middleware

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 24, 2020 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source
const (
	AlgorithmHS256 = "HS256"
)

Algorithms

Variables

View Source
var (
	// DefaultBasicAuthConfig is the default BasicAuth middleware config.
	DefaultBasicAuthConfig = BasicAuthConfig{
		Skipper: DefaultSkipper,
		Realm:   defaultRealm,
	}
)
View Source
var (
	// DefaultBodyDumpConfig is the default BodyDump middleware config.
	DefaultBodyDumpConfig = BodyDumpConfig{
		Skipper: DefaultSkipper,
	}
)
View Source
var (
	// DefaultBodyLimitConfig is the default BodyLimit middleware config.
	DefaultBodyLimitConfig = BodyLimitConfig{
		Skipper: DefaultSkipper,
	}
)
View Source
var (
	// DefaultCORSConfig is the default CORS middleware config.
	DefaultCORSConfig = CORSConfig{
		Skipper:      DefaultSkipper,
		AllowOrigins: []string{"*"},
		AllowMethods: []string{http.MethodGet, http.MethodHead, http.MethodPut, http.MethodPatch, http.MethodPost, http.MethodDelete},
	}
)
View Source
var (
	// DefaultCSRFConfig is the default CSRF middleware config.
	DefaultCSRFConfig = CSRFConfig{
		Skipper:      DefaultSkipper,
		TokenLength:  32,
		TokenLookup:  "header:" + gz.HeaderXCSRFToken,
		ContextKey:   "csrf",
		CookieName:   "_csrf",
		CookieMaxAge: 86400,
	}
)
View Source
var (
	// DefaultGzipConfig is the default Gzip middleware config.
	DefaultGzipConfig = GzipConfig{
		Skipper: DefaultSkipper,
		Level:   -1,
	}
)
View Source
var (
	// DefaultJWTConfig is the default JWT auth middleware config.
	DefaultJWTConfig = JWTConfig{
		Skipper:       DefaultSkipper,
		SigningMethod: AlgorithmHS256,
		ContextKey:    "user",
		TokenLookup:   "header:" + gz.HeaderAuthorization,
		AuthScheme:    "Bearer",
		Claims:        jwt.MapClaims{},
	}
)
View Source
var (
	// DefaultKeyAuthConfig is the default KeyAuth middleware config.
	DefaultKeyAuthConfig = KeyAuthConfig{
		Skipper:    DefaultSkipper,
		KeyLookup:  "header:" + gz.HeaderAuthorization,
		AuthScheme: "Bearer",
	}
)
View Source
var (
	// DefaultLoggerConfig is the default Logger middleware config.
	DefaultLoggerConfig = LoggerConfig{
		Skipper: DefaultSkipper,
		Format: `{"time":"${time_rfc3339_nano}","id":"${id}","remote_ip":"${remote_ip}",` +
			`"host":"${host}","method":"${method}","uri":"${uri}","user_agent":"${user_agent}",` +
			`"status":${status},"error":"${error}","latency":${latency},"latency_human":"${latency_human}"` +
			`,"bytes_in":${bytes_in},"bytes_out":${bytes_out}}` + "\n",
		CustomTimeFormat: "2006-01-02 15:04:05.00000",
		// contains filtered or unexported fields
	}
)
View Source
var (
	// DefaultMethodOverrideConfig is the default MethodOverride middleware config.
	DefaultMethodOverrideConfig = MethodOverrideConfig{
		Skipper: DefaultSkipper,
		Getter:  MethodFromHeader(gz.HeaderXHTTPMethodOverride),
	}
)
View Source
var (
	// DefaultProxyConfig is the default Proxy middleware config.
	DefaultProxyConfig = ProxyConfig{
		Skipper:    DefaultSkipper,
		ContextKey: "target",
	}
)
View Source
var (
	// DefaultRecoverConfig is the default Recover middleware config.
	DefaultRecoverConfig = RecoverConfig{
		Skipper:           DefaultSkipper,
		StackSize:         4 << 10,
		DisableStackAll:   false,
		DisablePrintStack: false,
		LogLevel:          0,
	}
)
View Source
var DefaultRedirectConfig = RedirectConfig{
	Skipper: DefaultSkipper,
	Code:    http.StatusMovedPermanently,
}

DefaultRedirectConfig is the default Redirect middleware config.

View Source
var (
	// DefaultRequestIDConfig is the default RequestID middleware config.
	DefaultRequestIDConfig = RequestIDConfig{
		Skipper:   DefaultSkipper,
		Generator: generator,
	}
)
View Source
var (
	// DefaultRewriteConfig is the default Rewrite middleware config.
	DefaultRewriteConfig = RewriteConfig{
		Skipper: DefaultSkipper,
	}
)
View Source
var (
	// DefaultSecureConfig is the default Secure middleware config.
	DefaultSecureConfig = SecureConfig{
		Skipper:            DefaultSkipper,
		XSSProtection:      "1; mode=block",
		ContentTypeNosniff: "nosniff",
		XFrameOptions:      "SAMEORIGIN",
		HSTSPreloadEnabled: false,
	}
)
View Source
var (
	// DefaultStaticConfig is the default Static middleware config.
	DefaultStaticConfig = StaticConfig{
		Skipper: DefaultSkipper,
		Index:   "index.html",
	}
)
View Source
var (
	// DefaultTrailingSlashConfig is the default TrailingSlash middleware config.
	DefaultTrailingSlashConfig = TrailingSlashConfig{
		Skipper: DefaultSkipper,
	}
)
View Source
var (
	ErrJWTMissing = gz.NewHTTPError(http.StatusBadRequest, "missing or malformed jwt")
)

Errors

Functions

func AddTrailingSlash

func AddTrailingSlash() gz.MiddlewareFunc

AddTrailingSlash returns a root level (before router) middleware which adds a trailing slash to the request `URL#Path`.

Usage `Application#Pre(AddTrailingSlash())`

func AddTrailingSlashWithConfig

func AddTrailingSlashWithConfig(config TrailingSlashConfig) gz.MiddlewareFunc

AddTrailingSlashWithConfig returns a AddTrailingSlash middleware with config. See `AddTrailingSlash()`.

func BasicAuth

func BasicAuth(fn BasicAuthValidator) gz.MiddlewareFunc

BasicAuth returns an BasicAuth middleware.

For valid credentials it calls the next handler. For missing or invalid credentials, it sends "401 - Unauthorized" response.

func BasicAuthWithConfig

func BasicAuthWithConfig(config BasicAuthConfig) gz.MiddlewareFunc

BasicAuthWithConfig returns an BasicAuth middleware with config. See `BasicAuth()`.

func BodyDump

func BodyDump(handler BodyDumpHandler) gz.MiddlewareFunc

BodyDump returns a BodyDump middleware.

BodyDump middleware captures the request and response payload and calls the registered handler.

func BodyDumpWithConfig

func BodyDumpWithConfig(config BodyDumpConfig) gz.MiddlewareFunc

BodyDumpWithConfig returns a BodyDump middleware with config. See: `BodyDump()`.

func BodyLimit

func BodyLimit(limit string) gz.MiddlewareFunc

BodyLimit returns a BodyLimit middleware.

BodyLimit middleware sets the maximum allowed size for a request body, if the size exceeds the configured limit, it sends "413 - Request Entity Too Large" response. The BodyLimit is determined based on both `Content-Length` request header and actual content read, which makes it super secure. Limit can be specified as `4x` or `4xB`, where x is one of the multiple from K, M, G, T or P.

func BodyLimitWithConfig

func BodyLimitWithConfig(config BodyLimitConfig) gz.MiddlewareFunc

BodyLimitWithConfig returns a BodyLimit middleware with config. See: `BodyLimit()`.

func CORS

func CORS() gz.MiddlewareFunc

CORS returns a Cross-Origin Resource Sharing (CORS) middleware. See: https://developer.mozilla.org/en/docs/Web/HTTP/Access_control_CORS

func CORSWithConfig

func CORSWithConfig(config CORSConfig) gz.MiddlewareFunc

CORSWithConfig returns a CORS middleware with config. See: `CORS()`.

func CSRF

func CSRF() gz.MiddlewareFunc

CSRF returns a Cross-Site Request Forgery (CSRF) middleware. See: https://en.wikipedia.org/wiki/Cross-site_request_forgery

func CSRFWithConfig

func CSRFWithConfig(config CSRFConfig) gz.MiddlewareFunc

CSRFWithConfig returns a CSRF middleware with config. See `CSRF()`.

func DefaultSkipper

func DefaultSkipper(gz.Context) bool

DefaultSkipper returns false which processes the middleware.

func Gzip

func Gzip() gz.MiddlewareFunc

Gzip returns a middleware which compresses HTTP response using gzip compression scheme.

func GzipWithConfig

func GzipWithConfig(config GzipConfig) gz.MiddlewareFunc

GzipWithConfig return Gzip middleware with config. See: `Gzip()`.

func HTTPSNonWWWRedirect

func HTTPSNonWWWRedirect() gz.MiddlewareFunc

HTTPSNonWWWRedirect redirects http requests to https non www. For example, http://www.labstack.com will be redirect to https://labstack.com.

Usage `Application#Pre(HTTPSNonWWWRedirect())`

func HTTPSNonWWWRedirectWithConfig

func HTTPSNonWWWRedirectWithConfig(config RedirectConfig) gz.MiddlewareFunc

HTTPSNonWWWRedirectWithConfig returns an HTTPSRedirect middleware with config. See `HTTPSNonWWWRedirect()`.

func HTTPSRedirect

func HTTPSRedirect() gz.MiddlewareFunc

HTTPSRedirect redirects http requests to https. For example, http://labstack.com will be redirect to https://labstack.com.

Usage `Application#Pre(HTTPSRedirect())`

func HTTPSRedirectWithConfig

func HTTPSRedirectWithConfig(config RedirectConfig) gz.MiddlewareFunc

HTTPSRedirectWithConfig returns an HTTPSRedirect middleware with config. See `HTTPSRedirect()`.

func HTTPSWWWRedirect

func HTTPSWWWRedirect() gz.MiddlewareFunc

HTTPSWWWRedirect redirects http requests to https www. For example, http://labstack.com will be redirect to https://www.labstack.com.

Usage `Application#Pre(HTTPSWWWRedirect())`

func HTTPSWWWRedirectWithConfig

func HTTPSWWWRedirectWithConfig(config RedirectConfig) gz.MiddlewareFunc

HTTPSWWWRedirectWithConfig returns an HTTPSRedirect middleware with config. See `HTTPSWWWRedirect()`.

func JWT

func JWT(key interface{}) gz.MiddlewareFunc

JWT returns a JSON Web Token (JWT) auth middleware.

For valid token, it sets the user in context and calls next handler. For invalid token, it returns "401 - Unauthorized" error. For missing token, it returns "400 - Bad Request" error.

See: https://jwt.io/introduction See `JWTConfig.TokenLookup`

func JWTWithConfig

func JWTWithConfig(config JWTConfig) gz.MiddlewareFunc

JWTWithConfig returns a JWT auth middleware with config. See: `JWT()`.

func KeyAuth

KeyAuth returns an KeyAuth middleware.

For valid key it calls the next handler. For invalid key, it sends "401 - Unauthorized" response. For missing key, it sends "400 - Bad Request" response.

func KeyAuthWithConfig

func KeyAuthWithConfig(config KeyAuthConfig) gz.MiddlewareFunc

KeyAuthWithConfig returns an KeyAuth middleware with config. See `KeyAuth()`.

func Logger

func Logger() gz.MiddlewareFunc

Logger returns a middleware that logs HTTP requests.

func LoggerWithConfig

func LoggerWithConfig(config LoggerConfig) gz.MiddlewareFunc

LoggerWithConfig returns a Logger middleware with config. See: `Logger()`.

func MethodOverride

func MethodOverride() gz.MiddlewareFunc

MethodOverride returns a MethodOverride middleware. MethodOverride middleware checks for the overridden method from the request and uses it instead of the original method.

For security reasons, only `POST` method can be overridden.

func MethodOverrideWithConfig

func MethodOverrideWithConfig(config MethodOverrideConfig) gz.MiddlewareFunc

MethodOverrideWithConfig returns a MethodOverride middleware with config. See: `MethodOverride()`.

func NonWWWRedirect

func NonWWWRedirect() gz.MiddlewareFunc

NonWWWRedirect redirects www requests to non www. For example, http://www.labstack.com will be redirect to http://labstack.com.

