Documentation
¶
Overview ¶
Package middleware provides HTTP middleware for the API server.
Package middleware provides HTTP middleware for the API.
Index ¶
- Constants
- func GetOrg(ctx context.Context) *models.Organization
- func GetOrgID(ctx context.Context) string
- func GetResolvedAppID(ctx context.Context) string
- func GetUserEmail(ctx context.Context) string
- func GetUserID(ctx context.Context) string
- func OrgContext(st store.Store, logger *slog.Logger) func(http.Handler) http.Handler
- func Recovery(logger *slog.Logger) func(http.Handler) http.Handler
- func RequestLogger(logger *slog.Logger) func(http.Handler) http.Handler
- func RequireOwnership(st store.Store, logger *slog.Logger) func(http.Handler) http.Handler
- type AuthMiddleware
Constants ¶
const ( // UserIDKey is the context key for the authenticated user ID. UserIDKey contextKey = "user_id" // UserEmailKey is the context key for the authenticated user email. UserEmailKey contextKey = "user_email" )
const OrgContextKey contextKey = "org"
OrgContextKey is the context key for the organization.
Variables ¶
This section is empty.
Functions ¶
func GetOrg ¶
func GetOrg(ctx context.Context) *models.Organization
GetOrg extracts the organization from the request context.
func GetOrgID ¶
GetOrgID extracts the organization ID from the request context. Returns empty string if no organization is set. Requirements: 3.2
func GetResolvedAppID ¶
GetResolvedAppID extracts the resolved app ID from the request context. This is set by RequireOwnership middleware after resolving name to ID.
func GetUserEmail ¶
GetUserEmail extracts the user email from the request context.
func OrgContext ¶
OrgContext returns a middleware that extracts and validates organization context. It extracts the organization from: 1. X-Org-Slug header 2. current_org cookie 3. Falls back to user's default organization
The middleware validates that the user is a member of the organization. If validation fails, it returns a forbidden error.
Requirements: 3.1, 3.2, 3.3, 3.4
func RequestLogger ¶
RequestLogger returns a middleware that logs HTTP requests.
func RequireOwnership ¶
RequireOwnership returns a middleware that verifies the authenticated user owns the resource or is a member of the app's organization. It expects the appID to be in the URL path parameter. The appID can be either a UUID or an app name. Requirements: 4.1, 4.2
Types ¶
type AuthMiddleware ¶
type AuthMiddleware struct {
// contains filtered or unexported fields
}
AuthMiddleware handles JWT and API key authentication.
func NewAuthMiddleware ¶
func NewAuthMiddleware(authService *auth.Service, apiKeyHeader string, logger *slog.Logger) *AuthMiddleware
NewAuthMiddleware creates a new authentication middleware.
func (*AuthMiddleware) Authenticate ¶
func (m *AuthMiddleware) Authenticate(next http.Handler) http.Handler
Authenticate is a middleware that validates JWT tokens or API keys. It supports authentication via: - X-API-Key header - Authorization: Bearer <token> header - ?token=<jwt> query parameter (for SSE endpoints that can't set headers)
Source Files