Documentation
¶
Overview ¶
Package middleware provides http middleware
Index ¶
- func GrantAccessFor(role identity.Role) func(next http.Handler) http.Handler
- func HSTS() gorouter.MiddlewareFunc
- func LimitRequestBody(n int64) gorouter.MiddlewareFunc
- func Logger(logger *log.Logger) gorouter.MiddlewareFunc
- func Metrics() gorouter.MiddlewareFunc
- func RateLimit(logger *log.Logger, r rate.Limit, b int, frequency time.Duration) gorouter.MiddlewareFunc
- func Recover(logger *log.Logger) gorouter.MiddlewareFunc
- func WithContainer(requestContainer gocontainer.Container) gorouter.MiddlewareFunc
- func WithMetadata() gorouter.MiddlewareFunc
- func XSS() gorouter.MiddlewareFunc
Examples ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GrantAccessFor ¶
GrantAccessFor returns Status Unauthorized if Identity is not set within request's context or user does not have required role
func HSTS ¶
func HSTS() gorouter.MiddlewareFunc
HSTS HTTP Strict Transport Security is an opt-in security enhancement that is specified by a web application through the use of a special response header
Example ¶
package main
import (
"fmt"
"net/http"
"net/http/httptest"
"github.com/vardius/go-api-boilerplate/pkg/http/middleware"
)
func main() {
m := middleware.HSTS()
h := m(http.HandlerFunc(func(_ http.ResponseWriter, _ *http.Request) {}))
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
h.ServeHTTP(w, req)
fmt.Printf("%s\n", w.Header().Get("Strict-Transport-Security"))
}
Output: max-age=63072000; includeSubDomains
func LimitRequestBody ¶
func LimitRequestBody(n int64) gorouter.MiddlewareFunc
LimitRequestBody limits the request body
func Logger ¶
Logger wraps http.Handler with a logger middleware
Example ¶
package main
import (
"net/http"
"net/http/httptest"
"github.com/vardius/go-api-boilerplate/pkg/http/middleware"
"github.com/vardius/go-api-boilerplate/pkg/log"
)
func main() {
m := middleware.Logger(log.New("development"))
h := m(http.HandlerFunc(func(_ http.ResponseWriter, _ *http.Request) {}))
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
h.ServeHTTP(w, req)
}
func RateLimit ¶
func RateLimit(logger *log.Logger, r rate.Limit, b int, frequency time.Duration) gorouter.MiddlewareFunc
RateLimit returns a new HTTP middleware that allows request per visitor (IP) up to rate r and permits bursts of at most b tokens.
func Recover ¶
Recover middleware recovers from panic
Example ¶
package main
import (
"net/http"
"net/http/httptest"
"github.com/vardius/go-api-boilerplate/pkg/http/middleware"
"github.com/vardius/go-api-boilerplate/pkg/log"
)
func main() {
m := middleware.Recover(log.New("development"))
handler := m(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
panic("error")
}))
// We will mock request for this example
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
handler.ServeHTTP(w, req)
}
func WithContainer ¶
func WithContainer(requestContainer gocontainer.Container) gorouter.MiddlewareFunc
WithContainer wraps http.Handler with a container middleware
func WithMetadata ¶
func WithMetadata() gorouter.MiddlewareFunc
WithMetadata adds Metadata to requests context
func XSS ¶
func XSS() gorouter.MiddlewareFunc
XSS sets xss response header types
Example ¶
package main
import (
"fmt"
"net/http"
"net/http/httptest"
"github.com/vardius/go-api-boilerplate/pkg/http/middleware"
)
func main() {
m := middleware.XSS()
h := m(http.HandlerFunc(func(_ http.ResponseWriter, _ *http.Request) {}))
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
h.ServeHTTP(w, req)
fmt.Printf("%s\n", w.Header().Get("X-Content-Type-Options"))
fmt.Printf("%s\n", w.Header().Get("X-Frame-Options"))
}
Output: nosniff DENY
Types ¶
This section is empty.
Source Files
¶
Directories
¶
| Path | Synopsis |
|---|---|
|
Package authenticator provides allows to authorize request
|
Package authenticator provides allows to authorize request |
Click to show internal directories.
Click to hide internal directories.