Web Development w/ Google’s Go (golang) Programming Language

• server-side?

• #1 Go

• #3 Node.js

• #3 Python

• #4 Ruby

• #5 PHP

• 2006 first intel dual-core processor

• 2007 Google begins development of Go

• Rob Pike, Ken Thompson, Robert Griesemer

• FAQ - Why are you creating a new language?

• language features

• take advantage of multiple cores

• easy concurrency based upon Tony Hoare’s CSP

• compiled, static type, GC

• goals

• efficient compilation

• efficient execution

• ease of programming

• clean syntax

• distributed teams

• Why go for web dev?

• Go was built to do what google does

• Google is rewriting Google with Go

• 2009 open-sourced

• 2012 version 1

COURSE OUTLINE:

• THE COURSE OUTLINE IS ATTACHED TO THIS VIDEO AS A PDF

  
  

• The Code Used In This Course

  • https://github.com/GoesToEleven/golang-web-dev

• variables

  • short variable declaration operator

  • using the var keyword to declare a variable

  • scope

• data structures

  • slice

  • map

  • struct

    • composite literal

• functions

  • func (receiver) identifier(parameters) (returns) { <code> }

  • methods

• composition

  • embedded types

  • interfaces

  • polymorphism

• hands-on exercises #1 & hands-on exercises #2 ARE ATTACHED TO THIS VIDEO LECTURE.

• Bill Gates & Warren Buffet

• the one word they both chose as the most important contributor to their success: focus

• Priorities, commitment, focus

• What is important to you in your life? Prioritize.

• Can you give time everyday to that which is important? Commitment.

• Give time to the important everyday. Focus.

• Drop by drop, the bucket gets filled

Templates allow us to customize information for a use. This is how we get personalized webpages. Templates are the first thing you must learn to do web programming.

Go encourages the developer to think like a programmer. How can you solve this problem with programming? Could we create a webpage, and merge data with it, by just working with strings?

We are going to store our templates in their own files. It is customary practice to give these files a “.gohtml” extension. We will go through two steps to use our templates: (1) Parse (2) Execute. In this course, we will use ParseGlob and ExecuteTemplate. Package text/template is explained.

• steps

• PARSE the template

• EXECUTE the template

• performance

• always parse your templates upon application initialization

• do not parse your templates every time a user asks for a template

• *Template

• container that holds the parsed templates

• Quick Note

• Atom will require tweaking of keymap.cson to allow some plugins like Emmet to work on tab expansion

• 'atom-text-editor[data-grammar="text html gohtml"]:not([mini])':

'tab': 'emmet:expand-abbreviation-with-tab

• Will allow Emmet plugin to tab expand on files with the gohtml extension

When we execute our template, we can pass data into our template.

We can assign values to variables in templates.

ASSIGN

{‌{$wisdom := .}}

USE

{‌{$wisdom}}

This lecture provides you with examples of passing various data types to templates.

During execution functions are found in two function maps: first in the template, then in the global function map. By default, no functions are defined in the template but the Funcs method can be used to add them. Predefined global functions are defined in text/template.

Pipelines allow us to take the value which is output from one process or function, and pass it as the input to the next function. Also covered in this video: working with package time and formatting type Time in a template.

When parsing a template, another template may be defined and associated with the template being parsed. Template definitions must appear at the top level of the template, much like global variables in a Go program. The syntax of such definitions is to surround each template declaration with a "define" and "end" action. Comments in templates are also covered.

In this lecture, we will pass data structures into templates. We will build our data structures using composition. FYI, from wikipedia though modified: Composition is the principle that types should achieve polymorphic behavior and code reuse by their composition (by embedding other types). An implementation of composition typically begins with the creation of various interfaces representing the behaviors that the system must exhibit. The use of interfaces allows this technique to support the Polymorphic behavior that is so valuable. Types implementing the identified interfaces are built and added as needed. Thus, system behaviors are realized without inheritance.

Here are several hands-on exercises, with solutions, to help you learn how to pass data to templates.

Package html/template has all of the functionality of package text/template, plus additional functionality specific to HTML pages. In particular, package html/template has context aware escaping so that dangers like cross-site scripting are avoided.

Before we get started building our own server, there are several important things to know:

• synonymous terms in web programming

• router

• request router

• multiplexer

• mux

• servemux

• server

• http router

• http request router

• http multiplexer

• http mux

• http servemux

• http server

• client / server architecture

• request / response pattern

• like in restaurants

• OSI model

• HTTP runs on top of TCP

• HTTP is a protocol - rules of communication

• HyperText Transfer Protocol

• IETF sets recommendations for HTTP

• Request For Comment - RFC 7230 is for HTTP1.1

We can create our own tcp server using the net package from the standard library. There are three main steps: (1) Listen (2) Accept (3) Write or Read to the connection. We will use telnet to call into the TCP server we created. Telnet provides bidirectional interactive text-oriented communication using a virtual terminal connection over the Transmission Control Protocol (TCP).