Usage `Application#Pre(NonWWWRedirect())`

func NonWWWRedirectWithConfig

func NonWWWRedirectWithConfig(config RedirectConfig) gz.MiddlewareFunc

NonWWWRedirectWithConfig returns an HTTPSRedirect middleware with config. See `NonWWWRedirect()`.

func Proxy

func Proxy(balancer ProxyBalancer) gz.MiddlewareFunc

Proxy returns a Proxy middleware.

Proxy middleware forwards the request to upstream server using a configured load balancing technique.

func ProxyWithConfig

func ProxyWithConfig(config ProxyConfig) gz.MiddlewareFunc

ProxyWithConfig returns a Proxy middleware with config. See: `Proxy()`

func Recover

func Recover() gz.MiddlewareFunc

Recover returns a middleware which recovers from panics anywhere in the chain and handles the control to the centralized HTTPErrorHandler.

func RecoverWithConfig

func RecoverWithConfig(config RecoverConfig) gz.MiddlewareFunc

RecoverWithConfig returns a Recover middleware with config. See: `Recover()`.

func RemoveTrailingSlash

func RemoveTrailingSlash() gz.MiddlewareFunc

RemoveTrailingSlash returns a root level (before router) middleware which removes a trailing slash from the request URI.

Usage `Application#Pre(RemoveTrailingSlash())`

func RemoveTrailingSlashWithConfig

func RemoveTrailingSlashWithConfig(config TrailingSlashConfig) gz.MiddlewareFunc

RemoveTrailingSlashWithConfig returns a RemoveTrailingSlash middleware with config. See `RemoveTrailingSlash()`.

func RequestID

func RequestID() gz.MiddlewareFunc

RequestID returns a X-Request-ID middleware.

func RequestIDWithConfig

func RequestIDWithConfig(config RequestIDConfig) gz.MiddlewareFunc

RequestIDWithConfig returns a X-Request-ID middleware with config.

func Rewrite

func Rewrite(rules map[string]string) gz.MiddlewareFunc

Rewrite returns a Rewrite middleware.

Rewrite middleware rewrites the URL path based on the provided rules.

func RewriteWithConfig

func RewriteWithConfig(config RewriteConfig) gz.MiddlewareFunc

RewriteWithConfig returns a Rewrite middleware with config. See: `Rewrite()`.

func Secure

func Secure() gz.MiddlewareFunc

Secure returns a Secure middleware. Secure middleware provides protection against cross-site scripting (XSS) attack, content type sniffing, clickjacking, insecure connection and other code injection attacks.

func SecureWithConfig

func SecureWithConfig(config SecureConfig) gz.MiddlewareFunc

SecureWithConfig returns a Secure middleware with config. See: `Secure()`.

func Static

func Static(root string) gz.MiddlewareFunc

Static returns a Static middleware to serves static content from the provided root directory.

func StaticWithConfig

func StaticWithConfig(config StaticConfig) gz.MiddlewareFunc

StaticWithConfig returns a Static middleware with config. See `Static()`.

func WWWRedirect

func WWWRedirect() gz.MiddlewareFunc

WWWRedirect redirects non www requests to www. For example, http://labstack.com will be redirect to http://www.labstack.com.

Usage `Application#Pre(WWWRedirect())`

func WWWRedirectWithConfig

func WWWRedirectWithConfig(config RedirectConfig) gz.MiddlewareFunc

WWWRedirectWithConfig returns an HTTPSRedirect middleware with config. See `WWWRedirect()`.

Types

type BasicAuthConfig

type BasicAuthConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Validator is a function to validate BasicAuth credentials.
	// Required.
	Validator BasicAuthValidator

	// Realm is a string to define realm attribute of BasicAuth.
	// Default value "Restricted".
	Realm string
}

BasicAuthConfig defines the config for BasicAuth middleware.

type BasicAuthValidator

type BasicAuthValidator func(string, string, gz.Context) (bool, error)

BasicAuthValidator defines a function to validate BasicAuth credentials.

type BeforeFunc

type BeforeFunc func(gz.Context)

BeforeFunc defines a function which is executed just before the middleware.

type BodyDumpConfig

type BodyDumpConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Handler receives request and response payload.
	// Required.
	Handler BodyDumpHandler
}

BodyDumpConfig defines the config for BodyDump middleware.

