middleware

package

v0.2.0 Latest Latest Go to latest Published: Nov 11, 2024 License: GPL-2.0 Imports: 17 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/autobrr/dashbrr

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
Variables
func CSRF(config *CSRFConfig) gin.HandlerFunc
func Logger() gin.HandlerFunc
func Secure(config *SecureConfig) gin.HandlerFunc
func SetupCORS() gin.HandlerFunc
type AuthMiddleware
- func NewAuthMiddleware(cache cache.Store) *AuthMiddleware
- func (m *AuthMiddleware) OptionalAuth() gin.HandlerFunc
- func (m *AuthMiddleware) RequireAuth() gin.HandlerFunc
type CSRFConfig
- func DefaultCSRFConfig() *CSRFConfig
type CacheMiddleware
- func NewCacheMiddleware(store cache.Store) *CacheMiddleware
- func (m *CacheMiddleware) Cache() gin.HandlerFunc
type CachedResponse
type RateLimiter
- func NewRateLimiter(store cache.Store, window time.Duration, limit int, keyPrefix string) *RateLimiter
- func (rl *RateLimiter) RateLimit() gin.HandlerFunc
type SecureConfig
- func DefaultSecureConfig() *SecureConfig

Constants ¶

View Source

const (
	HealthCheckTTL = 5 * time.Minute  // 5 minutes for health checks
	DefaultTTL     = 30 * time.Second // 30 seconds default for other endpoints
)

Variables ¶

View Source

var (
	ErrTokenMissing  = errors.New("CSRF token missing")
	ErrTokenMismatch = errors.New("CSRF token mismatch")
)

Functions ¶

func CSRF ¶

func CSRF(config *CSRFConfig) gin.HandlerFunc

CSRF returns a middleware that provides CSRF protection

func Logger ¶

func Logger() gin.HandlerFunc

Logger returns a gin middleware for logging HTTP requests with zerolog

func Secure ¶

func Secure(config *SecureConfig) gin.HandlerFunc

Secure returns a middleware that adds security headers

func SetupCORS ¶

func SetupCORS() gin.HandlerFunc

SetupCORS returns the CORS middleware configuration

Types ¶

type AuthMiddleware ¶

type AuthMiddleware struct {
	// contains filtered or unexported fields
}

func NewAuthMiddleware ¶

func NewAuthMiddleware(cache cache.Store) *AuthMiddleware

func (*AuthMiddleware) OptionalAuth ¶

func (m *AuthMiddleware) OptionalAuth() gin.HandlerFunc

OptionalAuth middleware checks for authentication but doesn't require it

func (*AuthMiddleware) RequireAuth ¶

func (m *AuthMiddleware) RequireAuth() gin.HandlerFunc

RequireAuth middleware checks for valid authentication

type CSRFConfig ¶

type CSRFConfig struct {
	// Secure indicates if the cookie should be sent only over HTTPS
	Secure bool
	// Cookie path
	Path string
	// Cookie domain
	Domain string
	// Cookie max age in seconds
	MaxAge int
	// If true, cookie is not accessible via JavaScript
	HttpOnly bool
	// Methods that don't require CSRF validation
	ExemptMethods []string
	// Paths that don't require CSRF validation
	ExemptPaths []string
}

CSRFConfig holds configuration for CSRF protection

func DefaultCSRFConfig ¶

func DefaultCSRFConfig() *CSRFConfig

DefaultCSRFConfig returns the default CSRF configuration

type CacheMiddleware ¶

type CacheMiddleware struct {
	// contains filtered or unexported fields
}

func NewCacheMiddleware ¶

func NewCacheMiddleware(store cache.Store) *CacheMiddleware

func (*CacheMiddleware) Cache ¶

func (m *CacheMiddleware) Cache() gin.HandlerFunc

type CachedResponse ¶

type CachedResponse struct {
	Status      int               `json:"status"`
	Body        []byte            `json:"body"`
	ContentType string            `json:"content_type"`
	Headers     map[string]string `json:"headers"`
}

type RateLimiter ¶

type RateLimiter struct {
	// contains filtered or unexported fields
}

func NewRateLimiter ¶

func NewRateLimiter(store cache.Store, window time.Duration, limit int, keyPrefix string) *RateLimiter

NewRateLimiter creates a new rate limiter with the specified configuration

func (*RateLimiter) RateLimit ¶

func (rl *RateLimiter) RateLimit() gin.HandlerFunc

RateLimit returns a Gin middleware function that implements rate limiting

type SecureConfig ¶

type SecureConfig struct {
	CSPEnabled            bool
	CSPDefaultSrc         []string
	CSPScriptSrc          []string
	CSPStyleSrc           []string
	CSPImgSrc             []string
	CSPConnectSrc         []string
	CSPFontSrc            []string
	CSPObjectSrc          []string
	CSPMediaSrc           []string
	CSPFrameSrc           []string
	CSPWorkerSrc          []string
	CSPManifestSrc        []string
	HSTSEnabled           bool
	HSTSMaxAge            int
	HSTSIncludeSubdomains bool
	HSTSPreload           bool
	FrameGuardEnabled     bool
	FrameGuardAction      string // DENY, SAMEORIGIN
	ContentTypeNosniff    bool
	XSSProtection         bool
	XSSProtectionMode     string // "0", "1", "1; mode=block"
	ReferrerPolicy        string
}

SecureConfig holds configuration for secure headers

func DefaultSecureConfig ¶

func DefaultSecureConfig() *SecureConfig

DefaultSecureConfig returns the default secure configuration

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL