Implementing a File Upload Service in Go

By Alessandro D.P.3 min readMarch 6, 2026

In this tutorial, we will create a basic web server that allows users to upload files. We will focus on handling multipart form data, validating file types, and saving files to the server's filesystem. By the end, you will have a solid understanding of how to implement file uploads in Go.

Prerequisites

To follow along, ensure you have the following:

Go installed on your machine (version 1.16 or later).
Basic knowledge of Go syntax and web programming.

Setting Up the Project

Create a new directory for your project and initialize a Go module:

mkdir file-upload-service
cd file-upload-service
go mod init file-upload-service

Next, create a new file named main.go:

touch main.go

Implementing the File Upload Handler

In main.go, we will implement a simple HTTP server with a file upload handler. Here’s the code:

package main

import (
    "fmt"
    "io/ioutil"
    "net/http"
    "os"
)

func uploadFile(w http.ResponseWriter, r *http.Request) {
    if r.Method != http.MethodPost {
        http.Error(w, "Invalid request method", http.StatusMethodNotAllowed)
        return
    }

    // Parse the multipart form
    err := r.ParseMultipartForm(10 << 20) // Limit the size to 10 MB
    if err != nil {
        http.Error(w, "Unable to parse form", http.StatusBadRequest)
        return
    }

    // Retrieve the file from the form
    file, _, err := r.FormFile("file")
    if err != nil {
        http.Error(w, "Error retrieving the file", http.StatusBadRequest)
        return
    }
    defer file.Close()

    // Read the file content
    fileBytes, err := ioutil.ReadAll(file)
    if err != nil {
        http.Error(w, "Error reading the file", http.StatusInternalServerError)
        return
    }

    // Validate the file type (for example, only allow .txt files)
    if !isValidFileType(fileBytes) {
        http.Error(w, "Invalid file type", http.StatusBadRequest)
        return
    }

    // Save the file to the server
    err = saveFile("uploads", fileBytes)
    if err != nil {
        http.Error(w, "Error saving the file", http.StatusInternalServerError)
        return
    }

    fmt.Fprintf(w, "File uploaded successfully!")
}

func isValidFileType(fileBytes []byte) bool {
    // Check the file type (for example, this checks for a .txt file)
    return len(fileBytes) > 0 && fileBytes[0] == 0xEF // Example for a specific file type
}

func saveFile(directory string, fileBytes []byte) error {
    // Create the uploads directory if it doesn't exist
    if _, err := os.Stat(directory); os.IsNotExist(err) {
        os.Mkdir(directory, 0755)
    }

    // Save the file
    return ioutil.WriteFile(fmt.Sprintf("%s/uploaded_file.txt", directory), fileBytes, 0644)
}

func main() {
    http.HandleFunc("/upload", uploadFile)
    fmt.Println("Server started at :8080")
    http.ListenAndServe(":8080", nil)
}

Explanation of the Code

HTTP Method Check: We ensure that the request method is POST. If not, we return a 405 Method Not Allowed error.

Parsing Multipart Form: We parse the incoming request to handle multipart form data, allowing file uploads.

File Retrieval: We retrieve the uploaded file using r.FormFile("file"). This is where the file input name from the HTML form should match.

File Type Validation: The isValidFileType function checks the file's content to ensure it meets our criteria (in this case, we are checking for a specific file type).

File Saving: The saveFile function creates an "uploads" directory (if it doesn't exist) and saves the uploaded file.

Running the Server

To run the server, execute the following command in your terminal:

go run main.go

You should see the message "Server started at :8080". You can now test the file upload functionality.

Testing the File Upload

Create a simple HTML form to test the file upload. Create a file named index.html:

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>File Upload</title>
</head>
<body>
    <h1>Upload a File</h1>
    <form action="http://localhost:8080/upload" method="post" enctype="multipart/form-data">
        <input type="file" name="file" />
        <button type="submit">Upload</button>
    </form>
</body>
</html>

Open this HTML file in your browser, select a file, and click "Upload". You should see a success message if the upload is successful.

Best Practices

File Size Limit: Always set a limit on the size of the files that can be uploaded to prevent abuse.
File Type Validation: Validate file types to ensure that only acceptable formats are uploaded.
Error Handling: Implement robust error handling to provide clear feedback to users.
Security Considerations: Be cautious about file paths and permissions to avoid security vulnerabilities such as directory traversal attacks.

Conclusion

In this tutorial, we implemented a simple file upload service in Go, covering essential aspects such as file handling, validation, and error management. By following best practices, you can ensure a secure and efficient file upload process in your applications.

Learn more with useful resources: