middleware

package
v0.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 13, 2026 License: MIT Imports: 12 Imported by: 0

Documentation

Overview

Package middleware provides common HTTP middleware for the web application.

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func CORS

func CORS(allowedOrigins []string, allowedHeaders ...string) mux.Middleware

CORS middleware for handling CORS settings. If `*` is given, all origins will be accepted. Sensivle default headers are set, and can be optionally overridden with the variadic allowedHeaders parameter.

Example
package main

import (
	"context"
	"fmt"
	"net/http"
	"net/http/httptest"

	"github.com/adamwoolhether/httper/web/middleware"
)

func main() {
	cors := middleware.CORS([]string{"https://example.com"})

	handler := cors(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
		fmt.Fprint(w, "ok")
		return nil
	})

	w := httptest.NewRecorder()
	r := httptest.NewRequest(http.MethodGet, "/", nil)
	r.Header.Set("Origin", "https://example.com")

	handler(context.Background(), w, r)

	fmt.Println(w.Header().Get("Access-Control-Allow-Origin"))
	fmt.Println(w.Body.String())
}
Output:
https://example.com
ok

func CSRF

func CSRF(allowedOrigins ...string) mux.Middleware

CSRF uses the standard library CrossOriginProtection to prevent CSRF attacks.

Example
package main

import (
	"context"
	"fmt"
	"net/http"
	"net/http/httptest"

	"github.com/adamwoolhether/httper/web/middleware"
)

func main() {
	csrf := middleware.CSRF("https://example.com")

	handler := csrf(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
		fmt.Fprint(w, "protected")
		return nil
	})

	// Safe methods bypass CSRF checks.
	w := httptest.NewRecorder()
	r := httptest.NewRequest(http.MethodGet, "/", nil)
	handler(r.Context(), w, r)

	fmt.Println(w.Body.String())
}
Output:
protected

func CheckOriginFunc

func CheckOriginFunc(allowedOrigins []string) func(string) bool

CheckOriginFunc loads the list of allowed origins, and returns a func that determines if the given origin is valid against the allowable list.

Example
package main

import (
	"fmt"

	"github.com/adamwoolhether/httper/web/middleware"
)

func main() {
	check := middleware.CheckOriginFunc([]string{
		"https://example.com",
		"https://*.example.org",
	})

	fmt.Println(check("https://example.com"))
	fmt.Println(check("https://sub.example.org"))
	fmt.Println(check("https://other.com"))
}
Output:
true
true
false

func Errors

func Errors(log *slog.Logger) mux.Middleware

Errors handles errors coming out of the call chain.

Example
package main

import (
	"context"
	"fmt"
	"io"
	"log/slog"
	"net/http"
	"net/http/httptest"

	"github.com/adamwoolhether/httper/web/errs"
	"github.com/adamwoolhether/httper/web/middleware"
)

func main() {
	log := slog.New(slog.NewTextHandler(io.Discard, nil))
	errMW := middleware.Errors(log)

	handler := errMW(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
		return errs.New(http.StatusNotFound, fmt.Errorf("item not found"))
	})

	w := httptest.NewRecorder()
	r := httptest.NewRequest(http.MethodGet, "/", nil)
	handler(r.Context(), w, r)

	fmt.Println(w.Code)
	fmt.Println(w.Body.String())
}
Output:
404
{"code":404,"message":"item not found"}

func Logger

func Logger(log *slog.Logger) mux.Middleware

Logger logs the start and completion of each request, including method, path, remote address, status code, and elapsed time.

Example
package main

import (
	"context"
	"fmt"
	"io"
	"log/slog"
	"net/http"
	"net/http/httptest"

	"github.com/adamwoolhether/httper/web/middleware"
)

func main() {
	log := slog.New(slog.NewTextHandler(io.Discard, nil))
	logger := middleware.Logger(log)

	handler := logger(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
		fmt.Fprint(w, "logged")
		return nil
	})

	w := httptest.NewRecorder()
	r := httptest.NewRequest(http.MethodGet, "/test", nil)
	handler(r.Context(), w, r)

	fmt.Println(w.Body.String())
}
Output:
logged

func Panics

func Panics() mux.Middleware

Panics recovers from panics if they occur.

Example
package main

import (
	"context"
	"fmt"
	"net/http"
	"net/http/httptest"

	"github.com/adamwoolhether/httper/web/middleware"
)

func main() {
	panics := middleware.Panics()

	handler := panics(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
		fmt.Fprint(w, "safe")
		return nil
	})

	w := httptest.NewRecorder()
	r := httptest.NewRequest(http.MethodGet, "/", nil)
	handler(r.Context(), w, r)

	fmt.Println(w.Body.String())
}
Output:
safe

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL