Gopher Academy
3.85K subscribers
930 photos
41 videos
280 files
2.15K links
🕸 Gopher Academy

🔷interview golang
https://github.com/mrbardia72/Go-Interview-Questions-And-Answers

حمایت مالی:
https://www.coffeete.ir/mrbardia72

ادمین:
@mrbardia72
Download Telegram
🟢 Authentication Security: Password Reset Best Practices and More🟢

🔵 Bringing it all together, your general application flow should look something like this:
1) The user requests a password reset, providing their email
2) Look up the user in the database using the email address
3) Securely create a token, and store it in the database together with its creation time.
4) Send an email with a link to your password recovery page, and the token as a query string parameter
5) Lookup the user in the database using the token, if found, and not expired, prompt him for a new password
6) Store the new password in the database
7) Delete the used token from the database.

🔵 Remember, Don’ts:
1) Don’t store the plaintext passwords in the database.
2) Don’t use public information as a password recovery token.
3) Don’t use sequential id numbers as password recovery tokens.
4) Don’t make your security depend on the fact that your code is secret.
5) Don’t generate tokens in a way that can also be generated offline
6) Don’t use encryption
7) Don’t generate your tokens based on time

🔵 Remember, Do:
1) Generate tokens that don’t depend on the user data and store them in the database.
2) Set a lifetime for your reset tokens.
3) Discard the reset tokens after use.

🔰 @gopher_academy
👍5🔥1
🟢 REST API Design Best Practices🟢

1. Use JSON as the Format for Sending and Receiving Data
2. Use Nouns Instead of Verbs in Endpoints
3. Name Collections with Plural Nouns
4. Use Status Codes in Error Handling
5. Use Nesting on Endpoints to Show Relationships
6. Use Filtering, Sorting, and Pagination to Retrieve the Data Requested
7. Use SSL for Security
8. Be Clear with Versioning
9. Provide Accurate API Documentation


🔰 @gopher_academy
👍3
🔵 Token Best Practices 🔵

*Here are some basic considerations to keep in mind when using tokens: Keep it secret. Keep it safe: The signing key should be treated like any other credential and revealed only to services that need it.
*

Do not add sensitive data to the payload:
Tokens are signed to protect against manipulation and are easily decoded. Add the bare minimum number of claims to the payload for best performance and security.

Give tokens an expiration:
Technically, once a token is signed, it is valid forever—unless the signing key is changed or expiration explicitly set. This could pose potential issues so have a strategy for expiring and/or revoking tokens.

Embrace HTTPS:
Do not send tokens over non-HTTPS connections as those requests can be intercepted and tokens compromised.

Consider all of your authorization use cases:
Adding a secondary token verification system that ensures tokens were generated from your server may be necessary to meet your requirements.

Store and reuse:
Reduce unnecessary roundtrips that extend your application's attack surface, and optimize plan token limits (where applicable) by storing access tokens obtained from the authorization server. Rather than requesting a new token, use the stored token during future calls until it expires. How you store tokens will depend on the characteristics of your application: typical solutions include databases (for apps that need to perform API calls regardless of the presence of a session) and HTTP sessions (for apps that have an activity window limited to an interactive session). For an example of server-side storage and token reuse.


🔰 @gopher_academy
👍4🔥1
🔵 How Are Best Practices Relevant in Software Engineering?🔵
1. Enhance Code Readability
2. Ensure Your Code Works Efficiently
3. Refactor Your Code
4. Develop A Professional Coding Style
5. Use Version Control
6. Test Your Code
7. The KISS Principle
8. The YAGNI Principle
9. The DRY Principle


🔰 @gopher_academy
👍31
🔵 Best practices using context in golang 🔵
1- context.Background should be used only at the highest level, as the root of all derived contexts
2- context.TODO should be used where not sure what to use or if the current function will be updated to use context in future
3- context cancelations are advisory, the functions may take time to clean up and exit
4- context.Value should be used very rarely, it should never be used to pass in optional parameters. This makes the API implicit and can introduce bugs. Instead, such values should be passed in as arguments.
5- Don’t store contexts in a struct, pass them explicitly in functions, preferably, as the first argument.
6- Never pass nil context, instead, use a TODO if you are not sure what to use.
7- The Context struct does not have a cancel method because only the function that derives the context should cancel it.


