Greeny (4) [Avatar] Offline
#1
Hi,

First of all congratulations on the first couple of chapters.
I bought the book immediately after reading the first chapter as it was such high quality.
I think you strike a great balance of not assuming prior knowledge, but also not getting bogged down in unnecessary detail.
I'm looking forward greatly to the next chapters.

On reading the Chapter contents there is no explicit mention of authentication/authourisation.
I realise the chapter headings are very general, so i wondered if you could clarify whether these are topics you are going to cover.

In my opinion they are very important topics in web applications, but often glossed over, or omitted entirely

Cheers
Paul

Anonymous (122) [Avatar]
#2
Hi,

Thanks for the compliments!

Chapter 2 mentions authentication briefly, but not authorization, which is mostly an application specific logic. While these topics are very important for web applications, the book is more 'infrastructural'. I actually had a section on authentication in my original planning, but I took it out as it's a really large topic and might not be well described enough in a section. A separate chapter seems an overkill.

The book is not yet finished though, so if there's enough feedback for a section on authentication, I will put that back in.
Greeny (4) [Avatar] Offline
#3
Ok thanks.

I agree authourisation is more app specific, but hopefully there will be enough interest in authentication to convince you to re-introduce it.

Looking forward to the rest of the book.

Cheers
Paul
fr4nk (14) [Avatar] Offline
#4
I would be interested in a section about authentication!
Martin (1) [Avatar] Offline
#5
+1 A chapter about authentication would be a great asset to the book. After all, the most of us are not going to leave their applications open to everyone.
Anonymous (122) [Avatar]
#6
Authentication section might make me more inclined to buy the book further down the road.
Anonymous (122) [Avatar]
#7
+1 for authentication / authorization topic.

This is often native in PHP/ .NET . Covering best auth best practices in golang would go a long way .
347153 (1) [Avatar] Offline
#8
If this topic is not big enough to be a separate chapter, you may make it as an appendix or as an additional material online.
345883 (1) [Avatar] Offline
#9
I think you could actually make authentication a separate chapter. I would cover session based authentication and token based authentication using jwt. Maybe talk about how jwt authentication goes along with the scalability of Go?
Sau Sheong (20) [Avatar] Offline
#10
That would actually veer too much away from the main path of the book, which is to teach the basics of web programming in Go. I could consider an appendix describing web and basic authentication.
mjameseaston (3) [Avatar] Offline
#11
+1 for authentication.
mjameseaston (3) [Avatar] Offline
#12
This book is great. I would love to see authentication addressed in the appendix.

Thank you.
chadit (2) [Avatar] Offline
#13
+1 for authentication
384659 (1) [Avatar] Offline
#14
I totally agree with the thought that a book on web programming is incomplete without a discussion on how to do basic user authentication in it. I also can understand how that discussion could expand from a sub-topic, out to a chapter, then a whole book of its own.

What do you cover? What backend do you use? MySQL? sqlite? .htaccess? All of them?

But still, some kind of database driven user authentication seems like a pretty standard topic, and a chapter on doing this is probably a good thing. It ties several integral parts together: session management, database access, authenticating users, and allowing users to sign up, edit their profiles, and, perhaps, even password recovery.

As for who is authorized to do what once they are logged in? That is so complex that I can honestly see it as either a book of its own, or left with a brief mention.

I am personally looking forward to this text as a possible move from my current paradigm (perl dancer). The chances you'd choose to discuss my particular authorization scheme, however, is pretty slim, even though it is pretty straight forward. However, a relatively complete chapter on authentication would give me every bit of information needed to duplicate it, so I would be happy with that.

Frankly, I do sympathize with the author in this discussion. I contemplated writing a book on using perl dancer, but this same kind of thing is what stopped me from even getting started.