casbin VS validator

https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.

Looks like you’re looking for a role-based access control (RBAC) module on your backend. What you would do is attach roles to your users/tokens which would allow or deny any specific action on a resource. Take a look at https://casbin.org/ that might be useful.

Looking at your username, it would be nice to mention that you are one of the main developers behind the tool instead of making it sound like you are unrelated: https://github.com/casbin/casbin/graphs/contributors https://github.com/casdoor/casdoor/graphs/contributors

We use casbin . We’re using python version, but it has libraries for many languages. There are some adapters for loading policies from a datastore but we are not using any of them

- Casbin handles RBAC, ABAC: https://casbin.org/

https://casbin.org/ (multiple approaches, multiple languages, provider) Open source authZ library that has support for many access control models (ACL, RBAC, ABAC, …) and many languages (Go, Java, Node.js, JS, Rust, …). While somewhat complex, it is also powerful and flexible. They also have their Casdoor platform, which is authN and authZ provider.

You can probably look into casbin

go-playground/validator

If you want to know all the available validation in Gin. Then you can look at this package because Gin uses this package under the hood. Package: https://github.com/go-playground/validator Specific-file: https://github.com/go-playground/validator/blob/master/baked_in.go#L73

Now it has most of the Playground validator's common checks and a few own tricks.

In Go I've found this package - https://github.com/go-playground/validator. It seems popular in the community, but it is tag-based. It looks like if I wanted to use it - I would have to basically duplicate structs.

so I am working on a ecommerce api as a hobby project which is mostly inspired by wtf dial project I like to use validator package to remove boilerplate over my domain package for example take a look https://github.com/mortezadadgar/ecommerce-api/blob/b0bf43d042d62fdca1c2d097ec51b05bc539cef2/domain/users.go#L33 I have to option either add validate.Struct() to my domain which is suggested to avoid by author of wtf peoject or add it to handler which I doubt is a good idea as it's not in business logic of handler and makes unit testing harder

I use https://github.com/go-playground/validator, but honestly, I am not a fan. I just haven’t found anything better.

IDE: use whatever make you productive. I personally use vscode. VCS: git, as golang communities use github heavily as base for many libraries. AFAIK Linter: use staticcheck for linting as it looks like mostly used linting tool in go, supported by many also. In Vscode it will be recommended once you install go plugin. Libraries/Framework: actually the standard libraries already included many things you need, decent enough for your day-to-day development cycles(e.g. `net/http`). But here are things for extra: - Struct fields validator: validator - Http server lib: chi router , httprouter , fasthttp (for non standard http implementations, but fast) - Web Framework: echo , gin , fiber , beego , etc - Http client lib: most already covered by stdlib(net/http), so you rarely need extra lib for this, but if you really need some are: resty - CLI: cobra - Config: godotenv , viper - DB Drivers: sqlx , postgre , sqlite , mysql - nosql: redis , mongodb , elasticsearch - ORM: gorm , entgo , sqlc(codegen) - JS Transpiler: gopherjs - GUI: fyne - grpc: grpc - logging: zerolog - test: testify , gomock , dockertest - and many others you can find here