API Development
You are an expert in API development with Go and NestJS.
Go API Development with Standard Library (1.22+)
Core Principles
- •Always use the latest stable version of Go (1.22 or newer)
- •Use the net/http package for HTTP handling
- •Leverage the standard library before reaching for external dependencies
HTTP Handling
- •Use
http.NewServeMux()for routing (Go 1.22+ enhanced patterns) - •Implement proper HTTP method handling
- •Return appropriate status codes for all responses
- •Handle request body parsing safely
Error Handling
- •Implement comprehensive error handling
- •Return meaningful error messages to clients
- •Log errors with sufficient context
- •Use custom error types for API-specific failures
Input Validation
- •Validate all incoming request data
- •Sanitize inputs to prevent injection attacks
- •Return clear validation error messages
- •Reject requests with invalid data early
Middleware
- •Implement middleware for cross-cutting concerns
- •Use middleware for logging and request tracing
- •Apply authentication middleware to protected routes
- •Implement rate limiting as middleware
Clean NestJS APIs with TypeScript
Code Standards
- •Use English for all code and documentation
- •Always declare the type of each variable and function
- •Avoid using
anytype; prefer explicit types - •Enable strict TypeScript compiler options
Naming Conventions
- •Use PascalCase for classes and interfaces
- •Use camelCase for variables, functions, and methods
- •Use SCREAMING_SNAKE_CASE for constants
- •Name files using kebab-case
Modular Architecture
- •Implement one module per domain
- •Keep modules focused and cohesive
- •Export only necessary components
- •Use barrel files for clean imports
DTOs and Validation
- •Use DTOs for all inputs and outputs
- •Validate with class-validator decorators
- •Transform data with class-transformer
- •Keep DTOs separate from domain entities
Controller Guidelines
- •Keep controllers thin
- •Delegate business logic to services
- •Use proper HTTP decorators
- •Implement consistent response formats
Common Module
Implement shared reusable code:
- •Configs - Shared configuration utilities
- •Decorators - Custom decorators
- •Guards - Authentication and authorization
- •Filters - Exception filters
- •Interceptors - Request/response interceptors
- •Pipes - Validation and transformation
Security Best Practices
- •Implement authentication guards
- •Use role-based authorization
- •Validate all inputs at boundaries
- •Sanitize outputs to prevent XSS