You're reading from Modern REST API Development in Go Design performant, secure, and observable web APIs using Go's powerful standard library

Product type Paperback

Published in Aug 2025

Publisher Packt

ISBN-13 9781836205371

Length 294 pages

Edition 1st Edition

Languages

Tools

Gokit

Concepts

Web Services

Author (1):

Jesús Espino

View More author details

Table of Contents (18) Chapters

Preface

1. Introduction to APIs

2. Exploring REST APIs FREE CHAPTER

3. Building a REST Client

4. Designing Your REST API

5. Authentication and Authorization

6. Data Persistency

7. API Security

8. API Performance

9. Deploying Your API

10. Testing

11. Documenting with OpenAPI

12. Metrics, Logs, and Traces

13. Using GORM

14. Using the Echo Framework

15. Unlock Your Book’s Exclusive Benefits

How to unlock these benefits in three easy steps

16. Other Books You May Enjoy

17. Index

Token-based authentication

The use of token-based authentication is widespread today. The idea is that whenever you log in to the API, you get an opaque token, a string that shouldn’t have any meaning for the client but has meaning for the server. For every subsequent request, you will send that token, and the server will check if that token is valid.

There are different models for token-based authentication. We are going to talk about two of them here: a server session token that associates a random token with the session information stored in the server, and the concept of JSON Web Token (JWT). In both cases, from the user perspective, the token should be an opaque code, something meaningless that only has meaning for the server. But let’s talk about each approach.

Server session token

The idea here is to generate a random string (a token) and store that string in the server, normally associated with a session, so that the client can send it inside every...