middleware

package

v0.0.0-...-0732b9d Latest Latest Go to latest Published: Dec 16, 2025 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/Wikid82/charon

Links

Open Source Insights

Documentation ¶

Overview ¶

Package middleware provides Gin middleware for the Charon backend API.

It includes middleware for authentication, request logging, panic recovery, security headers, and request ID generation.

Index ¶

Constants
func AuthMiddleware(authService *services.AuthService) gin.HandlerFunc
func GetRequestLogger(c *gin.Context) *logrus.Entry
func Recovery(verbose bool) gin.HandlerFunc
func RequestID() gin.HandlerFunc
func RequestLogger() gin.HandlerFunc
func RequireRole(role string) gin.HandlerFunc
func SanitizeHeaders(h http.Header) map[string][]string
func SanitizePath(p string) string
func SecurityHeaders(cfg SecurityHeadersConfig) gin.HandlerFunc
type SecurityHeadersConfig
- func DefaultSecurityHeadersConfig() SecurityHeadersConfig

Constants ¶

View Source

const RequestIDHeader = "X-Request-ID"

Variables ¶

This section is empty.

Functions ¶

func AuthMiddleware ¶

func AuthMiddleware(authService *services.AuthService) gin.HandlerFunc

func GetRequestLogger ¶

func GetRequestLogger(c *gin.Context) *logrus.Entry

GetRequestLogger retrieves the request-scoped logger from context or the global logger

func Recovery ¶

func Recovery(verbose bool) gin.HandlerFunc

Recovery logs panic information. When verbose is true it logs stacktraces and basic request metadata for debugging.

func RequestID ¶

func RequestID() gin.HandlerFunc

RequestID generates a uuid per request and places it in context and header.

func RequestLogger ¶

func RequestLogger() gin.HandlerFunc

RequestLogger logs basic request information along with the request_id.

func RequireRole ¶

func RequireRole(role string) gin.HandlerFunc

func SanitizeHeaders ¶

func SanitizeHeaders(h http.Header) map[string][]string

SanitizeHeaders returns a map of header keys to redacted/sanitized values for safe logging. Sensitive headers are redacted; other values are sanitized using util.SanitizeForLog and truncated.

func SanitizePath ¶

func SanitizePath(p string) string

SanitizePath prepares a request path for safe logging by removing control characters and truncating long values. It does not include query parameters.

func SecurityHeaders ¶

func SecurityHeaders(cfg SecurityHeadersConfig) gin.HandlerFunc

SecurityHeaders returns middleware that sets security-related HTTP headers. This implements Phase 1 of the security hardening plan.

Types ¶

type SecurityHeadersConfig ¶

type SecurityHeadersConfig struct {
	// IsDevelopment enables less strict settings for local development
	IsDevelopment bool
	// CustomCSPDirectives allows adding extra CSP directives
	CustomCSPDirectives map[string]string
}

SecurityHeadersConfig holds configuration for the security headers middleware.

func DefaultSecurityHeadersConfig ¶

func DefaultSecurityHeadersConfig() SecurityHeadersConfig

DefaultSecurityHeadersConfig returns a secure default configuration.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL