Greenlight API

Greenlight is a robust, scalable, and secure RESTful JSON API for managing movie data. It allows users to view, create, update, and delete movie information, managed via a permission-based authentication system.

Note: This project was built while following the Let's Go Further book by Alex Edwards. It serves as an advanced guide to building professional backend systems in Go.

Features

• RESTful API: Clean resource-oriented URLs and standard HTTP methods.
• CRUD Operations: Complete management for movies.
• PostgreSQL Database: Persistent storage using database/sql and lib/pq.
• Advanced Concurrency: Efficient request handling and background processing.
• Authentication & Permissions: Secure user authentication and role-based access control.
• Rate Limiting: Token bucket strategy to prevent abuse.
• CORS Support: Configurable Cross-Origin Resource Sharing for frontend integration.
• Structured Logging: JSON logging using Go 1.21+ log/slog.
• Graceful Shutdown: clean resource cleanup on termination.
• Metrics: Application health and performance metrics via expvar.
• Mailer: SMTP integration for sending welcome emails and notifications.

Project Structure

.
├── cmd
│   └── api          # Application entry point, routes, handlers, and middleware
├── internal
│   ├── data         # Database models and DAO (Data Access Object) layer
│   ├── mailer       # Email sending functionality
│   ├── validator    # Input validation helpers
│   └── vcs          # Version control helpers
├── migrations       # SQL database migrations
└── ...

Prerequisites

• Go: Version 1.22 or higher.
• Docker: For running the PostgreSQL database service.
• Migrate: The golang-migrate tool for managing database schemas.

Getting Started

1. Clone the repository

git clone https://github.com/your-username/greenlight.git
cd greenlight

2. Database Setup

You can spin up a PostgreSQL instance easily using the provided Docker Compose configuration:

docker-compose up -d

This starts a Postgres database accessible on port 5432.

3. Configuration

The application relies on environment variables or command-line flags. The Makefile simplifies running the app by using variables.

Ensure you have the following environment variables set (e.g., in a .envrc file or your shell session):

export GREENLIGHT_DB_DSN='postgres://greenlight:pa55word@localhost:5432/greenlight?sslmode=disable'
export JWT_SECRET='your-32-byte-long-secret-string-here'

4. Database Migrations

Apply the database schema migrations:

make db/migrations/up

5. Running the Application

To start the API server in development mode:

make run/api

The server will start on http://localhost:4000.

Makefile Commands

The project includes a Makefile to automate common tasks:

• Development

  • make run/api: Run the API server.
  • make db/psql: Connect to the database using psql.
  • make db/migrations/new name=some_name: Create a new migration file.
  • make db/migrations/up: Apply pending migrations.

• Quality Control

  • make audit: Run go vet, staticcheck, and tests.
  • make tidy: Format code and tidy go.mod.

• Build

  • make build/api: Compile the binary for the current OS and Linux/AMD64.

API Configuration Flags

You can override configuration defaults using command-line flags when running the binary directly:

• -port: API server port (default: 4000)
• -env: Environment (development, staging, production)
• -db-dsn: PostgreSQL connection string
• -limiter-enabled: Enable/disable rate limiter (default: true)
• -cors-trusted-origins: Space-separated list of allowed CORS origins
• -smtp-host: SMTP server host
• -smtp-port: SMTP port
• -smtp-username: SMTP username
• -smtp-password: SMTP password
• -jwt-secret: Secret key for signing tokens

Example:

./bin/api -port=8080 -env=production -limiter-enabled=false

Credits

• Author: Nirjan
• Based on: Let's Go Further by Alex Edwards.