Now we are going to read and write from/to our connection.

We can use the net package to create a client which dials into our TCP server.

Here are two sample TCP server apps.

Here is how we build the foundation of a TCP server to handle HTTP requests and responses. This video also introduces a hands-on exercise.

This is the solution to the hands-on exercise of retrieving the URI and displaying it. The next hands-on exercise is also introduced.

This is the solution to the hands-on exercise of creating a TCP server that handles requests & responses adhering to HTTP. The server will respond with different code according the both the method and the URI.

The best entry point to understanding the net/http package is covered. It is essential to know the standards of HTTP. The first thing you should know about the net/http package is the Handler interface. ListenAndServe takes a value which implements the handler interface.

ListenAndServe is built using what we have just learned: from the net package, Listen & Accept. ListenAndServe takes an address, the port on which you want to listen, and a Handler. It is imperative that you solidly know type Handler.

The foundation of the net/http package is type Handler and ListenAndServe. ListenAndServe takes a value of type Handler. Type Handler has two parameters of type ResponseWriter and a pointer to a Request. Understanding the relationship of these parts is essential to building web apps with Go.

There are other request values which we can retrieve such as the method and the URL.

This video will continue to reinforce your understanding of the net/http package. We will learn how to read documentation and write headers to our response.

Reviewing: type Handler, ListenAndServe, *Request, ResponseWriter.

ServeMux is an HTTP request multiplexer. A ServeMux matches the URL of each incoming request against a list of registered patterns and calls the handler for the pattern that most closely matches the URL.

• ServeMux

• NewServeMux

• We can create a *ServeMux by using NewServeMux.

• default ServeMux

• We can use the default ServeMux by passing nil to ListenAndServe.

• Handle

• takes a value of type Handler

• HandleFunc

takes a func with this signature: func(ResponseWriter, *Request)

The differences between func(ResponseWriter, *Request) and HandlerFunc are explained and illustrated.

Julien Schmidt’s package httprouter "github.com/julienschmidt/httprouter" is a trie based high performance HTTP request router.

These hands-on exercises will reinforce what you are learning.

Solutions to hands on exercises in folder 022_hands-on/01

Solutions to hands on exercises in folder 022_hands-on/02

io.Copy allows us to copy from a reader to a writer. We can use io.Copy to read from a file and then write the file to the response.

ServeContent & ServeFile both allow us to serve a single file.

The preferred method for serving files is http.FileServer.

The preferred method for serving files is http.FileServer. We will use StripPrefix to facilitate the serving of files.

There is a special case: if you have an index.html file in a directory that FileServer is serving, then the FileServer will serve that file when only the root of the directory (“/”) is asked for

Here are two pieces of code that you will sometimes see.

These hands-on exercises will help reinforce what you are learning

Here are the solutions to the hands-on exercises.

We can use the NotFoundHandler as the Handler for something that isn’t found

When deploying a project to Google Cloud, it is good to have your domain with Google Domains. This will make the configuration of your domain easier

Publishing your site on google cloud.

HTTP does not have state built into it. You could say HTTP is stateless, though it has the tools necessary for you, as a developer, to create state. In this section, we’ll learn how to create state on the web.

We can pass values through the URL. We can retrieve them with req.FormValue

When a form is submitted, we can pass the submitted values either through the request body payload or through the URL. If the form’s method attribute is post, then the values of the form are sent to the server through the request body’s payload. If the form’s method attribute is get, then the values of the form are sent to the server through the URL.

In many web programming languages, dealing with files can be a challenge. In Go, it’s easy. We’ll see in this video how to allow a user to upload a file. We’ll also see how to read that file and, if you want, create a new file to store on the server.

“When you make a POST request, you have to encode the data that forms the body of the request in some way.  HTML forms provide three methods for encoding.

On the web, we have a client / server architecture. Clients make requests, and servers write responses to those clients. The request and response are both just text that must conform to the rules of HTTP. Both the request & response have a start line, headers, and a body.

Here is a code review of redirects in action.

Cookies allow us to maintain state. We can write a unique ID to a cookie. When a client makes a request to a server at a particular domain, if there is a cookie from that particular domain on the client’s machine, the browser will include that cookie in the request. The server can then read that cookie, pull out the unique ID, and know which user is making the request. There are various methods to make this all secure, but the primary method is to use HTTPS.

How to write and read a cookie to and from a client’s machine.

Two examples showing how (1) you can write multiple cookies and (2) you can create a counter.

How to create a counter to track how many times a user has been to your website domain using a cookie.

To delete a cookie, set the “MaxAge” field to either zero or a negative number. You can expire a cookie by setting one of these two fields: Expires or MaxAge Expires sets the exact time when the cookie expires. Expires is Deprecated. MaxAge sets how long the cookie should live (in seconds).

