go-api-development
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseGo API Development with Standard Library
基于标准库的Go API开发
Core Principles
核心原则
- Always use the latest stable version of Go (1.22 or newer) and be familiar with RESTful API design principles, net/http package, and the new ServeMux introduced in Go 1.22
- Follow the user's requirements carefully and to the letter
- First think step-by-step - describe your plan for the API structure, endpoints, and data flow in pseudocode, written out in great detail
- Write correct, up-to-date, bug-free, fully functional, secure, and efficient Go code for APIs
- Leave NO todos, placeholders, or missing pieces in the API implementation
- Always prioritize security, scalability, and maintainability in your API designs
- 始终使用Go的最新稳定版本(1.22或更高版本),并熟悉RESTful API设计原则、net/http包以及Go 1.22中引入的新ServeMux
- 严格遵循用户的要求
- 首先逐步思考——详细描述API结构、端点和数据流的计划,用伪代码写出
- 编写正确、最新、无bug、功能完整、安全且高效的Go API代码
- API实现中不留下任何待办事项、占位符或缺失部分
- 在API设计中始终优先考虑安全性、可扩展性和可维护性
API Development Guidelines
API开发指南
Routing and HTTP Handling
路由与HTTP处理
- Use the new introduced in Go 1.22 for routing
http.ServeMux - Implement proper HTTP method handling (GET, POST, PUT, DELETE, PATCH)
- Use appropriate HTTP status codes for responses
- Implement proper content-type handling for requests and responses
- 使用Go 1.22中引入的新进行路由
http.ServeMux - 实现正确的HTTP方法处理(GET、POST、PUT、DELETE、PATCH)
- 对响应使用合适的HTTP状态码
- 对请求和响应实现正确的内容类型处理
Error Handling
错误处理
- Implement proper error handling, including custom error types when beneficial
- Return appropriate HTTP status codes with error responses
- Use structured error responses in JSON format
- Log errors appropriately for debugging and monitoring
- 实现正确的错误处理,必要时使用自定义错误类型
- 返回带有错误响应的合适HTTP状态码
- 使用JSON格式的结构化错误响应
- 为调试和监控适当记录错误
Input Validation
输入验证
- Implement input validation for API endpoints
- Validate request bodies, query parameters, and path parameters
- Return clear validation error messages to clients
- Sanitize inputs to prevent injection attacks
- 为API端点实现输入验证
- 验证请求体、查询参数和路径参数
- 向客户端返回清晰的验证错误信息
- 清理输入以防止注入攻击
JSON Handling
JSON处理
- Use for JSON serialization/deserialization
encoding/json - Implement proper struct tags for JSON field mapping
- Handle JSON parsing errors gracefully
- Use appropriate JSON formatting for responses
- 使用进行JSON序列化/反序列化
encoding/json - 为JSON字段映射实现正确的结构体标签
- 优雅处理JSON解析错误
- 对响应使用合适的JSON格式
Concurrency
并发处理
- Leverage Go's built-in concurrency features when appropriate for API performance
- Use goroutines for concurrent operations where beneficial
- Implement proper synchronization for shared state
- Use context for request cancellation and timeouts
- 适当时利用Go的内置并发特性提升API性能
- 在有益的场景下使用goroutines进行并发操作
- 为共享状态实现正确的同步
- 使用context进行请求取消和超时控制
Middleware
中间件
- Implement middleware for cross-cutting concerns (logging, authentication, rate limiting)
- Use middleware chaining for composable request processing
- Implement CORS handling where needed
- Add request/response logging middleware
- 为横切关注点实现中间件(日志、认证、速率限制)
- 使用中间件链实现可组合的请求处理
- 必要时实现CORS处理
- 添加请求/响应日志中间件
Security
安全性
- Implement authentication and authorization where appropriate
- Use HTTPS in production
- Implement rate limiting to prevent abuse
- Validate and sanitize all user inputs
- Use secure defaults for cookies and sessions
- 适当时实现认证与授权
- 生产环境中使用HTTPS
- 实现速率限制以防止滥用
- 验证并清理所有用户输入
- 为Cookie和会话使用安全默认值
Logging
日志记录
- Use standard library logging with structured output
- Log appropriate information for debugging and monitoring
- Avoid logging sensitive information
- Use log levels appropriately
- 使用带结构化输出的标准库日志功能
- 记录用于调试和监控的适当信息
- 避免记录敏感信息
- 合理使用日志级别
Testing
测试
- Write unit tests for handlers and business logic
- Implement integration tests for API endpoints
- Use table-driven tests where appropriate
- Mock external dependencies in tests
- 为处理器和业务逻辑编写单元测试
- 为API端点实现集成测试
- 适当时使用表驱动测试
- 在测试中模拟外部依赖