DEV Community: Tanmay Vaish

How to Implement Authentication and Authorization in Golang.

Tanmay Vaish — Sun, 05 Feb 2023 06:12:17 +0000

In today's world, security is a critical aspect of any application and it's crucial to ensure that the application and its data are protected from unauthorized access. In this blog, we will dive into the implementation of Role-Based Access Control (RBAC) and Authentication in Golang, which are essential security mechanisms to secure your application and its data. We will explore how to implement RBAC and authentication in Golang and what steps are necessary to implement it effectively. So, grab a cup of coffee and get ready to learn about securing your application with RBAC and authentication in Golang!

🤔 Understanding JSON Web Token (JWT)

JWT, or JSON Web Token, is a widely used standard for authentication and authorization on the web. It is a compact and self-contained token that contains information about the authentication of a user. In our blog, we will be using JWT for authentication.

A JWT token typically consists of three parts:

Header: The header defines the type of the token and the signing algorithm used.
Payload: The payload contains the claims or information about the user, such as their name, ID, and roles.
Signature: The signature is used to verify that the token has not been altered during transmission and is signed using a secret key known only to the server.

In summary, using JWT for authentication means that we will verify the user's identity by exchanging JWT tokens between the client and server and verifying the token's signature to ensure its authenticity.

🏁 Initializing the Project

Let's start with the project. Follow the below steps:

1️⃣ Creating project repository:

Let's name our repository go-auth.

mkdir go-auth
cd go-auth

2️⃣ Initializing the new go module:

The below command initializes a new Go module to track your code's dependencies.

go mod init go-auth

You will see a go.mod file created in the repository after this command.

3️⃣ Downloading Dependencies:

Now that we have a module to track our dependencies, let's quickly install all the dependencies necessary for our project.

We plan to utilize the following dependencies in our project:

gin-gonic - A high-performance HTTP web framework for the Go programming language.
gorm - An ORM library for Go that allows interaction with relational databases.
postgres - A Go library for GORM PostgreSQL Driver
jwt-go - A Go library for encoding and decoding JSON Web Tokens (JWT).
godotenv - A Go library for managing environment variables from a .env file.
bcrypt - A Go library that implements the bcrypt password hashing function.

go get github.com/gin-gonic/gin
go get gorm.io/gorm
go get gorm.io/driver/postgres
go get github.com/dgrijalva/jwt-go
go get github.com/joho/godotenv
go get golang.org/x/crypto/bcrypt

🗂️ Setting up server directories/packages

For the organization of our server, we will categorize the directories into the following sections:

routes - This directory will contain the definitions of the different routes for the server, which map URLs to specific functions.
controllers - This directory will hold the functions that will handle the incoming requests and interact with the models and other components.
models - This directory will store the data models that represent the objects in the application and their relationships.
middlewares - This directory will contain any middleware functions that process requests and responses, such as authentication or logging.
utils - This directory will house various utility functions that are used throughout the application, such as helper functions or custom data types.

These directories will also serve as packages.

📦 Defining the Packages

1️⃣ Defining Models:

We will now proceed with setting up the models for our application.

User - This model will represent a user of the application and will likely include fields such as username, email, and password.

// PATH: go-auth/models/User.go

package models

import "gorm.io/gorm"

type User struct {
    gorm.Model
    Name     string `json:"name"`
    Email    string `gorm:"unique" json:"email"`
    Password string `json:"password"`
    Role     string `json:"role"`
}

Claims - This model will contain information about the claims associated with a JSON Web Token (JWT). It will include the standard claims defined by the JWT specification, as well as a field for the user's role within the application.
```
// PATH: go-auth/models/Claims.go

package models

import "github.com/dgrijalva/jwt-go"

type Claims struct {
    Role string `json:"role"`
    jwt.StandardClaims
}
```

2️⃣ Initializing Database:

Having our models ready, let's Initialize and set up a connection to a PostgreSQL database using the GORM library.

// PATH: go-auth/models/index.go

package models

import (
    "fmt"

    "gorm.io/driver/postgres"
    "gorm.io/gorm"
)

type Config struct {
    Host     string
    Port     string
    User     string
    Password string
    DBName   string
    SSLMode  string
}

var DB *gorm.DB

func InitDB(cfg Config) {

    dsn := fmt.Sprintf("host=%s user=%s password=%s dbname=%s port=%s sslmode=%s", cfg.Host, cfg.User, cfg.Password, cfg.DBName, cfg.Port, cfg.SSLMode)

    db, err := gorm.Open(postgres.Open(dsn), &gorm.Config{})
    if err != nil {
        panic(err)
    }

    if err := db.AutoMigrate(&User{}); err != nil {
        panic(err)
    }

    fmt.Println("Migrated database")

    DB = db
}

Let's understand the above code in detail:

The Config struct holds the configuration values for the database connection, such as the host, port, user, password, database name, and SSL mode.
The DB variable is a global variable that will store the instance of the database connection.
The InitDB function is used to initialize the database connection using the values from the Config struct. It generates the data source name (DSN) string from the configuration values.
- It opens a connection to the PostgreSQL database using the GORM library and the generated DSN. If there is an error, it panics.
- It automatically migrates the User model by calling AutoMigrate. This creates the necessary table in the database if it doesn't exist. If there is an error, it panics.
- It sets the global DB variable to the instance of the database connection.

3️⃣ Creating Routes:

Now, let's define the routes for a web application using the Gin HTTP framework.

// PATH: go-auth/routes/auth.go

package routes

import (
    "go-auth/controllers"

    "github.com/gin-gonic/gin"
)

func AuthRoutes(r *gin.Engine) {
    r.POST("/login", controllers.Login)
    r.POST("/signup", controllers.Signup)
    r.GET("/home", controllers.Home)
    r.GET("/premium", controllers.Premium)
    r.GET("/logout", controllers.Logout)
}

This code defines the routes for the web application but does not handle the logic for each route. That logic is implemented in the controllers package.

Let's understand the above code in detail:

The AuthRoutes function takes a gin.Engine instance as an argument and sets up the routes for the application.
Using the r.POST method, a route for a login request is defined that maps to the Login function in the controllers package.
Similarly, using the r.POST method, a route for a signup request is defined that maps to the Signup function in the controllers package.
Using the r.GET method, a route for a home request is defined that maps to the Home function in the controllers package.
Using the r.GET method, a route for a premium request is defined that maps to the Premium function in the controllers package.
Using the r.GET method, a route for a logout request is defined that maps to the Logout function in the controllers package.

4️⃣ Defining `main.go` (The Driver Code):

This is the main driver code that will orchestrate the whole project.

// PATH: go-auth/main.go

package main

import (
    "go-auth/models"
    "go-auth/routes"
    "log"
    "os"

    "github.com/gin-gonic/gin"
    "github.com/joho/godotenv"
)

func main() {
    // Create a new gin instance
    r := gin.Default()

    // Load .env file and Create a new connection to the database
    err := godotenv.Load()
    if err != nil {
        log.Fatal("Error loading .env file")
    }
    config := models.Config{
        Host:     os.Getenv("DB_HOST"),
        Port:     os.Getenv("DB_PORT"),
        User:     os.Getenv("DB_USER"),
        Password: os.Getenv("DB_PASSWORD"),
        DBName:   os.Getenv("DB_NAME"),
        SSLMode:  os.Getenv("DB_SSLMODE"),
    }

    // Initialize DB
    models.InitDB(config)

    // Load the routes
    routes.AuthRoutes(r)

    // Run the server
    r.Run(":8080")
}

This is the main function of the application. It performs the following actions:

Creates a new instance of the Gin web framework.
Loads the environment variables from a .env file.
Initializes the database connection using the configurations obtained from the environment variables.
Calls the AuthRoutes function to define the routes for the application.
Starts the web server on port 8080.

Meme Time:

Tired? Refresh your mind with this Low Effort Meme:

*le gophers after reading this much.

5️⃣ Defining Controllers:

This will contain all the logic for the authentication and authorization which was previously mapped in routes package.

// PATH: go-auth/controllers/auth.go

package controllers

import (
    "go-auth/models"
    "time"

    "go-auth/utils"

    "github.com/dgrijalva/jwt-go"
    "github.com/gin-gonic/gin"
)

// The string "my_secret_key" is just an example and should be replaced with a secret key of sufficient length and complexity in a real-world scenario.
var jwtKey = []byte("my_secret_key")

This code consists of several functions each handling different parts of the authentication process.

Login: Handles user login requests by receiving user credentials, verifying if the user exists, and checking if the provided password is correct. If everything is okay, it generates a JSON Web Token (JWT) and sets it as a cookie in the client's browser.

// PATH: go-auth/controllers/auth.go

func Login(c *gin.Context) {

    var user models.User

    if err := c.ShouldBindJSON(&user); err != nil {
        c.JSON(400, gin.H{"error": err.Error()})
        return
    }

    var existingUser models.User

    models.DB.Where("email = ?", user.Email).First(&existingUser)

    if existingUser.ID == 0 {
        c.JSON(400, gin.H{"error": "user does not exist"})
        return
    }

    errHash := utils.CompareHashPassword(user.Password, existingUser.Password)

    if !errHash {
        c.JSON(400, gin.H{"error": "invalid password"})
        return
    }

    expirationTime := time.Now().Add(5 * time.Minute)

    claims := &models.Claims{
        Role: existingUser.Role,
        StandardClaims: jwt.StandardClaims{
            Subject:   existingUser.Email,
            ExpiresAt: expirationTime.Unix(),
        },
    }

    token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)

    tokenString, err := token.SignedString(jwtKey)

    if err != nil {
        c.JSON(500, gin.H{"error": "could not generate token"})
        return
    }

    c.SetCookie("token", tokenString, int(expirationTime.Unix()), "/", "localhost", false, true)
    c.JSON(200, gin.H{"success": "user logged in"})
}

Signup: Handles user signup requests by receiving user information, checking if the user already exists, hashing the password, and creating a new user in the database.

// PATH: go-auth/controllers/auth.go

func Signup(c *gin.Context) {
    var user models.User

    if err := c.ShouldBindJSON(&user); err != nil {
        c.JSON(400, gin.H{"error": err.Error()})
        return
    }

    var existingUser models.User

    models.DB.Where("email = ?", user.Email).First(&existingUser)

    if existingUser.ID != 0 {
        c.JSON(400, gin.H{"error": "user already exists"})
        return
    }

    var errHash error
    user.Password, errHash = utils.GenerateHashPassword(user.Password)

    if errHash != nil {
        c.JSON(500, gin.H{"error": "could not generate password hash"})
        return
    }

    models.DB.Create(&user)

    c.JSON(200, gin.H{"success": "user created"})
}

Home: Handles requests to the home page by checking if the user is authorized to access it by looking for the JWT in the client's cookie and verifying it. If the user is authorized, the function returns the "home page" message along with the user's role.

// PATH: go-auth/controllers/auth.go

func Home(c *gin.Context) {

    cookie, err := c.Cookie("token")

    if err != nil {
        c.JSON(401, gin.H{"error": "unauthorized"})
        return
    }

    claims, err := utils.ParseToken(cookie)

    if err != nil {
        c.JSON(401, gin.H{"error": "unauthorized"})
        return
    }

    if claims.Role != "user" && claims.Role != "admin" {
        c.JSON(401, gin.H{"error": "unauthorized"})
        return
    }

    c.JSON(200, gin.H{"success": "home page", "role": claims.Role})
}

Premium: Similar to the Home function but only returns the "premium page" message and the user's role if the user has an "admin" role.

// PATH: go-auth/controllers/auth.go

func Premium(c *gin.Context) {

    cookie, err := c.Cookie("token")

    if err != nil {
        c.JSON(401, gin.H{"error": "unauthorized"})
        return
    }

    claims, err := utils.ParseToken(cookie)

    if err != nil {
        c.JSON(401, gin.H{"error": "unauthorized"})
        return
    }

    if claims.Role != "admin" {
        c.JSON(401, gin.H{"error": "unauthorized"})
        return
    }

    c.JSON(200, gin.H{"success": "premium page", "role": claims.Role})
}

Logout: Handles user logout requests by deleting the JWT cookie in the client's browser.

// PATH: go-auth/controllers/auth.go

func Logout(c *gin.Context) {
    c.SetCookie("token", "", -1, "/", "localhost", false, true)
    c.JSON(200, gin.H{"success": "user logged out"})
}

The JWT is encrypted and signed using the HS256 algorithm and the secret key jwtKey.

REMEMBER: The string "my_secret_key" is just an example and should be replaced with a secret key of sufficient length and complexity in a real-world scenario.

6️⃣ Creating Utility Function:

We are going to need these 3 utility functions in our project.

GenerateHashPassword: This function takes a plain text password as input and returns a hash value generated from it using a one-way hashing algorithm. The purpose of this function is to store a user's password securely in the database. This way, even if the database is compromised, the attacker cannot retrieve the original password as it is encrypted.
```
// PATH: go-auth/utils/GenerateHashPassword.go

package utils

import "golang.org/x/crypto/bcrypt"

func GenerateHashPassword(password string) (string, error) {
    bytes, err := bcrypt.GenerateFromPassword([]byte(password), 14)
    return string(bytes), err
}
```

CompareHashPassword: This function takes the user input password and the hashed password stored in the database and compares them. If the hashes match, it returns true. This function is used to verify if the user has entered the correct password during login.

