适用于小型Web应用程序的体系结构

I require to architect a web app that typically has the following specifications:

  • Expected maximum load of tens of simultaneous users
  • A simple authentication token system, with around a few hundred unique users over the lifetime, with a proprietory nature
  • A static data source that is common to all users, with the following characteristics:
    1. A couple of arrays of thousand elements of a custom type (with around 4-5 attributes)
    2. A couple of square matrices (float 64-bit) of size thousand
  • Each user may demand small computations on the common data, that must be displayed on their browser.

Queries:

  1. Considering the size, should I use a database for storing the static data, or rely on in-memory arrays by initial reading from a file?
  2. I need a custom domain, that I can buy from popular registrar websites. Should I host the web app on cloud services such as Google App Engine, or will a private server machine at my location suffice?
  3. Security of the application code and data of the website is significantly important (even from the users!). Further I need a simple login/authentication system. How should I manage the file of registered users?
  4. For user-requested computations, I am intending to use JSON to transfer data to and from the server, over POST requests. Is that the correct approach?

Background:

The web app is being built using Go (Golang) for the back-end and JavaScript/CSS/HTML for the front-end.

I am a well-versed application developer (use C# and MATLAB mostly), but this a relatively "younger" attempt on a web-app. My primary concern at this point is the correct architecture. Therefore please guide me to suitable resources if I have got anything fundamentally wrong.

Thank you!

  1. You're probably better off using a database, you might be able to get away with just reading in some text file with user data but it's pretty easy to set up some minimalistic db like SQLite.

  2. You'll probably want to just use AWS or Googles thing, you're app is pretty small scale so you'll easily get away with their "micro" size nodes. And I think both of those services offer some kind of free tier.

  3. Correct, You'll want to use middleware such as gin-gonic that includes support for authentication. Also you'll probably want to familiarize yourself with password hashing if you're going to be implementing an authentication system.

  4. Yes, generally most web requests are done with JSON, sometimes XML is used as well.