middleware

package

v1.19.0 Latest Latest Go to latest Published: May 11, 2026 License: BSD-3-Clause Imports: 27 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/getarcaneapp/arcane

Links

Open Source Insights

Documentation ¶

Index ¶

func NewEnvProxyMiddlewareWithParam(localID, paramName string, resolver EnvResolver, authValidator AuthValidator) gin.HandlerFunc
func NewEnvProxyMiddlewareWithParamAndRegistry(localID, paramName string, resolver EnvResolver, authValidator AuthValidator, ...) gin.HandlerFunc
func PerAgentTokenRateLimit(perMinute int, burst int) gin.HandlerFunc
func PerIPRateLimit(perMinute int, burst int) gin.HandlerFunc
type ApiKeyValidator
type AuthMiddleware
- func NewAuthMiddleware(authService *services.AuthService, cfg *config.Config) *AuthMiddleware
type AuthOptions
type AuthValidator
type CORSMiddleware
- func NewCORSMiddleware(cfg *config.Config) *CORSMiddleware
- func (m *CORSMiddleware) Add() gin.HandlerFunc
type EnvResolver
type EnvironmentAccessTokenResolver
type EnvironmentMiddleware
- func (m *EnvironmentMiddleware) Handle(c *gin.Context)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func NewEnvProxyMiddlewareWithParam ¶

func NewEnvProxyMiddlewareWithParam(localID, paramName string, resolver EnvResolver, authValidator AuthValidator) gin.HandlerFunc

NewEnvProxyMiddlewareWithParam creates middleware that proxies requests to remote environments. - localID: the ID representing the local environment (requests to this ID are not proxied) - paramName: the URL parameter name containing the environment ID (e.g., "id") - resolver: function to resolve environment ID to connection details - envService: environment service for additional lookups - authValidator: function to validate authentication before proxying (required for security)

func NewEnvProxyMiddlewareWithParamAndRegistry ¶ added in v1.16.0

func NewEnvProxyMiddlewareWithParamAndRegistry(
	localID,
	paramName string,
	resolver EnvResolver,
	authValidator AuthValidator,
	registry *edge.TunnelRegistry,
) gin.HandlerFunc

NewEnvProxyMiddlewareWithParamAndRegistry creates middleware with an injected tunnel registry.

func PerAgentTokenRateLimit ¶ added in v1.19.0

func PerAgentTokenRateLimit(perMinute int, burst int) gin.HandlerFunc

PerAgentTokenRateLimit returns a Gin middleware that limits requests per edge agent token to the given rate and burst. Requests without a token pass through so endpoint authentication can return the canonical auth error. This is a token-scoped limiter only; enrollment and tunnel routes must also stack PerIPRateLimit before it to provide IP-level back-pressure when tokens are missing, invalid, rotated, or stolen.

func PerIPRateLimit ¶ added in v1.19.0

func PerIPRateLimit(perMinute int, burst int) gin.HandlerFunc

PerIPRateLimit returns a Gin middleware that limits requests per client IP to the given rate and burst. It responds with 429 when the limit is exceeded. It is intended for public unauthenticated or weakly-authenticated endpoints such as agent mTLS enrollment.

Types ¶

type ApiKeyValidator ¶

type ApiKeyValidator interface {
	ValidateApiKey(ctx context.Context, rawKey string) (*models.User, error)
}

type AuthMiddleware ¶

type AuthMiddleware struct {
	// contains filtered or unexported fields
}

func NewAuthMiddleware ¶

func NewAuthMiddleware(authService *services.AuthService, cfg *config.Config) *AuthMiddleware

func (*AuthMiddleware) Add ¶

func (m *AuthMiddleware) Add() gin.HandlerFunc

func (*AuthMiddleware) WithAdminNotRequired ¶

func (m *AuthMiddleware) WithAdminNotRequired() *AuthMiddleware

func (*AuthMiddleware) WithApiKeyValidator ¶

func (m *AuthMiddleware) WithApiKeyValidator(validator ApiKeyValidator) *AuthMiddleware

func (*AuthMiddleware) WithEnvironmentAccessTokenResolver ¶ added in v1.18.0

func (m *AuthMiddleware) WithEnvironmentAccessTokenResolver(resolver EnvironmentAccessTokenResolver) *AuthMiddleware

type AuthOptions ¶

type AuthOptions struct {
	AdminRequired   bool
	SuccessOptional bool
}

type AuthValidator ¶

type AuthValidator func(ctx context.Context, c *gin.Context) bool

AuthValidator validates authentication for a request. Returns true if the request is authenticated, false otherwise.

type CORSMiddleware ¶

type CORSMiddleware struct {
	// contains filtered or unexported fields
}

func NewCORSMiddleware ¶

func NewCORSMiddleware(cfg *config.Config) *CORSMiddleware

func (*CORSMiddleware) Add ¶

func (m *CORSMiddleware) Add() gin.HandlerFunc

type EnvResolver ¶

type EnvResolver func(ctx context.Context, id string) (string, *string, bool, error)

EnvResolver resolves an environment ID to its connection details. Returns: apiURL, accessToken, enabled, error

type EnvironmentAccessTokenResolver ¶ added in v1.18.0

type EnvironmentAccessTokenResolver interface {
	ResolveEnvironmentByAccessToken(ctx context.Context, token string) (*models.Environment, error)
}

type EnvironmentMiddleware ¶

type EnvironmentMiddleware struct {
	// contains filtered or unexported fields
}

EnvironmentMiddleware proxies requests for remote environments to their respective agents.

func (*EnvironmentMiddleware) Handle ¶

func (m *EnvironmentMiddleware) Handle(c *gin.Context)

Handle is the main middleware handler.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL