Documentation
¶
Index ¶
- func CORSMiddleware(cfg *CorsConfig) gin.HandlerFunc
- func CSRFProtection() gin.HandlerFunc
- func GenerateCSRFToken(c *gin.Context) string
- func RateLimitMiddleware(r rate.Limit, b int) gin.HandlerFunc
- func SecurityMiddleware(config *SecurityConfig) gin.HandlerFunc
- type ClientRateLimiter
- type CorsConfig
- type SecurityConfig
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CORSMiddleware ¶
func CORSMiddleware(cfg *CorsConfig) gin.HandlerFunc
func CSRFProtection ¶
func CSRFProtection() gin.HandlerFunc
CSRFProtection implements CSRF protection middleware
func GenerateCSRFToken ¶
GenerateCSRFToken generates a CSRF token for the current session
func RateLimitMiddleware ¶
func RateLimitMiddleware(r rate.Limit, b int) gin.HandlerFunc
RateLimitMiddleware creates a Gin middleware for rate limiting
func SecurityMiddleware ¶
func SecurityMiddleware(config *SecurityConfig) gin.HandlerFunc
SecurityMiddleware adds security headers to each response
Types ¶
type ClientRateLimiter ¶
type ClientRateLimiter struct {
// contains filtered or unexported fields
}
ClientRateLimiter manages per-client rate limiters
func NewClientRateLimiter ¶
func NewClientRateLimiter(r rate.Limit, b int) *ClientRateLimiter
NewClientRateLimiter creates a new ClientRateLimiter
func (*ClientRateLimiter) GetLimiter ¶
func (rl *ClientRateLimiter) GetLimiter(ip string) *rate.Limiter
GetLimiter returns a rate limiter for the specified IP address
type CorsConfig ¶
type CorsConfig struct {
CorsEnabled bool `json:"corsEnabled""`
AllowOrigins []string `json:"allowOrigins"`
AllowMethods []string `json:"allowMethods"`
AllowHeaders []string `json:"allowHeaders"`
ExposeHeaders []string `json:"exposeHeaders"`
AllowCredentials bool `json:"allowCredentials"`
MaxAge int `json:"maxAgeSeconds"`
Vary string `json:"vary"`
DevMode bool `json:"devMode"`
}
func NewCorsConfig ¶
func NewCorsConfig() *CorsConfig
func (*CorsConfig) Validate ¶
func (c *CorsConfig) Validate() error
type SecurityConfig ¶
type SecurityConfig struct {
// Content Security Policy
CSP string
// XSS Protection header
XSSProtection string
// X-Content-Type-Options header
ContentTypeOptions string
// Referrer-Policy header
ReferrerPolicy string
// Strict-Transport-Security header
HSTS string
// X-Frame-Options header
FrameOptions string
// Feature-Policy header
FeaturePolicy string
// Cache-Control header
CacheControl string
// Generate and add CSP nonce to requests
UseCSPNonce bool
// Rate limiting enabled
EnableRateLimit bool
// Rate limit per minute
RateLimit int
}
SecurityConfig contains configuration for security headers
func DefaultSecurityConfig ¶
func DefaultSecurityConfig() *SecurityConfig
DefaultSecurityConfig returns security configuration with sane defaults
Source Files
Click to show internal directories.
Click to hide internal directories.