type BodyDumpHandler

type BodyDumpHandler func(gz.Context, []byte, []byte)

BodyDumpHandler receives the request and response payload.

type BodyLimitConfig

type BodyLimitConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Maximum allowed size for a request body, it can be specified
	// as `4x` or `4xB`, where x is one of the multiple from K, M, G, T or P.
	Limit string `yaml:"limit"`
	// contains filtered or unexported fields
}

BodyLimitConfig defines the config for BodyLimit middleware.

type CORSConfig

type CORSConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// AllowOrigin defines a list of origins that may access the resource.
	// Optional. Default value []string{"*"}.
	AllowOrigins []string `yaml:"allow_origins"`

	// AllowMethods defines a list methods allowed when accessing the resource.
	// This is used in response to a preflight request.
	// Optional. Default value DefaultCORSConfig.AllowMethods.
	AllowMethods []string `yaml:"allow_methods"`

	// AllowHeaders defines a list of request headers that can be used when
	// making the actual request. This is in response to a preflight request.
	// Optional. Default value []string{}.
	AllowHeaders []string `yaml:"allow_headers"`

	// AllowCredentials indicates whether or not the response to the request
	// can be exposed when the credentials flag is true. When used as part of
	// a response to a preflight request, this indicates whether or not the
	// actual request can be made using credentials.
	// Optional. Default value false.
	AllowCredentials bool `yaml:"allow_credentials"`

	// ExposeHeaders defines a whitelist headers that clients are allowed to
	// access.
	// Optional. Default value []string{}.
	ExposeHeaders []string `yaml:"expose_headers"`

	// MaxAge indicates how long (in seconds) the results of a preflight request
	// can be cached.
	// Optional. Default value 0.
	MaxAge int `yaml:"max_age"`
}

CORSConfig defines the config for CORS middleware.

type CSRFConfig

type CSRFConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// TokenLength is the length of the generated token.
	TokenLength uint8 `yaml:"token_length"`

	// TokenLookup is a string in the form of "<source>:<key>" that is used
	// to extract token from the request.
	// Optional. Default value "header:X-CSRF-Token".
	// Possible values:
	// - "header:<name>"
	// - "form:<name>"
	// - "query:<name>"
	TokenLookup string `yaml:"token_lookup"`

	// Context key to store generated CSRF token into context.
	// Optional. Default value "csrf".
	ContextKey string `yaml:"context_key"`

	// Name of the CSRF cookie. This cookie will store CSRF token.
	// Optional. Default value "csrf".
	CookieName string `yaml:"cookie_name"`

	// Domain of the CSRF cookie.
	// Optional. Default value none.
	CookieDomain string `yaml:"cookie_domain"`

	// Path of the CSRF cookie.
	// Optional. Default value none.
	CookiePath string `yaml:"cookie_path"`

	// Max age (in seconds) of the CSRF cookie.
	// Optional. Default value 86400 (24hr).
	CookieMaxAge int `yaml:"cookie_max_age"`

	// Indicates if CSRF cookie is secure.
	// Optional. Default value false.
	CookieSecure bool `yaml:"cookie_secure"`

	// Indicates if CSRF cookie is HTTP only.
	// Optional. Default value false.
	CookieHTTPOnly bool `yaml:"cookie_http_only"`
}

CSRFConfig defines the config for CSRF middleware.

type GzipConfig

type GzipConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Gzip compression level.
	// Optional. Default value -1.
	Level int `yaml:"level"`
}

GzipConfig defines the config for Gzip middleware.

type JWTConfig

type JWTConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// BeforeFunc defines a function which is executed just before the middleware.
	BeforeFunc BeforeFunc

	// SuccessHandler defines a function which is executed for a valid token.
	SuccessHandler JWTSuccessHandler

	// ErrorHandler defines a function which is executed for an invalid token.
	// It may be used to define a custom JWT error.
	ErrorHandler JWTErrorHandler

	// ErrorHandlerWithContext is almost identical to ErrorHandler, but it's passed the current context.
	ErrorHandlerWithContext JWTErrorHandlerWithContext

	// Signing key to validate token. Used as fallback if SigningKeys has length 0.
	// Required. This or SigningKeys.
	SigningKey interface{}