🔰 @gopher_academy
👍5
🔵 part-1:Go Best Practices: Optimize Golang Code For Better Performance🔵

🔴 Syntax and Folder Structure
1-Define data types of variables
2-Use comments
3-Maintain naming conventions
You can keep the following things in mind:
3-1-Avoid using underscores.
3-2-Use Mixed Case Capital acronyms
3-3-Short local variables or single letters for loop argument or index
4-Modularization
5-Splitting up projects

🔴 Package
1-Take care of documentation
2-Managing multiple files in the same package
Should you break a specific package into numerous files?
2-1-Prevent long files: Standard library’s net/http package comprises 15734 lines in 47 files.
2-2-Divide code and tests: net/http/cookie_test.go and net/http/cookie.go, both are parts of the http package. Ideally, test code is only compiled at test time.
2-3-Divided package documentation: When the package has more than one file, it is an agreement to create a doc.go comprising the package documentation.
3-Pack your packages properly

🔴 Code Practices to maintain readability
1-Avoid Nesting
2-Do not repeat unnecessary code
3-Prioritize essential code

🔴 Handling Go errors
1-Using multiple return values
2-Wrap Golang errors
For wrapping errors, fmt.Errorf provides %w verb to inspect and unwrap errors. Functions like
2-1-errors.Unwrap: For inspecting and exposing the underlying errors in the code.
2-2-errors.Is: For comparing every error value of the error chain against the sentinel value. The Is method implemented on the error is used to post the error itself as the sentinel value in case we don’t have a sentinel value.
2-3-errors.As: The function is used to cast a particular error type. For that, it looks for the very first error encountered in the error chain and sets that specific error as a sentinel value, and returns true.

🔴State Management With Goroutines
1-Avoid Goroutine Leaks
1-1-The goroutine is blocked on chan write
1-2-The goroutine carries a source to the chan
1-3-The chan will never be accumulated with garbage.

🔴Golang CI/CD
1-Use Go Modules
2-Use Artifactory Repository Layouts

🔴Testing in Go App
1-Keep your tests in a different package
2-A different file for internal tests
3-Write table-driven tests
👍9

🔰 @gopher_academy
🔥10
https://youtu.be/L-PsoFHDkjU
اشنایی با influxDB

🔰 @gopher_academy
🤩4👍21
Forwarded from Gopher Academy
🔺نقشه یادگیری زبان برنامه نویسی گولنگ🔺
🔹️roadmap part 1
https://t.iss.one/gopher_academy/7

🔹️roadmap part 2
https://t.iss.one/gopher_academy/9

🔹️roadmap part 3
https://t.iss.one/gopher_academy/11

@gopher_academy
🤩62🎉2👍1
یه سایت جالب که ۸ تا سوال مختلف در مورد SQL داره و بصورت عملی میتونید دانش SQL خودتون رو محک بزنید.

https://8weeksqlchallenge.com

🔰 @gopher_academy
👍41🎉1
A fully functional local AWS cloud stack
Develop and test your cloud and serverless apps offline!
بصورت local و کاملا عملی کل استک AWS را بالا بیارید و اپلیکیشن‌های خود را قبل از deploy روی سرورهای اصلی AWS با localStack تست کنید.

#aws #local #stack #cloud #server #serverless #test #infrastructure #efficient

https://localstack.cloud

🔰 @gopher_academy
👍7🤩4🔥21
۱۵ نکته برای طراحی بهتر RESTFul API ها که به هیچ زبان برنامه‌نویسی‌ای ربط خاصی نداره.

https://r.bluethl.net/how-to-design-better-apis

🔰 @gopher_academy
👍52🔥2
🔸استخدام برنامه‌نویس Golang #تهران
🔹پاره‌وقت 🔹کارآموز (Intern)

🔗 https://quera.org/r/tBT7aM

🔰 @gopher_academy
1👍1🔥1🎉1
🔸استخدام برنامه‌نویس Golang #مشهد
🔹تمام وقت


مهارت های مورد نیاز

- مسلط به زبان Go و انواع پارادایم ها

- مسلط به مفاهیم Concurrency، Goroutine و Channel

- مسلط به RESTful API

- آشنا به دیتابیس MongoDB

- آشنایی با معماری clean و اصول سالید

- آشنایی با Microservice


موارد زیر مزیت محسوب میشود

- آشنایی کامل با پروتکل بافر و gRPC


@Ja7adR

🔰 @gopher_academy
👍52🔥1
Audio
جلسه پرسش و پاسخ «مشاوره شغلی»

تو این جلسه در مورد مسیری که به نظرم روتین هست و یه برنامه نویس خوب و معمولی طی می کنه صحبت کردم و در آخر هم پرسش و پاسخ داشتیم با دوستان عزیز

قطعا تجربه شخصی من در مسیر پیشنهادی دخیل بوده و تنها راه و مسیر شغلی، این مسیر پیشنهادی نیست، اما فکر می کنم نقاط اشتراک زیادی میتونید پیدا کنید.

#career_qa

@gocasts


عضویت در خبرنامه Hey Mate 👇
heymate.ir

🔰 @gopher_academy
1👍1🔥1🎉1
لیستی از سوالات الگوریتمی به همراه اموزش که از leetcode انتخاب شدن و برای مصاحبه عالین

#algorithm #interview #leetcode #practice

https://neetcode.io

🔰 @gopher_academy
👍7🔥3
اموزش تست فازی در گولنگ
https://youtu.be/y8Rpb3nrJn8


🔰 @gopher_academy
🎉4🤩3👍1