Documentation
¶
Index ¶
- Constants
- func GetAPIKeyFromContext(ctx context.Context) (*state.WebAPIKey, bool)
- func GetDevIDFromContext(ctx context.Context) (string, bool)
- type APIKeyValidator
- type AuthMiddleware
- func (m *AuthMiddleware) Authenticate(next http.Handler) http.Handler
- func (m *AuthMiddleware) AuthenticateFlexible(next http.Handler) http.Handler
- func (m *AuthMiddleware) CORSMiddleware(next http.Handler) http.Handler
- func (m *AuthMiddleware) CapabilitiesMiddleware(requiredCapability string) func(http.Handler) http.Handler
- type RateLimitInfo
- type RateLimiter
Constants ¶
const ( // ContextKeyAPIKey is the context key for storing the validated API key. ContextKeyAPIKey contextKey = "api_key" // ContextKeyDevID is the context key for storing the developer ID. ContextKeyDevID contextKey = "dev_id" )
Variables ¶
This section is empty.
Functions ¶
func GetAPIKeyFromContext ¶
GetAPIKeyFromContext retrieves the API key from the request context.
Types ¶
type APIKeyValidator ¶
type APIKeyValidator interface {
// GetAPIKeyByDevKey retrieves and validates an API key by its dev_key value.
GetAPIKeyByDevKey(ctx context.Context, devKey string) (*state.WebAPIKey, error)
// UpdateLastUsed updates the last_used timestamp for an API key.
UpdateLastUsed(ctx context.Context, devKey string) error
}
APIKeyValidator defines methods for validating Web API keys.
type AuthMiddleware ¶
type AuthMiddleware struct {
Validator APIKeyValidator
RateLimiter *RateLimiter
Logger *slog.Logger
}
AuthMiddleware provides authentication and rate limiting for Web API endpoints.
func NewAuthMiddleware ¶
func NewAuthMiddleware(validator APIKeyValidator, logger *slog.Logger) *AuthMiddleware
NewAuthMiddleware creates a new authentication middleware instance.
func (*AuthMiddleware) Authenticate ¶
func (m *AuthMiddleware) Authenticate(next http.Handler) http.Handler
Authenticate is an HTTP middleware that validates API keys and enforces rate limits.
func (*AuthMiddleware) AuthenticateFlexible ¶
func (m *AuthMiddleware) AuthenticateFlexible(next http.Handler) http.Handler
AuthenticateFlexible is an HTTP middleware that supports multiple authentication methods: 1. aimsid (session ID) - no k required 2. a (AOL token) - no k required 3. ts + sig_sha256 (signed request) - no k required 4. k (API key) - fallback if no other auth provided This follows the Web AIM API specification where k is not required when aimsid is present.
func (*AuthMiddleware) CORSMiddleware ¶
func (m *AuthMiddleware) CORSMiddleware(next http.Handler) http.Handler
CORSMiddleware handles CORS headers based on allowed origins for the API key.
func (*AuthMiddleware) CapabilitiesMiddleware ¶
func (m *AuthMiddleware) CapabilitiesMiddleware(requiredCapability string) func(http.Handler) http.Handler
CapabilitiesMiddleware checks if the API key has the required capability for an endpoint.
type RateLimitInfo ¶
type RateLimitInfo struct {
Limit int // Total requests allowed per window
Remaining int // Requests remaining in current window
Reset int64 // Unix timestamp when the window resets
Allowed bool // Whether the request is allowed
}
RateLimitInfo contains rate limit metadata for a request.
type RateLimiter ¶
type RateLimiter struct {
// contains filtered or unexported fields
}
RateLimiter manages per-devID rate limiting for the Web API.
func NewRateLimiter ¶
func NewRateLimiter() *RateLimiter
NewRateLimiter creates a new rate limiter with automatic cleanup.
func (*RateLimiter) Allow ¶
func (r *RateLimiter) Allow(devID string, limit int) bool
Allow checks if a request from the given devID is allowed based on rate limits.
func (*RateLimiter) CheckRateLimit ¶
func (r *RateLimiter) CheckRateLimit(devID string, limit int) RateLimitInfo
CheckRateLimit checks if a request from the given devID is allowed and returns rate limit info.
Source Files