middleware

package

v0.28.5 Latest Latest Go to latest Published: Jun 8, 2026 License: Apache-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/contenox/runtime

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func EnableCORS(cfg *CORSConfig, next http.Handler) http.Handler
func ExtractAndSetTokenMiddleware(next http.Handler) http.Handler
func JWTAuthMiddleware(tokenManager AuthzManager, next http.Handler) http.Handler
func JWTRefreshMiddleware(tokenManager AuthzManager, next http.Handler) http.Handler
func RequireAuth(next http.Handler) http.Handler
type AuthZReader
type AuthzManager
type CORSConfig
type LoginManager
type LoginResponse
- func GetLoginResponse(ctx context.Context, auth AuthZReader) (LoginResponse, error)

Constants ¶

View Source

const (
	DefaultAllowedAPIOrigins = "*"
	DefaultAllowedMethods    = "GET,POST,PUT,PATCH,DELETE,OPTIONS"
	DefaultAllowedHeaders    = "Content-Type,Authorization,X-Request-ID"
)

Variables ¶

This section is empty.

Functions ¶

func EnableCORS ¶

func EnableCORS(cfg *CORSConfig, next http.Handler) http.Handler

func ExtractAndSetTokenMiddleware ¶

func ExtractAndSetTokenMiddleware(next http.Handler) http.Handler

ExtractAndSetTokenMiddleware extracts a token from Authorization header or auth_token cookie and injects it into the context under libauth.ContextTokenKey.

func JWTAuthMiddleware ¶

func JWTAuthMiddleware(tokenManager AuthzManager, next http.Handler) http.Handler

JWTAuthMiddleware validates the token and enriches context with identity and permissions. Missing tokens are passed through so route-level auth can decide whether the endpoint is public.

func JWTRefreshMiddleware ¶

func JWTRefreshMiddleware(tokenManager AuthzManager, next http.Handler) http.Handler

JWTRefreshMiddleware attempts to refresh browser-client tokens.

func RequireAuth ¶

func RequireAuth(next http.Handler) http.Handler

Types ¶

type AuthZReader ¶

type AuthZReader interface {
	GetIdentity(ctx context.Context) (string, error)
	GetUsername(ctx context.Context) (string, error)
	GetPermissions(ctx context.Context) (libauth.Authz, error)
	GetTokenString(ctx context.Context) (string, error)
	GetExpiresAt(ctx context.Context) (time.Time, error)
}

type AuthzManager ¶

type AuthzManager interface {
	RefreshToken(ctx context.Context, tokenString string, withGracePeriod *time.Duration) (string, bool, time.Time, error)
	CreateAuthToken(ctx context.Context, subject string, permissions libauth.Authz) (string, time.Time, error)
	ValidateAuthToken(ctx context.Context) (context.Context, error)
	SetToken(ctx context.Context, tokenString string) (context.Context, error)
	AuthZReader
}

type CORSConfig ¶

type CORSConfig struct {
	AllowedAPIOrigins string `json:"allowed_api_origins"`
	AllowedMethods    string `json:"allowed_methods"`
	AllowedHeaders    string `json:"allowed_headers"`
	ProxyOrigin       string `json:"proxy_origin"`
}

type LoginManager ¶

type LoginManager interface {
	Login(ctx context.Context, username, password string) (LoginResponse, error)
}

type LoginResponse ¶

type LoginResponse struct {
	Token     string    `json:"token"`
	ExpiresAt time.Time `json:"expires_at"`
	UserID    string    `json:"user_id"`
	Username  string    `json:"username"`
}

func GetLoginResponse ¶

func GetLoginResponse(ctx context.Context, auth AuthZReader) (LoginResponse, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL