Documentation
¶
Index ¶
- Constants
- func APISecurity(next http.Handler) http.Handler
- func BaseSecurity(next http.Handler) http.Handler
- func BearerTokenFromContext(ctx context.Context) (string, bool)
- func CORS(allowedOrigins []string) func(http.Handler) http.Handler
- func ClientIPFromContext(ctx context.Context) (string, bool)
- func ExtractBearerToken(next http.Handler) http.Handler
- func HashedIPFromContext(ctx context.Context) (string, bool)
- func HostRewrite(pushHost, hookHost string) func(http.Handler) http.Handler
- func RateKeyByBearerToken(r *http.Request) (string, error)
- func RateKeyByHashedIP(r *http.Request) (string, error)
- func RateKeyByURLParam(param string) func(*http.Request) (string, error)
- func RequestIDFromContext(ctx context.Context) string
- func RequireAdmin() func(http.Handler) http.Handler
- func RequireSession(validator SessionValidator) func(http.Handler) http.Handler
- func SentryTags(next http.Handler) http.Handler
- type CtxUser
- type IPHasher
- type RealIP
- type RequestID
- type SessionUser
- type SessionValidator
Constants ¶
const ( CookieSessionName = "beebuzz_session" CookieLoggedInName = "beebuzz_logged_in" )
const CtxKeyUser contextKey = "user"
Variables ¶
This section is empty.
Functions ¶
func APISecurity ¶
APISecurity adds API-specific security headers to all /v1 responses. Cache-Control: no-store prevents sensitive data from being cached by browsers, proxies, or CDNs.
func BaseSecurity ¶
BaseSecurity adds base security headers to all responses. CSP is enforced at Caddy layer, not here.
func BearerTokenFromContext ¶
BearerTokenFromContext returns the raw Bearer token extracted by the ExtractBearerToken middleware. Returns ("", false) when the Authorization header was missing or malformed.
func CORS ¶
CORS adds Cross-Origin Resource Sharing headers. It checks the request Origin against allowedOrigins and, on match, reflects the origin with credentials support. OPTIONS preflight requests are answered immediately with 204.
func ClientIPFromContext ¶
ClientIPFromContext returns the canonical client IP for the request, resolved by RealIP from RemoteAddr or trusted X-Forwarded-For.
func ExtractBearerToken ¶
ExtractBearerToken reads the Authorization header, strips the "Bearer " prefix, and stores the raw token in the request context. If the header is absent or malformed the request proceeds without a context value, letting the handler return 401.
func HashedIPFromContext ¶
HashedIPFromContext reads the hashed client IP stored by the IPHasher middleware. Returns the hashed IP and true if present.
func HostRewrite ¶
HostRewrite returns middleware that rewrites the request path based on the Host header. Requests to pushHost get /v1/push prepended; requests to hookHost get /v1/webhooks prepended. When pushHost or hookHost is empty, that rewrite is inactive. The host values must be bare host (with optional port), not full URLs.
func RateKeyByBearerToken ¶
RateKeyByBearerToken is an httprate.KeyFunc that reads the raw Bearer token from context (set by ExtractBearerToken middleware) and uses its SHA-256 hash as key. Falls back to hashed IP when the token is absent so the request still reaches the handler for a proper 401.
func RateKeyByHashedIP ¶
RateKeyByHashedIP is an httprate.KeyFunc that uses the hashed client IP from the request context as the rate-limit key. Requires RealIP and IPHasher middleware to run first.
func RateKeyByURLParam ¶
RateKeyByURLParam returns an httprate.KeyFunc that reads the named URL parameter and uses its SHA-256 hash as rate-limit key. Falls back to hashed IP when the parameter is empty.
func RequestIDFromContext ¶
RequestIDFromContext returns the request ID stored by the RequestID middleware. Returns empty string if not present.
func RequireAdmin ¶
RequireAdmin creates a middleware that requires admin privileges.
func RequireSession ¶
func RequireSession(validator SessionValidator) func(http.Handler) http.Handler
RequireSession creates a middleware that requires a valid session.
Types ¶
type IPHasher ¶
type IPHasher struct {
// contains filtered or unexported fields
}
IPHasher hashes client IPs with a keyed BLAKE2b so they can be used as rate-limit keys and logged without storing plaintext addresses.
func NewIPHasher ¶
NewIPHasher creates an IPHasher. The secret is used as a BLAKE2b key to prevent rainbow-table reversal of hashed IPs.
type RealIP ¶
type RealIP struct {
// contains filtered or unexported fields
}
RealIP resolves the real client IP from RemoteAddr or X-Forwarded-For based on a trusted proxy subnet.
func NewRealIP ¶
NewRealIP creates a RealIP resolver. proxySubnet is the CIDR of the trusted reverse proxy (e.g. "172.20.0.0/16"). Pass netip.Prefix{} (zero value) for direct connections with no proxy.
Use the narrowest possible CIDR (ideally /32 for a single proxy IP). A wide subnet trusts any peer within it, which in shared networks could allow other hosts to spoof X-Forwarded-For.
func (*RealIP) Middleware ¶
Middleware stores the resolved client IP in the request context.
type RequestID ¶
type RequestID struct {
// contains filtered or unexported fields
}
RequestID reads or generates a request ID, sets it in the response header and request context. The header name is configurable to match the reverse proxy convention (e.g. Traefik uses "X-Request-Id" by default). Pass an empty string to use the default "X-Request-ID".
func NewRequestID ¶
NewRequestID creates a RequestID middleware. header is the HTTP header name used to read and write the request ID (e.g. "X-Request-Id"). Pass "" to use the default "X-Request-ID".
type SessionUser ¶
SessionUser is the result of session validation returned by the auth provider.
type SessionValidator ¶
type SessionValidator interface {
ValidateSession(ctx context.Context, sessionToken string) (*SessionUser, error)
}
SessionValidator validates a session token and returns the user.
Source Files