Documentation
¶
Overview ¶
Package middlewares contains server-owned Echo middleware adapters.
Index ¶
- Constants
- func APIKey(config *APIKeyConfig) (echo.MiddlewareFunc, error)
- func ApplyMiddlewares(e *echo.Echo, config *MiddlewareConfig) error
- func CSRFConfig(skipPaths []string, secureCookies bool) middleware.CSRFConfig
- func ClearCSRFCookie(c *echo.Context, secure bool)
- func ClearLoginSessionCookie(c *echo.Context, secure bool)
- func ErrorHandler(c *echo.Context, err error)
- func ErrorHandlerWithRecorder(recorder SystemErrorRecorder) echo.HTTPErrorHandler
- func ErrorRecovery() echo.MiddlewareFunc
- func FormatLoginSessionID(id int64) string
- func InstallationGate(config *InstallationGateConfig) (echo.MiddlewareFunc, error)
- func LoginSession(config *LoginSessionConfig) (echo.MiddlewareFunc, error)
- func NewCSRFToken() (string, error)
- func RequestContext() echo.MiddlewareFunc
- func SetCSRFCookie(c *echo.Context, token string, expiresAt time.Time, secure bool)
- func SetLoginSessionCookie(c *echo.Context, token string, expiresAt time.Time, secure bool)
- type APIKeyConfig
- type APIKeyIdentity
- type APIKeyVerifier
- type InstallationGateConfig
- type InstallationStateReader
- type LoginSessionAuthenticator
- type LoginSessionConfig
- type LoginSessionIdentity
- type MiddlewareConfig
- type SystemErrorInput
- type SystemErrorRecorder
- type Validator
Constants ¶
const ( // LoginSessionCookieName is the HttpOnly browser credential for login // sessions. LoginSessionCookieName = "login_session" // CSRFCookieName is the browser-readable double-submit CSRF cookie. CSRFCookieName = "csrf_token" )
const APIKeyHeader = "X-API-Token"
APIKeyHeader is the header used for back-office API token authentication.
Variables ¶
This section is empty.
Functions ¶
func APIKey ¶
func APIKey(config *APIKeyConfig) (echo.MiddlewareFunc, error)
APIKey creates middleware that authenticates requests carrying an API token.
func ApplyMiddlewares ¶
func ApplyMiddlewares(e *echo.Echo, config *MiddlewareConfig) error
ApplyMiddlewares installs server-owned middleware.
func CSRFConfig ¶
func CSRFConfig(skipPaths []string, secureCookies bool) middleware.CSRFConfig
CSRFConfig returns the Echo CSRF middleware configuration used for browser login-session requests.
func ClearCSRFCookie ¶
ClearCSRFCookie removes the browser-readable CSRF token.
func ClearLoginSessionCookie ¶
ClearLoginSessionCookie removes the browser session credential.
func ErrorHandler ¶
ErrorHandler renders API errors without persistent system error recording.
func ErrorHandlerWithRecorder ¶
func ErrorHandlerWithRecorder(recorder SystemErrorRecorder) echo.HTTPErrorHandler
ErrorHandlerWithRecorder renders API errors and records internal failures.
func ErrorRecovery ¶
func ErrorRecovery() echo.MiddlewareFunc
ErrorRecovery recovers panics at the HTTP boundary.
func FormatLoginSessionID ¶
FormatLoginSessionID converts positive numeric IDs to request metadata.
func InstallationGate ¶
func InstallationGate(config *InstallationGateConfig) (echo.MiddlewareFunc, error)
InstallationGate blocks normal administration routes until setup completes.
func LoginSession ¶
func LoginSession(config *LoginSessionConfig) (echo.MiddlewareFunc, error)
LoginSession creates browser login-session authentication middleware.
func NewCSRFToken ¶
NewCSRFToken creates a browser-readable CSRF token for login responses.
func RequestContext ¶
func RequestContext() echo.MiddlewareFunc
RequestContext stores request-scoped metadata in the standard context.
func SetCSRFCookie ¶
SetCSRFCookie stores the browser-readable CSRF token used by Echo's CSRF middleware.
Types ¶
type APIKeyConfig ¶
type APIKeyConfig struct {
Header string
Verifier APIKeyVerifier
Enabled bool
}
APIKeyConfig controls API token authentication middleware.
func DefaultAPIKeyConfig ¶
func DefaultAPIKeyConfig() *APIKeyConfig
DefaultAPIKeyConfig returns disabled API token authentication defaults.
type APIKeyIdentity ¶
APIKeyIdentity is the request identity produced by a verified API token.
type APIKeyVerifier ¶
type APIKeyVerifier interface {
VerifyAPIKey(context.Context, string) (APIKeyIdentity, error)
}
APIKeyVerifier validates a raw API token without exposing token storage to the server.
type InstallationGateConfig ¶
type InstallationGateConfig struct {
Reader InstallationStateReader
SkipPaths []string
Enabled bool
}
InstallationGateConfig controls the uninitialized-system route gate.
func DefaultInstallationGateConfig ¶
func DefaultInstallationGateConfig() *InstallationGateConfig
DefaultInstallationGateConfig returns the public setup and system routes that remain reachable before first initialization completes.
type InstallationStateReader ¶
InstallationStateReader reports whether first initialization has completed.
type LoginSessionAuthenticator ¶
type LoginSessionAuthenticator interface {
AuthenticateLoginSession(context.Context, string) (LoginSessionIdentity, error)
}
LoginSessionAuthenticator validates browser login session credentials.
type LoginSessionConfig ¶
type LoginSessionConfig struct {
CookieName string
SkipPaths []string
Authenticator LoginSessionAuthenticator
Enabled bool
}
LoginSessionConfig controls browser login-session authentication.
func DefaultLoginSessionConfig ¶
func DefaultLoginSessionConfig() *LoginSessionConfig
DefaultLoginSessionConfig returns disabled login-session authentication defaults.
type LoginSessionIdentity ¶
LoginSessionIdentity is the request identity produced by a verified browser login session.
type MiddlewareConfig ¶
type MiddlewareConfig struct {
EnableRecovery bool
EnableRequestContext bool
EnableLogger bool
EnableTracing bool
TracingServiceName string
EnableGzip bool
EnableCORS bool
CORS middleware.CORSConfig
EnableAPIKey bool
APIKey *APIKeyConfig
EnableInstallationGate bool
InstallationGate *InstallationGateConfig
EnableLoginSession bool
LoginSession *LoginSessionConfig
EnableCSRF bool
CSRF middleware.CSRFConfig
}
MiddlewareConfig controls server-owned HTTP middleware.
func DefaultMiddlewareConfig ¶
func DefaultMiddlewareConfig() *MiddlewareConfig
DefaultMiddlewareConfig returns the HTTP middleware defaults.
type SystemErrorInput ¶
type SystemErrorInput struct {
Code int
Message string
Detail string
Method string
Path string
IP string
UserAgent string
RequestID string
UserID string
}
SystemErrorInput carries one internal API failure to a persistence adapter.
type SystemErrorRecorder ¶
type SystemErrorRecorder interface {
RecordSystemError(context.Context, SystemErrorInput) error
}
SystemErrorRecorder stores internal API failure diagnostics outside the server.