middleware

package
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 14, 2026 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BearerAuth

func BearerAuth(cfg *AuthConfig) gin.HandlerFunc

BearerAuth returns a Gin middleware that enforces Bearer token authentication.

Security features (aligned with OpenClaw auth.ts):

  • Uses crypto/subtle.ConstantTimeCompare to prevent timing attacks
  • Skips auth for local loopback requests when allowLocal is true
  • Whitelists /healthz and /version paths

func CORS

func CORS() gin.HandlerFunc

CORS returns a gin.HandlerFunc that sets CORS headers.

Types

type AuthConfig

type AuthConfig struct {
	// Enabled controls whether authentication is enforced.
	Enabled bool `json:"enabled"`

	// Token is the expected Bearer token value.
	// Can also be set via ECHORYN_GATEWAY_TOKEN environment variable.
	Token string `json:"token"`
}

AuthConfig holds configuration for Bearer token authentication. Modeled after OpenClaw's gateway/auth.ts — supports token + local bypass.

func (*AuthConfig) ResolveToken

func (c *AuthConfig) ResolveToken() string

ResolveToken returns the effective token, checking env vars as fallback.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL