A simple and fun REST API service written in Go that serves and stores dad jokes. The API allows you to fetch random dad jokes and submit new ones to the collection.
- Fetch random dad jokes
- Submit new dad jokes
- IP-based rate limiting for POST requests
- Input validation for joke submission
- PostgreSQL database integration
- Secure HTTPS support via Nginx
- Environment-based configuration
- Go 1.x or higher
- PostgreSQL database
- Nginx (for production deployment)
- Let's Encrypt SSL certificates (for HTTPS)
- Clone the repository:
git clone https://github.com/andrewthecodertx/go-dadjokes-api.git
cd go-dadjokes-api- Install dependencies:
go mod init go-dadjokes-api
go get github.com/gorilla/mux
go get github.com/joho/godotenv
go get github.com/lib/pq- Create a
.envfile in the project root with your database configuration:
DB_CONN_STRING="postgres://user:password@host:5432/database_name?sslmode=disable"- Set up the PostgreSQL database:
CREATE TABLE jokes (
id SERIAL PRIMARY KEY,
entry_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
author VARCHAR(255),
joke_text TEXT
);go run main.goThe server will start on port 3000.
- Build the binary:
go build -o dadjokes-api- Configure Nginx using the provided configuration:
server {
...
location /api/v2/random {
proxy_pass http://localhost:8080/random;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /api/v2/submit {
proxy_pass http://localhost:8080/write;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_method POST;
proxy_pass_request_headers on;
}
}GET /api/v2/randomResponse:
{
"id": 1,
"entry_date": "2024-01-06T12:00:00Z",
"author": "John Doe",
"joke_text": "Why don't eggs tell jokes? They'd crack up!"
}POST /api/v2/submit
Content-Type: application/json
{
"author": "Jane Doe",
"joke_text": "Why don't programmers like nature? It has too many bugs!"
}Response:
{
"id": 2,
"entry_date": "2024-01-06T12:01:00Z",
"author": "Jane Doe",
"joke_text": "Why don't programmers like nature? It has too many bugs!"
}- The API uses HTTPS encryption in production
- Nginx acts as a reverse proxy
- Database credentials are stored in environment variables (use a dedicated, least-privilege user in production)
- Input validation is implemented for joke submission
- IP-based rate limiting is implemented for POST requests
- Generic error messages are returned to clients to prevent sensitive information leakage, with detailed errors logged internally
- HTTP Security Headers (X-Content-Type-Options, X-Frame-Options, X-XSS-Protection, Strict-Transport-Security) are recommended for Nginx configuration
- Regular dependency updates and vulnerability scanning (e.g., using
govulncheck) are crucial for maintaining security
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Thanks to all contributors who add their dad jokes
- Built with Go, PostgreSQL, and Nginx