How I built a Go middleware for Stripe-style idempotency-key handling

Retries in payment and order APIs are a classic footgun. Your client times out, retries the request,...

martedì 2 giugno 2026 New tab

500 words~2 min read

Retries in payment and order APIs are a classic footgun. Your client times out, retries the request, and you've just charged someone twice. The fix is idempotency-key handling, but getting it right is harder than it looks.

The naive approach breaks under load

The obvious solution is Redis SETNX: claim a key before running the handler, release it after. Works fine on the happy path. Breaks in at least three ways:

Two identical requests arrive simultaneously before either has claimed the key. Both get through and execute.

Your handler panics or returns an error. The lock never gets released.

How I built a Go middleware for Stripe-style idempotency-key handling

How I built a Go middleware for Stripe-style idempotency-key handling

Related reading

Idempotency Keys: The API Pattern That Saves You From Duplicate Payments and…

Idempotency Keys: The API Pattern That Prevents Duplicate Charges (and Worse)

Idempotency Keys: The One API Pattern That Prevents Duplicate Charges (and…

Idempotency Keys: The API Safety Net You're Probably Not Using

Building a Resilient Checkout in NestJS: Retry, Idempotency, and a System That…

Idempotency Keys: The Simple Trick That Prevents Duplicate Payments and Ghost…

Related reading

Idempotency Keys: The API Pattern That Saves You From Duplicate Payments and…

Idempotency Keys: The API Pattern That Prevents Duplicate Charges (and Worse)

Idempotency Keys: The One API Pattern That Prevents Duplicate Charges (and…

Idempotency Keys: The API Safety Net You're Probably Not Using

Building a Resilient Checkout in NestJS: Retry, Idempotency, and a System That…

Idempotency Keys: The Simple Trick That Prevents Duplicate Payments and Ghost…