{"id":26820391,"url":"https://github.com/zvdy/api-gateway","last_synced_at":"2026-06-10T16:31:08.125Z","repository":{"id":264591234,"uuid":"893570782","full_name":"zvdy/api-gateway","owner":"zvdy","description":"Golang API gateway that incorporates Rate Limiting using redis and JWT user authentication.","archived":false,"fork":false,"pushed_at":"2024-11-25T12:11:23.000Z","size":21,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-07-06T16:24:43.153Z","etag":null,"topics":["api","gateway-api","golang","jwt-authentication","rate-limiting","redis"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zvdy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-24T19:24:54.000Z","updated_at":"2024-11-30T19:51:59.000Z","dependencies_parsed_at":"2024-11-25T08:39:37.596Z","dependency_job_id":null,"html_url":"https://github.com/zvdy/api-gateway","commit_stats":null,"previous_names":["zvdy/api-gateway"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/zvdy/api-gateway","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zvdy%2Fapi-gateway","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zvdy%2Fapi-gateway/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zvdy%2Fapi-gateway/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zvdy%2Fapi-gateway/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zvdy","download_url":"https://codeload.github.com/zvdy/api-gateway/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zvdy%2Fapi-gateway/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34161283,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-10T02:00:07.152Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","gateway-api","golang","jwt-authentication","rate-limiting","redis"],"created_at":"2025-03-30T06:31:50.564Z","updated_at":"2026-06-10T16:31:08.108Z","avatar_url":"https://github.com/zvdy.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# GoGateway API\n\n[![Go Report Card](https://goreportcard.com/badge/github.com/zvdy/api-gateway)](https://goreportcard.com/report/github.com/zvdy/api-gateway)\n\n# Index\n- [Prerequisites](#prerequisites)\n- [Setup](#setup)\n  - [Clone the Repository](#clone-the-repository)\n  - [Create Configuration File](#create-configuration-file)\n  - [Build and Run the Docker Containers](#build-and-run-the-docker-containers)\n    - [Test the router](#test-the-router)\n- [Client](#client)\n- [Server](#server)\n  - [Generate a JWT Token](#generate-a-jwt-token)\n    - [JWT Auth in Depth](#jwt-auth-in-depth)\n      - [You can also modify the claims](https://datatracker.ietf.org/doc/html/rfc7519#section-4)\n  - [Use the JWT Token to Authenticate](#use-the-jwt-token-to-authenticate)\n- [Client](#client-1)\n- [Server](#server-1)\n  - [Test the Rate Limiting](#test-the-rate-limiting)\n- [Project Structure](#project-structure)\n- [License](#license)\n\n## Prerequisites\n\n- [Docker](https://docs.docker.com/get-started/get-docker/)\n- [Docker Compose](https://docs.docker.com/compose/install/)\n- [Go](https://go.dev/doc/install)\n\n## Setup\n\n### Clone the Repository\n\n```sh\ngit clone https://github.com/zvdy/gogateway-api.git\ncd gogateway-api\n```\n\n### Create Configuration File\n\nCreate a `config.yaml` file in the root directory with the following content:\n\n```yaml\nServerAddress: \":8080\"\nRedisAddress: \"redis:6379\"\nRedisPassword: \"\"\nRedisDB: 0\n```\n\n### Build and Run the Docker Containers\n\nUse Docker Compose to build and run the containers:\n\n```sh\ndocker-compose up --build\n```\n\n#### Test the router\n\n```sh\n# client\ncurl http://localhost:8080/health\n{\"status\":\"healthy\"}\n```\n\n```sh\n#server\napi-gateway        | [GIN] 2024/11/24 - 19:18:49 | 200 |     151.849µs |      172.27.0.1 | GET      \"/health\"\n```\n\n### Generate a JWT Token\n\nCreate a `gen_token.go` file in the root directory with the following content:\n\n\u003e [!WARNING]  \n\u003e If you modify the claims, the script will have to be modified too.\n\n```go\npackage main\n\nimport (\n\t\"fmt\"\n\t\"log\"\n\n\t\"github.com/zvdy/gogateway-api/internal/auth\"\n)\n\nfunc main() {\n\ttoken, err := auth.GenerateJWT(\"test-user-id\")\n\tif err != nil {\n\t\tlog.Fatalf(\"Failed to generate JWT: %v\", err)\n\t}\n\tfmt.Println(\"Generated JWT:\", token)\n}\n```\n\nRun the script to generate a JWT token:\n\n```sh\ngo run gen_token.go\nGenerated JWT: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MzI1NjE5NTksInVzZXJfaWQiOiJ0ZXN0LXVzZXItaWQifQ.79bjRnzgN7ub1757ecWOj0-cx4uo0dnjGU1ZLCPGfaQ\n```\n\n#### JWT Auth in Depth\n\n`internal/auth/auth.go` contains the logic to generate the tokens. at the moment.\n\nThe key is hardcoded, and as a personal recommendation, I suggest using `openssl rand -base64 32`.\n```go\nvar secretKey = []byte(\"vyPcARcpHaov7o7aU1kDcLHjR0ZR9+UWx/TqtCvhl+g=\") // ❯ openssl rand -base64 32\n```\n\nYou can also modify the claims [rfc7519](https://datatracker.ietf.org/doc/html/rfc7519#section-4).\n\n```go\nfunc GenerateJWT(userID string) (string, error) {\n\tclaims := jwt.MapClaims{\n\t\t\"user_id\": userID,\n\t\t\"exp\":     time.Now().Add(24 * time.Hour).Unix(),\n\t}\n\ttoken := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)\n\treturn token.SignedString(secretKey)\n}\n```\n\nI suggest using [this web](https://dinochiesa.github.io/jwt/) To verify jwt signatures and general work with JWT.\n\n\n### Use the JWT Token to Authenticate\n\nReplace `\u003cJWT_TOKEN\u003e` with the token generated in the previous step and use it to authenticate and access the API Gateway:\n\n```sh\n# client\nexport TOKEN='\u003cJWT_TOKEN\u003e'\ncurl -H \"Authorization: Bearer $TOKEN\" http://localhost:8080/api/test\nHello from backend\n```\n\n```sh\n# server\napi-gateway        | [GIN] 2024/11/24 - 19:17:20 | 200 |     684.511µs |      172.27.0.1 | GET      \"/api/test\"\n```\n\n### Test the Rate Limiting\n\nCreate a loadtest.sh file in the root directory with the following content:\n```sh\n#!/bin/bash\n\nTOKEN='\u003cJWT_TOKEN\u003e'\nURL='http://localhost:8080/api/test'\n\nfor i in {1..110}; do\n  echo \"Request $i\"\n  curl -H \"Authorization: Bearer $TOKEN\" $URL\n  echo\ndone\n```\n\nRun the script to test the rate limiting:\n\n```sh\nchmod +x loadtest.sh\n./loadtest.sh\n...\n...\n...\nRequest 101\n{\"error\":\"rate limit exceeded\"}\n```\n\n## Project Structure\n\n```\n.\n├── cmd\n│   └── main.go\n├── config.yaml\n├── Dockerfile\n├── Dockerfile.backend\n├── docker-compose.yml\n├── go.mod\n├── go.sum\n├── internal\n│   ├── auth\n│   │   └── auth.go\n│   ├── cache\n│   │   ├── cache.go\n│   │   └── middleware.go\n│   ├── logging\n│   │   └── logger.go\n│   ├── proxy\n│   │   └── proxy.go\n│   ├── ratelimit\n│   │   ├── middleware.go\n│   │   └── ratelimiter.go\n│   └── routes\n│       ├── handlers.go\n│       └── router.go\n├── pkg\n│   ├── middleware\n│   │   ├── cors.go\n│   │   └── recovery.go\n│   └── utils\n│       ├── http.go\n│       └── json.go\n├── backend\n│   └── backend.go\n├── gen_token.go\n├── loadtest.sh\n├── README.md\n└── test\n    └── integration\n        ├── auth_test.go\n```\n\n## License\n\nThis project is licensed under the [MIT License](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzvdy%2Fapi-gateway","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzvdy%2Fapi-gateway","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzvdy%2Fapi-gateway/lists"}