <span class="n">ok</span> <span class="o">:=</span> <span class="n">users</span><span class="p">[</span><span class="n">user</span><span class="o">.</span><span class="n">Username</span><span class="p">];</span> <span class="o">!</span><span class="n">ok</span> <span class="o">||</span> <span class="n">u</span><span class="o">.</span><span class="n">Password</span> <span class="o">!=</span> <span class="n">user</span><span class="o">.</span><span class="n">Password</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithStatus</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusUnauthorized</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Generate an access token with the user ID as the subject claim.</span> <span class="n">accessClaims</span> <span class="o">:=</span> <span class="n">Claims</span><span class="p">{</span> <span class="n">Claims</span><span class="o">:</span> <span class="n">jwt</span><span class="o">.</span><span class="n">Claims</span><span class="p">{</span><span class="n">Subject</span><span class="o">:</span> <span class="n">u</span><span class="o">.</span><span class="n">Username</span><span class="p">},</span> <span class="n">UserID</span><span class="o">:</span> <span class="n">u</span><span class="o">.</span><span class="n">ID</span><span class="p">,</span> <span class="p">}</span> <span class="n">accessToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">accessSigner</span><span class="o">.</span><span class="n">Sign</span><span class="p">(</span><span class="n">accessClaims</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Generate a refresh token with the user ID as the subject claim.</span> <span class="n">refreshClaims</span> <span class="o">:=</span> <span class="n">Claims</span><span class="p">{</span> <span class="n">Claims</span><span class="o">:</span> <span class="n">jwt</span><span class="o">.</span><span class="n">Claims</span><span class="p">{</span><span class="n">Subject</span><span class="o">:</span> <span class="n">u</span><span class="o">.</span><span class="n">Username</span><span class="p">},</span> <span class="n">UserID</span><span class="o">:</span> <span class="n">u</span><span class="o">.</span><span class="n">ID</span><span class="p">,</span> <span class="p">}</span> <span class="n">refreshToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">refreshSigner</span><span class="o">.</span><span class="n">Sign</span><span class="p">(</span><span class="n">refreshClaims</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">/* OR tokenPair, err := refreshSigner.NewTokenPair(accessClaims, refreshClaims, refreshExpire) // [handle err...] ctx.JSON(tokenPair) */</span> <span class="c">// Send the tokens to the client as JSON.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">Map</span><span class="p">{</span> <span class="s">"access_token"</span><span class="o">:</span> <span class="kt">string</span><span class="p">(</span><span class="n">accessToken</span><span class="p">),</span> <span class="s">"refresh_token"</span><span class="o">:</span> <span class="kt">string</span><span class="p">(</span><span class="n">refreshToken</span><span class="p">),</span> <span class="s">"expires_in"</span><span class="o">:</span> <span class="kt">int64</span><span class="p">(</span><span class="n">accessExpire</span><span class="o">.</span><span class="n">Seconds</span><span class="p">()),</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <h2> Creating a protected API handler </h2> <p>Next, we will create a protected API handler that will only allow authorized users to access it. We will use the access verifier as a middleware to verify and validate the access token from the client request. If the token is valid, we will extract the user ID from it and send it back to the client as JSON.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/jwt"</span> <span class="p">)</span> <span class="c">// ...</span> <span class="c">// Create a protected API handler that will only allow authorized users to access it.</span> <span class="n">protectedHandler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="c">// Get the verified token from the context.</span> <span class="n">token</span> <span class="o">:=</span> <span class="n">jwt</span><span class="o">.</span><span class="n">GetVerifiedToken</span><span class="p">(</span><span class="n">ctx</span><span class="p">)</span> <span class="c">// important step.</span> <span class="c">// Get the custom claims from the token.</span> <span class="k">var</span> <span class="n">claims</span> <span class="n">Claims</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">token</span><span class="o">.</span><span class="n">Claims</span><span class="p">(</span><span class="o">&amp;</span><span class="n">claims</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="c">// important step.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Get the user ID from the claims.</span> <span class="n">userID</span> <span class="o">:=</span> <span class="n">claims</span><span class="o">.</span><span class="n">UserID</span> <span class="c">// Send the user ID to the client as JSON.</span> <span class="c">// This is just an example, you can do whatever you want here.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">Map</span><span class="p">{</span> <span class="s">"user_id"</span><span class="o">:</span> <span class="n">userID</span><span class="p">,</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <h2> Creating a refresh handler </h2> <p>Finally, we will create a refresh handler that will allow users to refresh their access tokens using their refresh tokens. We will use the refresh verifier as a middleware to verify and validate the refresh token from the client request. If the token is valid, we will generate a new access token and a new refresh token for the same user and send them back to the client.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/jwt"</span> <span class="p">)</span> <span class="c">// ...</span> <span class="c">// Create a refresh handler that will allow users to refresh their access tokens using their refresh tokens.</span> <span class="n">refreshHandler</span> <span class="o">:=</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="c">// Get the verified token from the context.</span> <span class="n">token</span> <span class="o">:=</span> <span class="n">jwt</span><span class="o">.</span><span class="n">GetVerifiedToken</span><span class="p">(</span><span class="n">ctx</span><span class="p">)</span> <span class="c">// Get the custom claims from the token.</span> <span class="k">var</span> <span class="n">claims</span> <span class="n">Claims</span> <span class="k">if</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">token</span><span class="o">.</span><span class="n">Claims</span><span class="p">(</span><span class="o">&amp;</span><span class="n">claims</span><span class="p">);</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Get the user ID and username from the claims.</span> <span class="n">userID</span> <span class="o">:=</span> <span class="n">claims</span><span class="o">.</span><span class="n">UserID</span> <span class="n">username</span> <span class="o">:=</span> <span class="n">claims</span><span class="o">.</span><span class="n">Subject</span> <span class="c">// Generate a new access token with the same user ID and username as the subject claim.</span> <span class="n">accessClaims</span> <span class="o">:=</span> <span class="n">Claims</span><span class="p">{</span> <span class="n">Claims</span><span class="o">:</span> <span class="n">jwt</span><span class="o">.</span><span class="n">Claims</span><span class="p">{</span><span class="n">Subject</span><span class="o">:</span> <span class="n">username</span><span class="p">},</span> <span class="n">UserID</span><span class="o">:</span> <span class="n">userID</span><span class="p">,</span> <span class="p">}</span> <span class="n">accessToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">accessSigner</span><span class="o">.</span><span class="n">Sign</span><span class="p">(</span><span class="n">accessClaims</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Generate a new refresh token with the same user ID and username as the subject claim.</span> <span class="n">refreshClaims</span> <span class="o">:=</span> <span class="n">Claims</span><span class="p">{</span> <span class="n">Claims</span><span class="o">:</span> <span class="n">jwt</span><span class="o">.</span><span class="n">Claims</span><span class="p">{</span><span class="n">Subject</span><span class="o">:</span> <span class="n">username</span><span class="p">},</span> <span class="n">UserID</span><span class="o">:</span> <span class="n">userID</span><span class="p">,</span> <span class="p">}</span> <span class="n">refreshToken</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">refreshSigner</span><span class="o">.</span><span class="n">Sign</span><span class="p">(</span><span class="n">refreshClaims</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Send the new tokens to the client as JSON.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">Map</span><span class="p">{</span> <span class="s">"access_token"</span><span class="o">:</span> <span class="kt">string</span><span class="p">(</span><span class="n">accessToken</span><span class="p">),</span> <span class="s">"refresh_token"</span><span class="o">:</span> <span class="kt">string</span><span class="p">(</span><span class="n">refreshToken</span><span class="p">),</span> <span class="s">"expires_in"</span><span class="o">:</span> <span class="kt">int64</span><span class="p">(</span><span class="n">accessExpire</span><span class="o">.</span><span class="n">Seconds</span><span class="p">()),</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <h2> Registering the handlers and testing the application </h2> <p>Now that we have created all our handlers, we can register them with our Iris application and test our application. We will use the <code>app.Post</code> method to register our login, protected, and refresh handlers with different paths. We will also use the <code>accessVerifier.Verify</code> method to register our verifiers as middlewares for the rest of the protected handlers.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"time"</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/jwt"</span> <span class="p">)</span> <span class="c">// ...</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="c">// Create a new Iris application.</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="c">// Register our login handler at /login path.</span> <span class="n">app</span><span class="o">.</span><span class="n">Post</span><span class="p">(</span><span class="s">"/login"</span><span class="p">,</span> <span class="n">loginHandler</span><span class="p">)</span> <span class="c">// Register a single protected handler at /protected path.</span> <span class="c">// This handler verifies the request manually as we've seen above.</span> <span class="n">app</span><span class="o">.</span><span class="n">Post</span><span class="p">(</span><span class="s">"/protected"</span><span class="p">,</span> <span class="n">protectedHandler</span><span class="p">)</span> <span class="c">// Register our refresh handler at /refresh path with refresh signer.</span> <span class="n">app</span><span class="o">.</span><span class="n">Post</span><span class="p">(</span><span class="s">"/refresh"</span><span class="p">,</span> <span class="n">refreshHandler</span><span class="p">)</span> <span class="c">// You can also register the pre-defined jwt middleware for all protected routes</span> <span class="c">// which performs verification automatically and set the custom Claims to the Context</span> <span class="c">// for next handlers to use through: claims := jwt.Get(ctx).(*Claims).</span> <span class="n">app</span><span class="o">.</span><span class="n">Use</span><span class="p">(</span><span class="n">accessVerifier</span><span class="o">.</span><span class="n">Verify</span><span class="p">(</span><span class="k">func</span><span class="p">()</span> <span class="k">interface</span><span class="p">{}</span> <span class="p">{</span> <span class="k">return</span> <span class="nb">new</span><span class="p">(</span><span class="n">Claims</span><span class="p">)</span> <span class="p">}))</span> <span class="c">// [more routes...]</span> <span class="c">// Start the server at http://localhost:8080.</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>To test our application, we can use a tool like curl or Postman to send HTTP requests to our server. Here are some examples of how to do that:</p> <ul> <li>To login as Alice and get the access token and the refresh token, we can send a POST request to <a href="http://localhost:8080/login" rel="noopener noreferrer">http://localhost:8080/login</a> with the following JSON body: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"username"</span><span class="p">:</span><span class="w"> </span><span class="s2">"alice"</span><span class="p">,</span><span class="w"> </span><span class="nl">"password"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1234"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>We should get a response like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"access_token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzYwNjQ3MzEsImlhdCI6MTYzNjA2MzIzMSwic3ViIjoiYWxpY2UiLCJ1c2VySWQiOjF9.8f7a7b8f7a7b8f7a7b8f7a7b8f7a7b8f7a7b8f7a7b8f7a7b8f7a7b8f"</span><span class="p">,</span><span class="w"> </span><span class="nl">"refresh_token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzYxNTAzMzEsImlhdCI6MTYzNjA2MzIzMSwic3ViIjoiYWxpY2UiLCJ1c2VySWQiOjF9.9f8a8b9f8a8b9f8a8b9f8a8b9f8a8b9f8a8b9f8a8b9f8a8b9f8a8b9f"</span><span class="p">,</span><span class="w"> </span><span class="nl">"expires_in"</span><span class="p">:</span><span class="w"> </span><span class="mi">900</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>To access the protected API endpoint with the access token, we can send a POST request to <a href="http://localhost:8080/protected" rel="noopener noreferrer">http://localhost:8080/protected</a> with the following header: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>Authorization: Bearer &lt;access-token&gt; </code></pre> </div> <p>We should get a response like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"user_id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>To refresh the access token with the refresh token, we can send a POST request to <a href="http://localhost:8080/refresh" rel="noopener noreferrer">http://localhost:8080/refresh</a> with the following header: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>Authorization: Bearer &lt;refresh-token&gt; </code></pre> </div> <p>We should get a response like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"access_token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzYwNjQ4NTMsImlhdCI6MTYzNjA2MzM1Mywic3ViIjoiYWxpY2UiLCJ1c2VySWQiOjF9.9g7a7c9g7a7c9g7a7c9g7a7c9g7a7c9g7a7c9g7a7c9g7a7c9g7a7c9g"</span><span class="p">,</span><span class="w"> </span><span class="nl">"refresh_token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzYxNTA0NTMsImlhdCI6MTYzNjA2MzM1Mywic3ViIjoiYWxpY2UiLCJ1c2VySWQiOjF9.aG8aBbaG8aBbaG8aBbaG8aBbaG8aBbaG8aBbaG8aBbaG8aBbaG8aBbaG"</span><span class="p">,</span><span class="w"> </span><span class="nl">"expires_in"</span><span class="p">:</span><span class="w"> </span><span class="mi">900</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> Conclusion </h2> <p>In this tutorial, we learned how to use JWT authentication with Iris, a fast and simple web framework for Go. We learned how to create a signer and a verifier for JWT, how to generate and validate JWT tokens, how to protect an API endpoint with JWT, and how to refresh JWT tokens. We also learned how to use the Iris middleware/jwt package, which provides a common Iris handler for JWT authentication.</p> <p>You can find the complete code for this tutorial on GitHub: <a href="https://github.com/kataras/iris/tree/master/_examples/auth/jwt/tutorial" rel="noopener noreferrer">https://github.com/kataras/iris/tree/master/_examples/auth/jwt/tutorial</a> and <a href="https://github.com/kataras/jwt" rel="noopener noreferrer">https://github.com/kataras/jwt</a>.</p> <p>If you want to learn more about Iris, you can visit its official website: <a href="https://www.iris-go.com/" rel="noopener noreferrer">https://www.iris-go.com/</a></p> <p>If you want to learn more about JWT, you can visit its official website: <a href="https://jwt.io/" rel="noopener noreferrer">https://jwt.io/</a></p> <p>I hope you enjoyed this tutorial and found it useful. Thank you for reading.😊</p> go webdev iris security Rewrite: A Simple and Powerful URL Rewriter for Go Gerasimos (Makis) Maropoulos Sun, 09 Jul 2023 13:56:09 +0000 https://dev.to/kataras/rewrite-a-simple-and-powerful-url-rewriter-for-go-224h https://dev.to/kataras/rewrite-a-simple-and-powerful-url-rewriter-for-go-224h <p>Rewrite is a Go package that lets you rewrite URL paths, subdomains or hosts based on regular expressions. It is inspired by Apache's mod_rewrite module and can be used as a middleware for <a href="https://pkg.go.dev/net/http" rel="noopener noreferrer">net/http</a>.</p> <p>Rewrite can help you achieve better SEO results by redirecting old or unwanted URLs to new ones, enforcing a primary subdomain, or simplifying complex URL structures.</p> <h2> How to Install Rewrite </h2> <p>To install Rewrite, you need to have Go installed on your system. Then, you can use the go get command to download and install the package:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">$ </span>go get github.com/kataras/rewrite </code></pre> </div> <h2> How to Use Rewrite </h2> <p>You can load rewrite options in two ways:</p> <ol> <li>Through code using the <code>New</code> function and <code>Handler</code> method. This way, you can handle parse errors and create rules programmatically.</li> <li>Or through a YAML file using the <code>Load</code> function which returns a <code>func(http.Handler) http.Handler</code>. This is the most common and simplest way. It panics on parse errors.</li> </ol> <p>The syntax of the rewrite rules is:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>REDIRECT_CODE_DIGITS PATTERN_REGEX TARGET_REPL </code></pre> </div> <p>Where:</p> <ul> <li> <code>REDIRECT_CODE_DIGITS</code> is the HTTP status code to use for the redirection, such as 301 (Moved Permanently) or 302 (Found).</li> <li> <code>PATTERN_REGEX</code> is the regular expression that matches the request URL path, subdomain or host.</li> <li> <code>TARGET_REPL</code> is the replacement string that contains the new URL path, subdomain or host.</li> </ul> <p>For example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>301 /seo/(.*) /$1 </code></pre> </div> <p>This rule redirects all requests from relative path <code>/seo/*</code> to <code>/*</code> using the 301 HTTP status code.</p> <p>You can also use a special option called <code>PrimarySubdomain</code> to redirect all requests from the root domain to a specific subdomain, such as <code>www</code>.</p> <p>For example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>PrimarySubdomain: www </code></pre> </div> <p>This option redirects all requests from <code>example.com</code> to <code>www.example.com</code>.</p> <h2> Examples </h2> <p>Let's write a simple application that follows these redirect rules:</p> <ul> <li>Redirects <code>/seo/*</code> to <code>/*</code> </li> <li>Redirects <code>/docs/v12*</code> to <code>/docs</code> </li> <li>Redirects <code>/old (.*)</code> to <code>/</code> </li> <li>Redirects root domain requests to <code>www.</code> </li> </ul> <p>The code would look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"net/http"</span> <span class="s">"github.com/kataras/rewrite"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">mux</span> <span class="o">:=</span> <span class="n">http</span><span class="o">.</span><span class="n">NewServeMux</span><span class="p">()</span> <span class="c">// [...routes]</span> <span class="c">// Load the redirect rules from a YAML file.</span> <span class="n">redirects</span> <span class="o">:=</span> <span class="n">rewrite</span><span class="o">.</span><span class="n">Load</span><span class="p">(</span><span class="s">"redirects.yml"</span><span class="p">)</span> <span class="c">// Wrap the router with the rewrite middleware.</span> <span class="n">http</span><span class="o">.</span><span class="n">ListenAndServe</span><span class="p">(</span><span class="s">":8080"</span><span class="p">,</span> <span class="n">redirects</span><span class="p">(</span><span class="n">mux</span><span class="p">))</span> <span class="p">}</span> </code></pre> </div> <p>The YAML file would look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">RedirectMatch</span><span class="pi">:</span> <span class="c1"># Redirects /seo/* to /*</span> <span class="pi">-</span> <span class="s">301 /seo/(.*) /$1</span> <span class="c1"># Redirects /docs/v12* to /docs</span> <span class="pi">-</span> <span class="s">301 /docs/v12(.*) /docs</span> <span class="c1"># Redirects /old (.*) to /</span> <span class="pi">-</span> <span class="s">301 /old(.*) /</span> <span class="c1"># Redirects root domain requests to www.</span> <span class="na">PrimarySubdomain</span><span class="pi">:</span> <span class="s">www</span> </code></pre> </div> <p>That's it! Now you can test your application and see how it redirects the requests according to your rules.</p> <p>You can find more examples in the <code>_examples</code> folder of the GitHub repository: <a href="https://github.com/kataras/rewrite/tree/main/_examples" rel="noopener noreferrer">https://github.com/kataras/rewrite/tree/main/_examples</a></p> <h2> Conclusion </h2> <p>Rewrite is a handy package that lets you rewrite URLs in Go with ease. It is compatible with any net/http router or framework and supports regular expressions for flexible matching and replacing. It can help you improve your SEO performance by redirecting old or unwanted URLs to new ones, enforcing a primary subdomain, or simplifying complex URL structures.</p> <p>If you want to learn more about Rewrite, you can check out its GitHub repository: <a href="https://github.com/kataras/rewrite" rel="noopener noreferrer">https://github.com/kataras/rewrite</a></p> <p>I hope you enjoyed this article and found it useful. If you have any feedback or questions, feel free to leave a comment below. Thank you for reading! 😊</p> webdev go networking tutorial How to use Iris and Basic authentication Gerasimos (Makis) Maropoulos Sat, 08 Jul 2023 12:15:21 +0000 https://dev.to/kataras/how-to-use-iris-and-basic-authentication-5hjm https://dev.to/kataras/how-to-use-iris-and-basic-authentication-5hjm <p>Iris is a fast, simple yet fully featured and very efficient web framework for Go. It provides a beautifully expressive and easy to use foundation for your next website or API. One of the features that Iris offers the middleware/basicauth sub-package, which allows you to implement basic authentication for your web applications.</p> <p>Basic authentication is a simple and widely used scheme that requires the client to provide a username and password to access a protected resource. The credentials are encoded with Base64 and sent in the HTTP header. However, they are not encrypted or hashed, so basic authentication should be used in conjunction with HTTPS to provide confidentiality.</p> <p>In this article, we will show you how to use the basicauth middleware to add basic authentication to your Iris handlers.</p> <h2> Installing Iris and BasicAuth Middleware </h2> <p>To use the BasicAuth middleware, you need to install Iris first. You can do that by running the following command in your terminal:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">go</span> <span class="n">get</span> <span class="n">github</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">kataras</span><span class="o">/</span><span class="n">iris</span><span class="o">/</span><span class="n">v12</span><span class="err">@</span><span class="n">latest</span> </code></pre> </div> <p>This will download and install the latest version of Iris and its dependencies. You can also specify a specific version if you want.</p> <p>Next, you need to import the middleware/basicauth sub-package in your Go code. You can do that by adding the following line at the top of your file:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="s">"github.com/kataras/iris/v12/middleware/basicauth"</span> </code></pre> </div> <p>This will make the basicauth package available for your use.</p> <h2> Creating a basic authentication middleware </h2> <p>To create a basic authentication middleware, you need to use the <code>basicauth.New</code> function from the basicauth package. This function accepts a <code>basicauth.Options</code> struct that contains various options for configuring the middleware. The most important option is the <code>Allow</code> field, which is a function that takes a username and password as arguments and returns true if they are valid or false otherwise. You can use one of the helper methods from the basicauth package to create this function from different sources of valid credentials. They are:</p> <ul> <li> <code>basicauth.AllowUsers</code>: This method takes a map of usernames and passwords and returns an Allow function that uses the given map as the source of valid credentials. This is useful if you want to create the Allow function from a predefined map of users.</li> <li> <code>basicauth.AllowUsersFile</code>: This method takes a JSON or YAML filename and returns an Allow function that uses the file as the source of valid credentials. The file should contain an array of objects with username and password fields. This is useful if you want to store your users in an external file instead of in your code.</li> <li> <code>basicauth.BCRYPT</code>: This method takes a UserAuthOptions struct and modifies it to use bcrypt hashing for comparing passwords. This is useful if you want to store hashed passwords instead of plain ones in your users map or file. You can pass this method as an argument to the basicauth.AllowUsers or basicauth.AllowUsersFile helper methods to create an Allow function that uses bcrypt hashing.</li> </ul> <p>You can also set other options such as <code>Realm</code>, <code>Expires</code>, <code>ErrorHandler</code> and more.</p> <p>The <code>basicauth.New</code> function returns an <code>iris.Handler</code>, which is a function that takes an <code>iris.Context</code> as an argument and performs some actions on it. You can register this handler as a middleware for your routes or parties using methods such as <code>Use</code>, <code>UseGlobal</code>, or <code>UseRouter</code>.</p> <p>Here is an example of how to create and use a basic authentication middleware using a map of users:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">package</span> <span class="n">main</span> <span class="k">import</span> <span class="p">(</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/kataras/iris/v12/middleware/basicauth"</span> <span class="p">)</span> <span class="k">func</span> <span class="n">main</span><span class="p">()</span> <span class="p">{</span> <span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="c">// Create a map of usernames and passwords.</span> <span class="n">users</span> <span class="o">:=</span> <span class="k">map</span><span class="p">[</span><span class="kt">string</span><span class="p">]</span><span class="kt">string</span><span class="p">{</span> <span class="s">"myusername"</span><span class="o">:</span> <span class="s">"mypassword"</span><span class="p">,</span> <span class="s">"admin"</span><span class="o">:</span> <span class="s">"admin"</span><span class="p">,</span> <span class="p">}</span> <span class="c">// Create an Allow function using basicauth.AllowUsers helper method.</span> <span class="n">allow</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">AllowUsers</span><span class="p">(</span><span class="n">users</span><span class="p">)</span> <span class="c">// Create a basic authentication middleware using basicauth.New.</span> <span class="n">auth</span> <span class="o">:=</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">basicauth</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">Realm</span><span class="o">:</span> <span class="n">basicauth</span><span class="o">.</span><span class="n">DefaultRealm</span><span class="p">,</span> <span class="n">Allow</span><span class="o">:</span> <span class="n">allow</span><span class="p">,</span> <span class="p">})</span> <span class="c">// Register the auth handler as a global middleware using UseGlobal.</span> <span class="n">app</span><span class="o">.</span><span class="n">UseGlobal</span><span class="p">(</span><span class="n">auth</span><span class="p">)</span> <span class="c">// Register some routes that require basic authentication.</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">User</span><span class="p">()</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Writef</span><span class="p">(</span><span class="s">"%s %s: You are authenticated"</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="p">)</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/admin"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">username</span><span class="p">,</span> <span class="n">_</span><span class="p">,</span> <span class="n">_</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">User</span><span class="p">()</span> <span class="k">if</span> <span class="n">username</span> <span class="o">==</span> <span class="s">"admin"</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">WriteString</span><span class="p">(</span><span class="s">"Hello admin"</span><span class="p">)</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithText</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusForbidden</span><span class="p">,</span> <span class="s">"Only admin can access this page"</span><span class="p">)</span> <span class="p">}</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/logout"</span><span class="p">,</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Logout</span><span class="p">()</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Redirect</span><span class="p">(</span><span class="s">"/"</span><span class="p">)</span> <span class="p">})</span> <span class="n">app</span><span class="o">.</span><span class="n">Listen</span><span class="p">(</span><span class="s">":8080"</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> Testing the basic authentication middleware </h2> <p>To test the basic authentication middleware, you can run the above code and visit <a href="http://localhost:8080" rel="noopener noreferrer">http://localhost:8080</a> in your browser. You should see a prompt asking you for your username and password. If you enter one of the valid credentials from the users map, you should see a message saying that you are authenticated. If you enter an invalid credential, you should see an error message saying that authorization is required.</p> <p>You can also visit <a href="http://localhost:8080/admin" rel="noopener noreferrer">http://localhost:8080/admin</a> to see a page that is only accessible by the admin user. If you enter the admin credential, you should see a message saying hello admin. If you enter any other credential, you should see a message saying that only admin can access this page.</p> <p>You can also visit <a href="http://localhost:8080/logout" rel="noopener noreferrer">http://localhost:8080/logout</a> to log out from the basic authentication and clear the cookie. You should be redirected to the home page and see the prompt again if you refresh the page.</p> <h2> Conclusion </h2> <p>In this article, we have learned how to use the middleware/basicauth sub-package to create a basic authentication middleware for your Iris handlers. We have seen how to configure the middleware with various options, how to register it as a global or route-specific middleware, and how to test it in the browser. We have also seen how to use different helper methods to create the Allow function from different sources of valid credentials, and how to use bcrypt hashing to store hashed passwords. We have also seen how to use the Context.User() method to get the username and password of the authenticated user, and how to use the Context.Logout() method to log out from the basic authentication.</p> <p>We hope that this article has helped you understand how to use Iris and basic authentication for your web applications. For more information and examples, you can visit the official documentation of Iris at <a href="https://www.iris-go.com/docs/#/?id=using-basic-authentication" rel="noopener noreferrer">https://www.iris-go.com/docs/#/?id=using-basic-authentication</a> and the GitHub repository of Iris at <a href="https://github.com/kataras/iris/tree/master/_examples/auth/basicauth" rel="noopener noreferrer">https://github.com/kataras/iris/tree/master/_examples/auth/basicauth</a>. Thank you for reading!</p> webdev go iris backend How to Use Iris and PostgreSQL for Web Development Gerasimos (Makis) Maropoulos Sun, 02 Jul 2023 11:59:49 +0000 https://dev.to/kataras/how-to-use-iris-and-postgresql-for-web-development-3kka https://dev.to/kataras/how-to-use-iris-and-postgresql-for-web-development-3kka <p><a href="https://www.iris-go.com/" rel="noopener noreferrer">Iris</a> is a fast and lightweight web framework for Go that offers a rich set of features and a high-performance engine. PostgreSQL is a powerful and reliable relational database system that supports advanced data types and functions. Together, they can form a solid foundation for building modern web applications.</p> <p>But how can you connect Iris and PostgreSQL in a simple and type-safe way? How can you perform common database operations without writing too much boilerplate code? How can you handle transactions, schema creation, query tracing and error handling in a consistent manner?</p> <p>The answer is PG middleware, a package for Iris that provides easy and type-safe access to PostgreSQL database. In this article, we will show you how to use PG middleware to create a simple REST API for managing customers.</p> <h2> What is PG middleware? </h2> <p>PG middleware is a package for Iris web framework that provides easy and type-safe access to PostgreSQL database. It has the following features:</p> <ul> <li>It supports PostgreSQL 9.5 and above.</li> <li>It uses <a href="https://github.com/kataras/pg" rel="noopener noreferrer">pg</a> package and <a href="https://github.com/jackc/pgx" rel="noopener noreferrer">pgx</a> driver under the hood.</li> <li>It supports transactions, schema creation and validation, query tracing and error handling.</li> <li>It allows registering custom types and table models using a schema object.</li> <li>It provides a generic repository interface for common CRUD operations.</li> </ul> <h2> How to install PG middleware? </h2> <p>To install PG middleware, you need to use the following command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>go get github.com/iris-contrib/middleware/pg@master </code></pre> </div> <h2> How to use PG middleware? </h2> <p>To use PG middleware, you need to follow these steps:</p> <ol> <li>Import the package in your code: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">import</span> <span class="p">(</span> <span class="s">"github.com/kataras/iris/v12"</span> <span class="s">"github.com/iris-contrib/middleware/pg"</span> <span class="p">)</span> </code></pre> </div> <ol> <li>Define your database table models as structs with <code>pg</code> tags: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="c">// The Customer database table model.</span> <span class="k">type</span> <span class="n">Customer</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">ID</span> <span class="kt">string</span> <span class="s">`json:"id" pg:"type=uuid,primary"`</span> <span class="n">Name</span> <span class="kt">string</span> <span class="s">`json:"name" pg:"type=varchar(255)"`</span> <span class="p">}</span> </code></pre> </div> <p>The <code>json</code> tag defines how the struct fields are encoded or decoded as JSON. The <code>pg</code> tag defines how the struct fields are mapped to the database table columns. You can specify the column type, constraints, indexes and other options using the <code>pg</code> tag. Read more at <a href="https://github.com/kataras/pg" rel="noopener noreferrer">pg</a> repository.</p> <ol> <li>Create a schema object and register your models: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">schema</span> <span class="o">:=</span> <span class="n">pg</span><span class="o">.</span><span class="n">NewSchema</span><span class="p">()</span> <span class="n">schema</span><span class="o">.</span><span class="n">MustRegister</span><span class="p">(</span><span class="s">"customers"</span><span class="p">,</span> <span class="n">Customer</span><span class="p">{})</span> </code></pre> </div> <p>The schema object is used to store the metadata of your database tables and models. You need to register your models with the schema object using the <code>MustRegister</code> method. The first argument is the table name, and the second argument is the model type.</p> <ol> <li>Create a PG middleware instance with the schema and database options: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">opts</span> <span class="o">:=</span> <span class="n">pg</span><span class="o">.</span><span class="n">Options</span><span class="p">{</span> <span class="n">Host</span><span class="o">:</span> <span class="s">"localhost"</span><span class="p">,</span> <span class="n">Port</span><span class="o">:</span> <span class="m">5432</span><span class="p">,</span> <span class="n">User</span><span class="o">:</span> <span class="s">"postgres"</span><span class="p">,</span> <span class="n">Password</span><span class="o">:</span> <span class="s">"admin!123"</span><span class="p">,</span> <span class="n">DBName</span><span class="o">:</span> <span class="s">"test_db"</span><span class="p">,</span> <span class="n">Schema</span><span class="o">:</span> <span class="s">"public"</span><span class="p">,</span> <span class="n">SSLMode</span><span class="o">:</span> <span class="s">"disable"</span><span class="p">,</span> <span class="n">Transactional</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="n">Trace</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="n">CreateSchema</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="n">CheckSchema</span><span class="o">:</span> <span class="no">true</span><span class="p">,</span> <span class="n">ErrorHandler</span><span class="o">:</span> <span class="k">func</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">,</span> <span class="n">err</span> <span class="kt">error</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">},</span> <span class="p">}</span> <span class="n">p</span> <span class="o">:=</span> <span class="n">pg</span><span class="o">.</span><span class="n">New</span><span class="p">(</span><span class="n">schema</span><span class="p">,</span> <span class="n">opts</span><span class="p">)</span> </code></pre> </div> <p>The options struct defines the configuration parameters for connecting to the database and using the middleware features. You need to specify the host, port, user, password, dbname, schema and sslmode fields for establishing the connection. You can also enable or disable the transactional feature, which wraps each request handler in a database transaction. You can also enable or disable the trace feature, which logs each query executed by the middleware. You can also enable or disable the createSchema feature, which creates the schema if it doesn't exist in the database. You can also enable or disable the checkSchema feature, which checks the schema for missing tables and columns and reports any discrepancies. You can also provide an errorHandler function, which handles any errors occurred during the middleware execution.</p> <p>The <code>New</code> function creates a new PG middleware instance with the given schema and options.</p> <ol> <li>Attach the middleware handler to your Iris app or routes: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="n">app</span> <span class="o">:=</span> <span class="n">iris</span><span class="o">.</span><span class="n">New</span><span class="p">()</span> <span class="n">postgresMiddleware</span> <span class="o">:=</span> <span class="n">newPostgresMiddleware</span><span class="p">()</span> <span class="p">{</span> <span class="n">customerAPI</span> <span class="o">:=</span> <span class="n">app</span><span class="o">.</span><span class="n">Party</span><span class="p">(</span><span class="s">"/api/customer"</span><span class="p">,</span> <span class="n">postgresMiddleware</span><span class="p">)</span> <span class="n">customerAPI</span><span class="o">.</span><span class="n">Post</span><span class="p">(</span><span class="s">"/"</span><span class="p">,</span> <span class="n">createCustomer</span><span class="p">)</span> <span class="n">customerAPI</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"/{id:uuid}"</span><span class="p">,</span> <span class="n">getCustomer</span><span class="p">)</span> <span class="n">customerAPI</span><span class="o">.</span><span class="n">Put</span><span class="p">(</span><span class="s">"/{id:uuid}"</span><span class="p">,</span> <span class="n">updateCustomer</span><span class="p">)</span> <span class="n">customerAPI</span><span class="o">.</span><span class="n">Delete</span><span class="p">(</span><span class="s">"/{id:uuid}"</span><span class="p">,</span> <span class="n">deleteCustomer</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>The middleware handler is a function that takes an Iris context and calls the next handler in the chain. You can attach the middleware handler to your Iris app or routes using the <code>Use</code> or <code>Party</code> methods. In this example, we create a subrouter for the customer API and apply the middleware handler to it.</p> <ol> <li>Use the <code>pg.DB</code> or <code>pg.Repository</code> package-level functions to access the database instance or the repository interface in your handlers: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight go"><code><span class="k">func</span> <span class="n">createCustomer</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="k">var</span> <span class="n">payload</span> <span class="o">=</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Name</span> <span class="kt">string</span> <span class="s">`json:"name"`</span> <span class="p">}{}</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">ReadJSON</span><span class="p">(</span><span class="o">&amp;</span><span class="n">payload</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusBadRequest</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Get the current database instance through pg.DB middleware package-level function.</span> <span class="c">// db := pg.DB(ctx)</span> <span class="c">// [Work with db instance...]</span> <span class="c">// OR, initialize a new repository of Customer type and work with it (type-safety).</span> <span class="n">customers</span> <span class="o">:=</span> <span class="n">pg</span><span class="o">.</span><span class="n">Repository</span><span class="p">[</span><span class="n">Customer</span><span class="p">](</span><span class="n">ctx</span><span class="p">)</span> <span class="c">// Insert a new Customer.</span> <span class="n">customer</span> <span class="o">:=</span> <span class="n">Customer</span><span class="p">{</span> <span class="n">Name</span><span class="o">:</span> <span class="n">payload</span><span class="o">.</span><span class="n">Name</span><span class="p">,</span> <span class="p">}</span> <span class="n">err</span> <span class="o">=</span> <span class="n">customers</span><span class="o">.</span><span class="n">InsertSingle</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="n">customer</span><span class="p">,</span> <span class="o">&amp;</span><span class="n">customer</span><span class="o">.</span><span class="n">ID</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Display the result ID.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StatusCode</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusCreated</span><span class="p">)</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">Map</span><span class="p">{</span><span class="s">"id"</span><span class="o">:</span> <span class="n">customer</span><span class="o">.</span><span class="n">ID</span><span class="p">})</span> <span class="p">}</span> <span class="k">func</span> <span class="n">getCustomer</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="c">// Get the id from the path parameter.</span> <span class="n">id</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Params</span><span class="p">()</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"id"</span><span class="p">)</span> <span class="c">// Get the repository of Customer type through pg.Repository middleware package-level function.</span> <span class="n">customers</span> <span class="o">:=</span> <span class="n">pg</span><span class="o">.</span><span class="n">Repository</span><span class="p">[</span><span class="n">Customer</span><span class="p">](</span><span class="n">ctx</span><span class="p">)</span> <span class="c">// Get the customer by the id.</span> <span class="n">customer</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">customers</span><span class="o">.</span><span class="n">SelectByID</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="n">id</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">if</span> <span class="n">pg</span><span class="o">.</span><span class="n">IsErrNoRows</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithStatus</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusNotFound</span><span class="p">)</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Display the retrieved Customer.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">customer</span><span class="p">)</span> <span class="p">}</span> <span class="k">func</span> <span class="n">updateCustomer</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="c">// Get the id from the path parameter.</span> <span class="n">id</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Params</span><span class="p">()</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"id"</span><span class="p">)</span> <span class="k">var</span> <span class="n">payload</span> <span class="o">=</span> <span class="k">struct</span> <span class="p">{</span> <span class="n">Name</span> <span class="kt">string</span> <span class="s">`json:"name"`</span> <span class="p">}{}</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">ReadJSON</span><span class="p">(</span><span class="o">&amp;</span><span class="n">payload</span><span class="p">)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusBadRequest</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Get the repository of Customer type through pg.Repository middleware package-level function.</span> <span class="n">customers</span> <span class="o">:=</span> <span class="n">pg</span><span class="o">.</span><span class="n">Repository</span><span class="p">[</span><span class="n">Customer</span><span class="p">](</span><span class="n">ctx</span><span class="p">)</span> <span class="c">// Update the customer by the id and name.</span> <span class="n">customer</span> <span class="o">:=</span> <span class="n">Customer</span><span class="p">{</span> <span class="n">ID</span><span class="o">:</span> <span class="n">id</span><span class="p">,</span> <span class="n">Name</span><span class="o">:</span> <span class="n">payload</span><span class="o">.</span><span class="n">Name</span><span class="p">,</span> <span class="p">}</span> <span class="n">_</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">customers</span><span class="o">.</span><span class="n">UpdateOnlyColumns</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="p">[]</span><span class="kt">string</span><span class="p">{</span><span class="s">"name"</span><span class="p">},</span> <span class="n">customer</span><span class="p">)</span> <span class="c">// OR customers.Update(ctx, customer)</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">if</span> <span class="n">pg</span><span class="o">.</span><span class="n">IsErrNoRows</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithStatus</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusNotFound</span><span class="p">)</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Display a success message.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StatusCode</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusOK</span><span class="p">)</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">Map</span><span class="p">{</span><span class="s">"message"</span><span class="o">:</span> <span class="s">"Customer updated successfully"</span><span class="p">})</span> <span class="p">}</span> <span class="k">func</span> <span class="n">deleteCustomer</span><span class="p">(</span><span class="n">ctx</span> <span class="n">iris</span><span class="o">.</span><span class="n">Context</span><span class="p">)</span> <span class="p">{</span> <span class="c">// Get the id from the path parameter.</span> <span class="n">id</span> <span class="o">:=</span> <span class="n">ctx</span><span class="o">.</span><span class="n">Params</span><span class="p">()</span><span class="o">.</span><span class="n">Get</span><span class="p">(</span><span class="s">"id"</span><span class="p">)</span> <span class="c">// Get the repository of Customer type through pg.Repository middleware package-level function.</span> <span class="n">customers</span> <span class="o">:=</span> <span class="n">pg</span><span class="o">.</span><span class="n">Repository</span><span class="p">[</span><span class="n">Customer</span><span class="p">](</span><span class="n">ctx</span><span class="p">)</span> <span class="c">// Delete the customer by the id.</span> <span class="n">_</span><span class="p">,</span> <span class="n">err</span> <span class="o">:=</span> <span class="n">customers</span><span class="o">.</span><span class="n">Delete</span><span class="p">(</span><span class="n">ctx</span><span class="p">,</span> <span class="n">Customer</span><span class="p">{</span><span class="n">ID</span><span class="o">:</span> <span class="n">id</span><span class="p">})</span> <span class="k">if</span> <span class="n">err</span> <span class="o">!=</span> <span class="no">nil</span> <span class="p">{</span> <span class="k">if</span> <span class="n">pg</span><span class="o">.</span><span class="n">IsErrNoRows</span><span class="p">(</span><span class="n">err</span><span class="p">)</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithStatus</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusNotFound</span><span class="p">)</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StopWithError</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusInternalServerError</span><span class="p">,</span> <span class="n">err</span><span class="p">)</span> <span class="p">}</span> <span class="k">return</span> <span class="p">}</span> <span class="c">// Display a success message.</span> <span class="n">ctx</span><span class="o">.</span><span class="n">StatusCode</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">StatusOK</span><span class="p">)</span> <span class="n">ctx</span><span class="o">.</span><span class="n">JSON</span><span class="p">(</span><span class="n">iris</span><span class="o">.</span><span class="n">Map</span><span class="p">{</span><span class="s">"message"</span><span class="o">:</span> <span class="s">"Customer deleted successfully"</span><span class="p">})</span> <span class="p">}</span> </code></pre> </div> <p>The <code>pg.DB</code> function returns the current database instance associated with the Iris context. You can use this instance to perform any database operations using the <code>pg</code> package API. The <code>pg.Repository</code> function returns a generic repository interface for the given model type associated with the Iris context. You can use this interface to perform common CRUD operations using type-safe methods. In this example, we use the repository interface to insert and select customers.</p> <h2> How to run the example? </h2> <p>To run the example, you need to:</p> <ol> <li>Clone the <a href="https://github.com/iris-contrib/middleware/tree/master/pg" rel="noopener noreferrer">PG middleware repository</a> and navigate to the <code>_examples/basic</code> folder.</li> <li>Install the dependencies using <code>go mod tidy</code>.</li> <li>Start a PostgreSQL server and create a database named <code>test_db</code>.</li> <li>Run the main.go file using <code>go run main.go</code>.</li> <li>Use a tool like <a href="https://www.postman.com/" rel="noopener noreferrer">Postman</a> or <a href="https://curl.se/" rel="noopener noreferrer">curl</a> to test the API endpoints: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Create a new customer</span> curl <span class="nt">-X</span> POST <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="nt">-d</span> <span class="s1">'{"name":"Alice"}'</span> http://localhost:8080/api/customer <span class="c"># Get a customer by id</span> curl <span class="nt">-X</span> GET http://localhost:8080/api/customer/1f8c9a7c-6b7c-4f0e-8a1d-9f2a9c3b7b8e <span class="c"># Update a customer by id</span> curl <span class="nt">-X</span> PUT <span class="nt">-H</span> <span class="s2">"Content-Type: application/json"</span> <span class="nt">-d</span> <span class="s1">'{"name":"Bob"}'</span> http://localhost:8080/api/customer/1f8c9a7c-6b7c-4f0e-8a1d-9f2a9c3b7b8e <span class="c"># Delete a customer by id</span> curl <span class="nt">-X</span> DELETE http://localhost:8080/api/customer/1f8c9a7c-6b7c-4f0e-8a1d-9f2a9c3b7b8e </code></pre> </div> <h2> Conclusion </h2> <p>In this article, we have shown you how to use PG middleware to connect Iris and PostgreSQL in a simple and type-safe way. We have also demonstrated how to use PG middleware features such as transactions, schema creation and validation, query tracing and error handling. We have also shown how to use PG middleware to create a simple REST API for managing customers.</p> <p>We hope you find PG middleware useful and easy to use. If you have any feedback or questions, please feel free to open an issue or a pull request on <a href="https://github.com/iris-contrib/middleware/tree/master/pg" rel="noopener noreferrer">GitHub</a>. Thank you for reading!🙏</p> iris postgres go webdev