In computer science, a session is an interactive information interchange, also known as a dialogue, a conversation or a meeting, between two or more communicating devices, or between a computer and user. A session is set up or established at a certain point in time, and then torn down at some later point.

An HTTP exchange between a browser and a server may include an HTTP cookie which identifies state using a unique ID which can be used to look up the user.

Each transaction in HTTP creates a separate connection. Maintaining session continuity between phases requires a session ID. The session ID is embedded within the <A HREF> or <FORM> links of dynamic web pages so that it is passed back to the server. The server then uses the session ID to ensure session continuity between transactions.

A unique ID session token is a unique identifier that is generated and sent from a server to a client. The client usually stores and sends the token as an HTTP cookie and/or sends it as a parameter in GET or POST queries. The reason to use session tokens is that the client only has to handle the identifier—all session data is stored on the server (usually in a database, to which the client does not have direct access) linked to that identifier.

A universally unique identifier (UUID) is an identifier standard used in software construction. A UUID is simply a 128-bit value. The meaning of each bit is defined by any of several variants. For human-readable display, many systems use a canonical format using hexadecimal text with inserted hyphen characters. For example: 123e4567-e89b-12d3-a456-426655440000 The intent of UUIDs is to enable distributed systems to uniquely identify information without significant central coordination. In this context the word unique should be taken to mean "practically unique" rather than "guaranteed unique". Since the identifiers have a finite size, it is possible for two differing items to share the same identifier. This is a form of hash collision. The identifier size and generation process need to be selected so as to make this sufficiently improbable in practice. Anyone can create a UUID and use it to identify something with reasonable confidence that the same identifier will never be unintentionally created by anyone to identify something else. Information labeled with UUIDs can therefore be later combined into a single database without needing to resolve identifier (ID) conflicts. Adoption of UUIDs is widespread with many computing platforms providing support for generating UUIDs and for parsing/generating their textual representation. Only after generating 1 billion UUIDs every second for the next 100 years would the probability of creating just one duplicate would be about 50%.

Creating a session ID for looking up user info.

Creating a user sign-up page. Processing the form submission. Storing information in our maps.

Bcrypt is a password hashing function designed by Niels Provos and David Mazières. Besides incorporating a salt to protect against rainbow table attacks, bcrypt is an adaptive function: over time, the iteration count can be increased to make it slower, so it remains resistant to brute-force search attacks even with increasing computation power. The bcrypt function is the default password hash algorithm for OpenBSD and other systems including some Linux distributions such as SUSE Linux. We will use bcrypt to encrypt user passwords before storing them.

We will create a form that allows a user to login. We will then check the login credentials to see if the user successfully authenticates.

We will create the functionality to allow a user to logout. This will end the user’s session

We will add the ability for different users to have different permissions. These different permissions will allow some users to access some areas, while others can’t. For instance, if someone had “admin” rights, then they could access the “admin” areas.

We will create the ability for a user’s session to expire after a certain period of time. We will need to clear the user’s cookie, and remove the entry in the session’s map which stores that user’s session. In addition, we will want to clear out our session’s map on some interval. We will use the “MaxAge” field of the cookie to set the length of time, in seconds, that a cookie lasts.

We will look at some of the various parts of Amazon Web Services (AWS) including: EC2 (Elastic Compute Cloud), S3 (Simple Storage Service), RDS, DynamoDB, ElastiCache, Elastic BeanStalk, and Route 53. CLoud computing is covered, as is IAAS, PAAS, SAAS.

We will create a virtual machine running linux ubuntu on Amazon’s elastic cloud computing.

Uploading code to EC2 involves a few steps. First we will build our binary to run on the correct architecture and operating system. Then we will use secure copy to copy our binary to the remote server. After that, we will use secure shell to log into our remote server and run our code.

To have an application continue running after our terminal session ends, we must complete a few steps. Specifically, we will be using systemd. systemd is an init system used in Linux distributions to bootstrap the user space and manage all processes. One of systemd's main goals is to unify basic Linux configurations and service behaviors across all distributions. As of 2015, most Linux distributions have adopted systemd as their default init system.

For this hands-on exercise, deploy the code in "030_sessions/08_expire-session" and get it running on AWS.

When we are finished working with machines, we need to terminate them. Failure to do this might result in billing.

Relational databases are made up of tables which hold “like” data. For instance, we might have a “customers” table, a “videos” table, and a “rentals” table which shows which customer rented which video. This video presents you with the fundamentals of a relational database.

Installing MySQL is straightforward. This video will show you the process.

Installing MySQL on AWS is also straightforward. This video will show you the process.

This video shows you how to connect your workbench to MySQL on AWS.

This video shows you how to set up Go and SQL.

This video shows you how to use Go and SQL.

Load balancers distribute work between different machines.