<p>The post <a href="https://medium.com/@benbjohnson/standard-package-layout-7cdbc8391fc1#.ei3510j4x">Standard package Layout</a> discusses how to layer different functionalities by wrapping the same interface.</p>
<p>For instance, <code>myapp.UserCache</code> wraps <code>postgres.UserService</code>, where both satisfy myapp.UserService` interface.</p>
<p>What would be a good approach to add validation and authorization (who has permission which endpoint, not to be mistaken with authentication)?</p>
<p>Would it be a good idea to have validation and authorization also as structures which satisfy <code>myapp.UserService</code>? So it would like:</p>
<p><em>Authorization wraps validation wraps caching wraps datastore</em></p>
<p>At this point, the service interface feels like what middleware do.</p>
<p>One advantage of authorization satisfying <code>myapp.UserService</code> is that, if it does not, then you can find out which service endpoints are not covered at compile time.</p>
<p>Maybe <a href="/u/benbjohnson">/u/benbjohnson</a> could join this discussion too!</p>