// PATH: go-auth/utils/CompareHashPassword.go

package utils

import "golang.org/x/crypto/bcrypt"

func CompareHashPassword(password, hash string) bool {
    err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
    return err == nil
}

ParseToken: This function takes a JWT token as input and returns the claims contained in it. Claims are a set of key-value pairs that represent the information being transmitted between parties. In this case, the claims may include the subject (email), role, and expiration time of the token. This function is used to validate if the token is legitimate and to retrieve information contained in it.

// PATH: go-auth/utils/ParseToken.go

package utils

import (
    "go-auth/models"

    "github.com/dgrijalva/jwt-go"
)

func ParseToken(tokenString string) (claims *models.Claims, err error) {
    token, err := jwt.ParseWithClaims(tokenString, &models.Claims{}, func(token *jwt.Token) (interface{}, error) {
        return []byte("my_secret_key"), nil
    })

    if err != nil {
        return nil, err
    }

    claims, ok := token.Claims.(*models.Claims)

    if !ok {
        return nil, err
    }

    return claims, nil
}

7️⃣ Creating Middlewares:

This is an example of middleware for authorization. You can use this to authorize any route you create.

// PATH: go-auth/middlewares/isAuthorized.go

package middlewares

import (
    "go-auth/utils"

    "github.com/gin-gonic/gin"
)

func IsAuthorized() gin.HandlerFunc {
    return func(c *gin.Context) {
        cookie, err := c.Cookie("token")

        if err != nil {
            c.JSON(401, gin.H{"error": "unauthorized"})
            c.Abort()
            return
        }

        claims, err := utils.ParseToken(cookie)

        if err != nil {
            c.JSON(401, gin.H{"error": "unauthorized"})
            c.Abort()
            return
        }

        c.Set("role", claims.Role)
        c.Next()
    }
}

The function IsAuthorized returns a Gin handler function, which is used to process HTTP requests and responses in a Gin web application.

The handler function retrieves the "token" cookie from the incoming HTTP request and tries to parse it using the ParseToken function from the utils package. If the cookie is missing or the parsing fails, the function returns a JSON response with a 401 Unauthorized HTTP status code and an error message, indicating that the user is not authorized to access the requested resource.

If the token parsing is successful, the function sets the "role" value in the context object (c) to the value of the "Role" claim in the parsed token, and calls the Next method to continue processing the request in the next middleware or handler in the middleware chain.

😇 Conclusion

In conclusion, implementing authentication and authorization in Golang is a straightforward process. By following the steps outlined in this article, you can create a secure and efficient authentication and authorization system for your Golang application. Whether you are building a simple web app or a complex enterprise system, Golang provides all the tools you need to ensure that your users' data is protected. By using JWT tokens and hashing techniques, you can ensure that your authentication and authorization system is reliable, scalable, and easy to maintain. With the right tools and knowledge, you can make your Golang application a secure and trusted platform for your users.

GitHub Repository of the Project: https://github.com/tanmayVaish/go-auth

Why Golang is a Good Choice for Developers in 2023

Tanmay Vaish — Tue, 17 Jan 2023 07:17:19 +0000

🚀 As technology continues to advance at a rapid pace, it's important for developers to stay current with the latest programming languages and tools. In recent years, Go (or Golang) has emerged as a powerful and efficient option for developers, and it's only becoming more popular.

Here are the top 5 reasons why Go is a great choice for developers in 2023:

1. 💻 Concurrency is built-in

One of the standout features of Go is its built-in concurrency support. This makes it easy for developers to write concurrent code and take full advantage of multi-core processors. This makes Go a great choice for building high-performance systems, such as web servers, that need to handle a large number of concurrent connections.

2. 🚀 Fast compilation

Go is a compiled language, which means it's translated into machine code before being executed. This makes it much faster than interpreted languages like Python. Additionally, Go's compilation process is incredibly fast, making it a great choice for developers who need to iterate quickly.

3. 💼 Great for building web apps

Go is often used to build web applications, thanks to its built-in support for HTTP and its lightweight, minimalist syntax. Additionally, the Go standard library includes everything you need to build a web app, including a router and a template engine.

4. 🌍 Growing Community

Go has a large and growing community of developers, with a lot of resources available to learn from. With the increasing popularity of the language and more and more companies using it, there's a lot of opportunity for developers who know Go.

5. 📚 Easy to Learn

Go is designed to be easy to read and write, with a simple and consistent syntax. It's a great choice for developers who are new to programming or who are looking to learn a new language.

If you are shifting from languages like C++, it will be a very smooth ride for you.

🔍 Real World Applications

Companies such as Uber, Netflix, Dropbox, and Soundcloud have all used Go in their production systems. Below are some areas where go is being used prominently:

🚀 Distributed Systems: Go's built-in concurrency support makes it a great choice for building distributed systems. For example, Uber uses Go to power their distributed data pipeline, which processes over a billion events per second.

🌍 Networking: Go's lightweight and efficient nature makes it well-suited to networking applications. For example, Dropbox uses Go to power its LAN sync feature, which allows users to sync files between computers on the same network.

💼 Web Applications: Go's built-in support for HTTP and lightweight syntax make it a great choice for building web applications. For example, Soundcloud uses Go to power its web server, which serves over 75 million active users.

💻 Microservices: Go's a fast compilation and efficient runtime making it a great choice for building microservices. For example, Netflix uses Go to power some of its microservices, which handle tasks such as user authentication and content recommendations.

🚀 Go is also being used to build command-line tools, machine-learning applications, and even games.

🤔 What are you waiting for?

Go is a powerful and efficient programming language that is well-suited to building high-performance systems. Its built-in concurrency support, fast compilation, and growing community make it a great choice for developers in 2023. Whether you're a beginner or an experienced developer, Go is worth considering as you plan your next project.

7 New features In JavaScript You Should Try In 2022🔥!

Tanmay Vaish — Sun, 09 Jan 2022 18:06:45 +0000

JavaScript has been getting continous updates since 2015, every update more awesome than the other. Everytime these updates are out, programmers from all around the world gets eager to test it out.

So, to all the impatient programmers out there, Today, I have brought bunch of cool feature proposals for you to check out this year. These made their way to the Stage 4 and are lined up to be part of the Standard EcmaScript probably till June 2022.

SOURCE: https://medium.com/geekculture/typescript-vs-javascript-e5af7ab5a331

1️⃣ Private Methods and Accessor for Classes

To full leverage OOP's (Object Oriented Programming) Data Hiding Concept, This proposal provides any element inside a class to be private, let it be fields, methods or accessors(getter/setter). Thus, we can easily focus on data security🔒.

class ButtonToggle extends HTMLElement {
    color = 'green';
    #value = true;
    toggle(){
        this.#value = !this.#value;
    }
}
const button = new ButtonToggle();
console.log(button.color);
// green - public fields are accessible from outside classes
// SyntaxError: can't be accessed or modified from outside the class
console.log(button.#value); 
button.#value = false;

We have used # before the field to signify it as a private field.

2️⃣ Top Level `await`

Till now, we have been using await operator only with a async (asynchronous) function. What if I tell you that you can use await without the async function with this feature.

Yes, We can use it! at the top level of a module without declaration of a async.

Isn't it cool?

const params = new URLSearchParams(location.search);
const language = params.get('lang');
const messages = await import(`./messages-${language}.mjs`); // (A)

console.log(messages.welcome);

The dynamic import in line (A) is almost as convenient as using a normal, static import since we’re using top-level await.

Now the question arises that

Why would we need a `await` at the top level of a module🤔?

✅ Some modules contains asynchronously loaded data, thus It ensures that modules don’t access asynchronous imports before they are fully initialized.
✅ In addition, Asynchronous modules are handled transparently by the system: Importers do not need to know if they are asynchronous or not.

However, top-level await slows down initialization of importing modules.

3️⃣ Private Slot Checks

Did you know? Private fields have a built-in "brand check", which means that if you try to access a private field within an object that doesn't have it installed, the process throws an exception.

So, to check if object has a private slot or not, in operator is used.

class Color {
  #name;
  constructor(name) {
    this.#name = name;
  }
  static check(obj) {
    return #name in obj; // (A)
  }
}

*In the code above, we are checking if object obj has private slot #name or not.

We can use in operator to check private fields and methods as well as static fields and methods.

4️⃣ `new Error()` method

Errors are a great way to diagnose runtime irregularies. This proposals brings forward concept of chaining errors with causes to additionally help in diagnosing these runtime irregularities.

So, now we can specify the exact error that caused the current error by using new Error and its subclasses.

function readFiles(filePaths) {
  return filePaths.map(
    (filePath) => {
      try {
        // ···
      } catch (error) {
        throw new Error(
          `While processing ${filePath}`,
          {cause: error}
        );
      }
    });
}

The property cause in used to get additional information on the error.

5️⃣ `.at()` function

This one's a little interesting!! .Till now, we have been using square brackets [] for indexing purposes in JavaScript.

But, What if we use negative indices instead in this technique?

arr = [1,2,3,4,5]
arr[3] // 4

arr[-1] // (A)
// the code breaks here!

