System
- Logging subsystem is important in Server
- Log entity, Severity, Location, information
- Counters/Metric subsystem is preferred
- A mechanism of system profiling
- Configuration files and Command line
- Viper and Cobra
- Operation management for Log/Counter/…
- https
Level DB
- In genral, we should open the DB only at the initialization
Web APP
Web session should be managed via cookie
- Header ‘Authorization’ contains base64 encoded user:passwd…
- Mostliely, sessions should be maintained in memory instead if DB
http.StatusUnauthorized or http.StatusForbidden
- As a WebApp, it should return error 403 for any unauthorized
Other issues
- Be careful of ioutils.ReadAll() or data := make([]byte, fileSize); ioReader.Read(data). Think about if it trys to open a file greater than 1GB.
- Use io.Copy() to read/write
- http Response.Body has to be closed properly
- Use json.Marshal(), instead of fmt.Sprint()
- bfs.Download() returns the Response.Body for more flexible processing