Documentation
¶
Overview ¶
Package server provides HTTP server implementation for memsh, including request handlers, middleware, and server configuration.
The server supports:
- RESTful API endpoints for shell execution
- Session management with persistent virtual filesystems
- Tab completion via POST /complete
- Session snapshot import/export
- Health check endpoint
- Web terminal UI
Index ¶
- Constants
- Variables
- func APIKeyMiddleware(next http.Handler, key string, excludedPaths ...string) http.Handler
- func CORSMiddleware(next http.Handler, allowedOrigin string) http.Handler
- func New(cfg Config) (*http.Server, error)
- func SecurityHeadersMiddleware(next http.Handler) http.Handler
- func StartCronScheduler(ctx context.Context, store *session.Store, baseOpts []shell.Option, ...)
- func WriteJSON(w http.ResponseWriter, status int, v any)
- type Config
- type Handler
Constants ¶
const ( // MaxRequestBodySize limits the size of incoming JSON request bodies (1 MB). MaxRequestBodySize = 1 << 20 // MinTimeout is the minimum enforced per-request timeout even if --timeout=0. MinTimeout = 5 * time.Second )
Variables ¶
var BaseOpts = []shell.Option{ shell.WithInheritEnv(false), }
BaseOpts are shell options that should always be applied in server mode.
Functions ¶
func APIKeyMiddleware ¶
APIKeyMiddleware enforces Bearer token authentication on all endpoints except those specified in excludedPaths (typically GET / and GET /health).
Clients must include the header: Authorization: Bearer <key>
Returns 401 Unauthorized if the Authorization header is missing or malformed. Returns 403 Forbidden if the API key doesn't match. Allows unauthenticated access to paths in excludedPaths.
func CORSMiddleware ¶
CORSMiddleware adds CORS headers for the specified allowed origin. Sets Access-Control-Allow-Origin, Allow-Methods, and Allow-Headers. Responds with 204 No Content to OPTIONS preflight requests.
func New ¶
New creates a new HTTP server with the given configuration.
The server includes:
- Middleware chain (auth, security headers, CORS)
- All route handlers registered
- Proper timeouts configured
Returns an error if shell config loading fails.
func SecurityHeadersMiddleware ¶
SecurityHeadersMiddleware adds security headers to all responses:
- Content-Security-Policy: restricts resource loading to same-origin
- X-Content-Type-Options: prevents MIME type sniffing
- X-Frame-Options: prevents clickjacking (DENY all framing)
- Referrer-Policy: controls referrer information in navigation
func StartCronScheduler ¶
func StartCronScheduler(ctx context.Context, store *session.Store, baseOpts []shell.Option, timeout time.Duration)
StartCronScheduler starts the cron scheduler for the session store. It runs in a background goroutine and should be cancelled via the context when the server shuts down. The scheduler fires every minute for all active sessions, executing cron jobs from their respective /.crontab files.
func WriteJSON ¶
func WriteJSON(w http.ResponseWriter, status int, v any)
WriteJSON writes a JSON response with the given status code. The response body is encoded using json.NewEncoder with Content-Type set to "application/json". Errors during encoding are silently ignored as the headers have already been written.
Types ¶
type Config ¶
type Config struct {
Addr string // TCP address to listen on (e.g., ":8080")
TTL time.Duration // Session idle timeout before reaping
Timeout time.Duration // Per-request execution timeout
CORSOrigin string // CORS allowed origin (empty = no CORS)
APIKey string // API key for Bearer authentication (empty = no auth)
MaxSessions int // Maximum concurrent sessions (0 = unlimited)
SessionStore *session.Store // Session store for persistence
}
Config holds the HTTP server configuration.
type Handler ¶
type Handler struct {
Store *session.Store
BaseOpts []shell.Option
Timeout time.Duration
StartTime time.Time
}
Handler dependencies.
func NewHandler ¶
NewHandler creates a new HTTP handler with the given dependencies.
func (*Handler) RegisterRoutes ¶
RegisterRoutes registers all HTTP routes with the given mux.
Source Files