A production-grade banking/financial REST API built with Go, demonstrating enterprise-level development practices including clean architecture, robust security, high performance, and modern DevOps practices.
- User Management: Registration, authentication with JWT (access + refresh tokens), profile management
- Account Management: Create checking/savings accounts, multi-currency support (USD, EUR, GBP)
- Money Transfers: Transfer between accounts with full ACID compliance, idempotency support
- Transaction History: Complete audit trail with pagination
- Clean Architecture: Domain-driven design with clear separation of concerns
- Security: JWT authentication, bcrypt password hashing, rate limiting, audit logging
- Performance: Redis caching, PostgreSQL connection pooling, graceful shutdown
- DevOps: Docker, Kubernetes manifests, GitHub Actions CI/CD, Prometheus metrics
| Category |
Technology |
| Language |
Go 1.22+ |
| Framework |
Gin |
| Database |
PostgreSQL 15+ |
| Cache |
Redis 7+ |
| Authentication |
JWT |
| Containerization |
Docker |
| Orchestration |
Kubernetes |
| CI/CD |
GitHub Actions |
| Monitoring |
Prometheus |
gobank/
├── cmd/api/ # Application entry point
├── internal/
│ ├── domain/ # Business entities and interfaces
│ │ ├── entity/
│ │ ├── repository/
│ │ └── service/
│ ├── usecase/ # Business logic
│ ├── adapter/ # Interface adapters
│ │ ├── handler/ # HTTP handlers
│ │ ├── repository/ # Repository implementations
│ │ └── middleware/
│ ├── infrastructure/ # External services
│ │ ├── config/
│ │ ├── database/
│ │ ├── logger/
│ │ └── server/
│ └── pkg/ # Shared utilities
├── migrations/ # Database migrations
├── deployments/
│ ├── docker/
│ └── kubernetes/
└── .github/workflows/ # CI/CD pipelines
- Go 1.22+
- Docker & Docker Compose
- PostgreSQL 15+ (or use Docker)
- Redis 7+ (or use Docker)
- Make (optional)
# Clone the repository
git clone https://github.com/yourusername/gobank.git
cd gobank
# Start all services
docker compose up -d
# The API will be available at http://localhost:8080
# Install dependencies
go mod download
# Copy environment file
cp .env.example .env
# Run database migrations
make migrate-up
# Run the application
make run
| Method |
Endpoint |
Description |
| POST |
/api/v1/auth/register |
Register new user |
| POST |
/api/v1/auth/login |
Login and get tokens |
| POST |
/api/v1/auth/refresh |
Refresh access token |
| POST |
/api/v1/auth/logout |
Invalidate refresh token |
| Method |
Endpoint |
Description |
| GET |
/api/v1/users/me |
Get current user profile |
| PUT |
/api/v1/users/me |
Update profile |
| Method |
Endpoint |
Description |
| POST |
/api/v1/accounts |
Create new account |
| GET |
/api/v1/accounts |
List user's accounts |
| GET |
/api/v1/accounts/:id |
Get account details |
| GET |
/api/v1/accounts/:id/transactions |
Get account transactions |
| Method |
Endpoint |
Description |
| POST |
/api/v1/transfers |
Create transfer |
| GET |
/api/v1/transfers |
List transfers |
| GET |
/api/v1/transfers/:id |
Get transfer details |
| Method |
Endpoint |
Description |
| GET |
/health |
Health check |
| GET |
/ready |
Readiness check |
| GET |
/metrics |
Prometheus metrics |
curl -X POST http://localhost:8080/api/v1/auth/register \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"password": "securepassword123",
"full_name": "John Doe"
}'curl -X POST http://localhost:8080/api/v1/auth/login \
-H "Content-Type: application/json" \
-d '{
"email": "[email protected]",
"password": "securepassword123"
}'curl -X POST http://localhost:8080/api/v1/accounts \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <access_token>" \
-d '{
"account_type": "checking",
"currency": "USD"
}'curl -X POST http://localhost:8080/api/v1/transfers \
-H "Content-Type: application/json" \
-H "Authorization: Bearer <access_token>" \
-H "X-Idempotency-Key: unique-key-123" \
-d '{
"from_account_id": "uuid-from",
"to_account_id": "uuid-to",
"amount": "100.00"
}'make build # Build the application
make run # Run the application
make test # Run tests
make lint # Run linter
make docker-up # Start Docker services
make docker-down # Stop Docker services
make migrate-up # Run migrations
make migrate-down # Rollback migrations
make help # Show all commands
# Run all tests
make test
# Run tests with coverage
make test-coverage
# Build Docker image
make docker-build
# Run with Docker Compose
docker compose up -d
# Apply Kubernetes manifests
kubectl apply -f deployments/kubernetes/
- JWT Authentication: Short-lived access tokens (15 min) with refresh token rotation
- Password Hashing: bcrypt with cost factor 12
- Rate Limiting: Redis-based sliding window rate limiting
- Input Validation: Comprehensive request validation
- SQL Injection Prevention: Parameterized queries throughout
- Audit Logging: All financial operations are logged
- Security Headers: CORS, Content-Type enforcement, XSS protection
- Clean Architecture: Separates business logic from infrastructure concerns
- Repository Pattern: Abstracts data access for easy testing and switching databases
- Dependency Injection: All dependencies are injected, enabling easy mocking
- Database Transactions: Financial operations use proper transaction isolation
- Idempotency: Transfer operations support idempotency keys
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature)
- Commit your changes (
git commit -m 'Add amazing feature')
- Push to the branch (
git push origin feature/amazing-feature)
- Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.