*The code just breaks at line (A)

In contrast, Array method .at() does the same task but supports both positive and negative indices. Thus, we can access the same list in reverse order with the use of negative indexing.

arr.at(-1) // 5
arr.at(-3) // 3

## 6️⃣ RegExp Match Indices

This one is a very useful addition the match object. The match indices are a feature of match objects. If we enable it via the regular expression flag /d, they provide the start and end indexes of where each group was captured.

const fruits = 'Fruits: mango, mangosteen, orange'
const regex = /(mango)/g;

// matchAll
const matches = [...fruits.matchAll(regex)];
matches[0];

 [
   "mango",
   "mango",
   index: 8,
   input: 'Fruits: mango, mangosteen, orange',
   groups: undefined
 ]

Look closely what we are going to do next. the /mango/g will now be converted to /mango/gd.

// /gd instead of the previous /g
const regex = /(mango)/gd;
const matches = [...fruits.matchAll(regex)];
matches[0];

 [
 "mango",
 "mango",
 groups: undefined,
 index: 8,
 indices:[]
  [8, 13],
  [8, 13]
 ]

Just with the addition of a /d in the Regex, our match object will provide us with a additional property indices.

7️⃣ Object.hasOwn Function

This proposal is meant to redefine the Object.hasOwnProperty, simplifying the unnecessary hassels faced by the programmer.

Its working is Simple! If the specified object has the specified property as its own property, the Object.hasOwn() static method returns true. If the specified property is inherited, or does not exist, the method returns false.

let hasOwnProperty = Object.prototype.hasOwnProperty

if (hasOwnProperty.call(object, "foo")) {
  console.log("has property foo")
}

This was the code that we were writing till now!🔝

if (Object.hasOwn(object, "foo")) {
  console.log("has property foo")
}

Look, How much it simplified the code🔝 !!

Thus, Object.hasOwn() will replace Object.hasOwnProperty is year💡!

What's Next ⁉️

There might be some more feature that can be added to EcmaScript 2022. So, Stay tuned and follow me on:

Twitter: https://twitter.com/tanmay_vaish

LinkedIn: https://www.linkedin.com/in/tanmay-vaish/

GitHub: https://github.com/tanmayVaish

Hashnode: https://hashnode.com/@tanmayVaish

Acknowledgements

13 Reasons Why You Should Use Linux!!

Tanmay Vaish — Tue, 19 Oct 2021 10:01:17 +0000

People usually think: "If it so easy to run Windows, Why should I use Linux". Honestly writing, they are pretty much right about it too. There are lots and lots of features which Linux will always have a hard time providing to its users.

But when it comes to reliability and solidity, Everyone knows that Linux is the one-stop solution, let it be servers running the internet or for storage of our cloud data. Even, Microsoft uses Linux to run Azure (Yeah, It does!!😱).

Its open source nature also plays a vital part on its awesomeness🌟. Think, if all the greatest mind in this whole world participate to create a product, Will anything else could compete to that? The answer is straight away NO. That's what Linux is...

No specific hardware requirement or anything. Just download it and use and customize it however you please.

Anyways, I am going to list down 13 points which leave you mesmerized, making you eager to switch your Operating System right now!!

1. Free and Open Source 😋

Linux does not cost you a penny (other than your data charges during its installation ✨).

Talking about Windows, it will roughly cost you from around $140 to $200 at best buy. While for MacOS, You have exclusively buy a iMac or Macbook which are not cheap (I must add).

In Linux, after the download, it is ALL YOURS. No more hidden charges, add-on packs or anything. Interestingly, with its open source nature, you can view the source code 😱, giving you the freedom to add, remove or modify whatever features you want (according to your technical skills 🤓).

Many Companies and Programmers create their versions of Linux to get the best benefits for their work.

2. Easy to Use 🥮

"Is this guys gone mad!!" - you must be thinking, but NO!!

Trust me, It is very easy to use and comprehend. Its just that, people tend to get swayed by the distros currently trending, which are generally hard to use.

Operating Systems like Arch, Gentoo are such distros which are not only hard to use but also hard to install. Start with less complicated distros like Ubuntu, Solus etc. They provide easy GUI (Graphical User Interfaces) for installation and Software management. Moreover, use Window Managers/ Desktop Environment like Gnome 40 or Budgie, they provide great GUIs for your Linux which makes your overall experience very easy and efficient🥳.

Moreover, after sometime on Linux, you will start to admire CLI(Command Line Interface). Why? 'cause it just makes your work very fast. Type one command and its done🤩. Isn't it cool🔥?

3. Multiplicity 👏

Source

Have you ever heard of the term Distro-Hopping⁉️? It is actually a activity or hobby of enthusiastic Linux users where they frequently switch between different distros. Can you Imagine? There are so many distros, that it has become a sport to switch between🤩. Never getting bored again!!

There is no end to the versions and variety of Linux. There is a particular Linux for every possible task, specializing in providing configuration, packages and customization to ease your work of setting up again and again🤩.

Let it be Programming, Hacking , DevOps or if you have a low-end desktop, Linux have got you covered. You can even make one for your own and publish it for anyone from your field to use. Isn't it amazing?🔥.

4. Cyber Security 🕵️‍♂️

There is no way in heaven 🌌, that you can start your journey to become a cyber security expert/hacker without knowing 'L' of "Linux". The security and transparency of Linux provides just makes it ideal for the hacking purposes😯.

A good hacker knows their operating system perfectly, and even more importantly, the operating system they will be attacking. Linux allows the user to see and manipulate all of its components, thus the reason for its popularity🔥 among the cyber security experts.

Linux Distros like Kali, Parrot etc. provide great deal of pre-configured software system and scripts needed to practice or perform a hack.

5. Cloud and Web Servers ☁️

The majority of Web Servers and Cloud platforms out there are running on Linux💡. With its reliability, organizations can deliver apps, content, and services to their customers at a low cost but at the same time provide performance, stability, security and it is scalable🙀. And don't forget what I previously mentioned, Even Microsoft uses it for its Azure cloud infrastructure.

Around 96.3% of the world’s top million servers run on Linux (cloud providers, web hosting, etc.).

Read this: https://www.wired.com/2015/09/microsoft-using-linux-run-cloud/

In addition, Linux shell offers interface that let you make decisions, execute commands repeatedly, create new utilities and tools, and automate server administration tasks💡. Basically, giving you absolute command over your server🔥.

6. DevOps

The DevOps workflow. Source: Pease, 2017.

*To understand the role of Linux in DevOps, we first have to understand what is Devops!🤔

What is DevOps?

The DevOps methodology is an approach that unifies software development with IT operations. The plan emphasizes fast software delivery through automation, integration, close collaboration, and open communication.

Now, that we know, lets talk about how Linux and DevOps go hand in hand🤝.

Scalability ✔️

Scalability is the key🔑 to DevOps Flow-cycle, Thanks to Linux, you can store and compute any number of processes, and also can run it on anything and anywhere 🔥.
Software Delivery Pipelines ✔️

All the software delivery pipelines are deployed on Linux servers. Thus, It becomes very easy to run tests on your system before deploying it to the servers🔥.

*There are many more example but I am going to omit them as those points are pretty much repetitive of what I said before in this article.

7. Customizable 👨‍🔧

Source

With the necessary Imagination and Technical skills🤓, you can customize your Linux OS to its fullest capabilities both in a visual and configuration-wise manner😮.

Following are some ways you can customize your Linux:

Twitching with its Desktop Utilities like File Manager, Window Manager etc.✔️
Installing new Desktop Themes.✔️
Configuring Better Shells for your CLI like fish.✔️
Installing new Icons and Fonts.✔️
Exploring new Package Managers.✔️
Writing Scripts to automate your work.✔️

There are also several tools which helps you customize you system for you. Like, you can use System Monitoring Tools like Conky to monitor all your hardware and tasks from your desktop.

8. Awesome Community Support 🤝

Due to its reliability and awesomeness, Linux, over the years, has accumulated popularity🔥 among a vast amount of people. The passion and curiosity led them to create many communities, forums, subreddits etc.💡 which are really welcoming and helpful to new comers. You can ask any questions there⁉️, Like having trouble to install anything or issue setting up your new Window Manager, the community will respond to it very fast.

Moreover, There are not few in numbers either, there is at least one dedicated community for every Linux OS out there🤩.

Can you believe? You are getting super awesome support system without even spending a penny.

*Once familiar with Linux, you can also contribute in these communities by resolving other user's queries posted over at the forums.

9. Independence 💁‍♂️

Source

Linux is a Open Source software with no proprietor of any sort💡, which gives you the freedom to own your OS, using it however you want with no questions asked🔥.

Thus, you will be having root access from the start💡! It just gives you more privacy🔐 as nobody is there to keep check what you are doing with your PC.

You can exclusively create Users and set what permissions you want to give it to them.

10. Secure 👮

Source

Linux's Superior User Privilege Model and Built-in Kernel Defense System just makes it less vulnerable to any viruses or malware, than any proprietor OS like Windows and Mac💡.

If you want to run any command or file which can change system configuration, you have to be logged in as root💡. Malicious programs and viruses require root privileges to make any change or damage to the Linux system, which they don't get, rendering them invalid🤭.

Linux also saves your precious money which you would have spent on the purchase of expensive anti-virus software to keep your system virus-free.

Moreover, due to it being open source, all the source code gets reviewed and any vulnerabilities if found gets patched immediately💡.

11. Hardware Compatibility ⚙️

Source

*Linux can run on just about anything!! From a super small raspberry pi to a huge super computer.

Thanks to Linux's customization flexibility🌟, it can easily condensed down into small OS package which can cater the need of Low-End Systems. In fact, Linux Community is very famous for its miracles in the revival of outdated yet working hardware systems✨.

If you just started college and possibly don't have the budget to buy a high-end laptop. You can consider buying a Low-End one and installing Linux to get the same user experience at a lesser price.

Conclusively, If you do not have a High-End PC configuration, and you still want a wonderful experience. Linux will be the best choice🔥.

12. Less Bloatware 🤏

The real pain😢 I faced as a Windows user was having lots of application and programs that you do not require at that time or would never require it (bloat), but they are still there, eating all you hard disk space and processing power. It just became really annoying😒!

I mean:

Why would I want to play Candy Crush Saga in my PC?
Why do anybody want to watch advertisement in their own PC (Start Menu Ads)?

More so, removing them just becomes a tedious task😩, as there are so many you have to uninstall or disable each and every one of them manually.

On the contrary, Linux comes with just the adequate and necessary applications and programs required🔥. Moreover, you can also get your required version (with only required applications and programs) of setup too, which means, if you are a hacker, you can install distros like Kali, which provide exactly the right applications and programs for you✨.

13. Software Packages and Updates 🧑‍💻

Linux is packed with hundreds of packages from a variety of repositories✨. You can install them from Software Center (which comes with nearly every distro) or use package managers. Just type

sudo pacman -S _SOFTWARE_NAME_

and you are good to go!

Note: Package manager will also vary from distro to distro! Like, pacman for arch, eopkg for solus etc.

As opposed to other proprietary operating systems that force you to install updates (sometimes full of bugs), Linux gives you full control over how to install and update software🔥. Interestingly, Linux uses something called "Live Kernel" which lets us install any update without need of reboot the system 😱.(Again, Except the Exceptions).

What do you think??

Let me know down in the comment,

What do you think about Linux as a personalized OS?✔️
Which OS do you use? Why?✔️

DISCLAIMER: Its not like that I hate Windows or any other OS, its just that I have slight preference for Linux over any other OS.

DEV Community: Tanmay Vaish

How to Implement Authentication and Authorization in Golang.

🤔 Understanding JSON Web Token (JWT)

🏁 Initializing the Project

1️⃣ Creating project repository:

2️⃣ Initializing the new go module:

3️⃣ Downloading Dependencies:

🗂️ Setting up server directories/packages

📦 Defining the Packages

1️⃣ Defining Models:

2️⃣ Initializing Database:

3️⃣ Creating Routes:

4️⃣ Defining main.go (The Driver Code):

Meme Time:

5️⃣ Defining Controllers:

6️⃣ Creating Utility Function:

7️⃣ Creating Middlewares:

😇 Conclusion

Why Golang is a Good Choice for Developers in 2023

1. 💻 Concurrency is built-in

2. 🚀 Fast compilation

3. 💼 Great for building web apps

4. 🌍 Growing Community

5. 📚 Easy to Learn

🔍 Real World Applications

🤔 What are you waiting for?

7 New features In JavaScript You Should Try In 2022🔥!

1️⃣ Private Methods and Accessor for Classes

2️⃣ Top Level await

Why would we need a await at the top level of a module🤔?

3️⃣ Private Slot Checks

4️⃣ new Error() method

5️⃣ .at() function

7️⃣ Object.hasOwn Function

What's Next ⁉️

Acknowledgements

13 Reasons Why You Should Use Linux!!

1. Free and Open Source 😋

2. Easy to Use 🥮

3. Multiplicity 👏

4. Cyber Security 🕵️‍♂️

5. Cloud and Web Servers ☁️

6. DevOps

What is DevOps?

7. Customizable 👨‍🔧

8. Awesome Community Support 🤝

9. Independence 💁‍♂️

10. Secure 👮

11. Hardware Compatibility ⚙️

12. Less Bloatware 🤏

13. Software Packages and Updates 🧑‍💻

What do you think??

4️⃣ Defining `main.go` (The Driver Code):

2️⃣ Top Level `await`

Why would we need a `await` at the top level of a module🤔?

4️⃣ `new Error()` method

5️⃣ `.at()` function