	// Map of signing keys to validate token with kid field usage.
	// Required. This or SigningKey.
	SigningKeys map[string]interface{}

	// Signing method, used to check token signing method.
	// Optional. Default value HS256.
	SigningMethod string

	// Context key to store user information from the token into context.
	// Optional. Default value "user".
	ContextKey string

	// Claims are extendable claims data defining token content.
	// Optional. Default value jwt.MapClaims
	Claims jwt.Claims

	// TokenLookup is a string in the form of "<source>:<name>" that is used
	// to extract token from the request.
	// Optional. Default value "header:Authorization".
	// Possible values:
	// - "header:<name>"
	// - "query:<name>"
	// - "param:<name>"
	// - "cookie:<name>"
	TokenLookup string

	// AuthScheme to be used in the Authorization header.
	// Optional. Default value "Bearer".
	AuthScheme string
	// contains filtered or unexported fields
}

JWTConfig defines the config for JWT middleware.

type JWTErrorHandler

type JWTErrorHandler func(error) error

JWTErrorHandler defines a function which is executed for an invalid token.

type JWTErrorHandlerWithContext

type JWTErrorHandlerWithContext func(error, gz.Context) error

JWTErrorHandlerWithContext is almost identical to JWTErrorHandler, but it's passed the current context.

type JWTSuccessHandler

type JWTSuccessHandler func(gz.Context)

JWTSuccessHandler defines a function which is executed for a valid token.

type KeyAuthConfig

type KeyAuthConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// KeyLookup is a string in the form of "<source>:<name>" that is used
	// to extract key from the request.
	// Optional. Default value "header:Authorization".
	// Possible values:
	// - "header:<name>"
	// - "query:<name>"
	// - "form:<name>"
	KeyLookup string `yaml:"key_lookup"`

	// AuthScheme to be used in the Authorization header.
	// Optional. Default value "Bearer".
	AuthScheme string

	// Validator is a function to validate key.
	// Required.
	Validator KeyAuthValidator
}

KeyAuthConfig defines the config for KeyAuth middleware.

type KeyAuthValidator

type KeyAuthValidator func(string, gz.Context) (bool, error)

KeyAuthValidator defines a function to validate KeyAuth credentials.

type LoggerConfig

type LoggerConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Tags to construct the logger format.
	//
	// - time_unix
	// - time_unix_nano
	// - time_rfc3339
	// - time_rfc3339_nano
	// - time_custom
	// - id (Request ID)
	// - remote_ip
	// - uri
	// - host
	// - method
	// - path
	// - protocol
	// - referer
	// - user_agent
	// - status
	// - error
	// - latency (In nanoseconds)
	// - latency_human (Human readable)
	// - bytes_in (Bytes received)
	// - bytes_out (Bytes sent)
	// - header:<NAME>
	// - query:<NAME>
	// - form:<NAME>
	//
	// Example "${remote_ip} ${status}"
	//
	// Optional. Default value DefaultLoggerConfig.Format.
	Format string `yaml:"format"`

	// Optional. Default value DefaultLoggerConfig.CustomTimeFormat.
	CustomTimeFormat string `yaml:"custom_time_format"`

	// Output is a writer where logs in JSON format are written.
	// Optional. Default value os.Stdout.
	Output io.Writer
	// contains filtered or unexported fields
}

LoggerConfig defines the config for Logger middleware.

type MethodOverrideConfig

type MethodOverrideConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Getter is a function that gets overridden method from the request.
	// Optional. Default values MethodFromHeader(gz.HeaderXHTTPMethodOverride).
	Getter MethodOverrideGetter
}

MethodOverrideConfig defines the config for MethodOverride middleware.

type MethodOverrideGetter

type MethodOverrideGetter func(gz.Context) string

MethodOverrideGetter is a function that gets overridden method from the request

func MethodFromForm

func MethodFromForm(param string) MethodOverrideGetter

MethodFromForm is a `MethodOverrideGetter` that gets overridden method from the form parameter.

func MethodFromHeader

func MethodFromHeader(header string) MethodOverrideGetter

MethodFromHeader is a `MethodOverrideGetter` that gets overridden method from the request header.

func MethodFromQuery

func MethodFromQuery(param string) MethodOverrideGetter

MethodFromQuery is a `MethodOverrideGetter` that gets overridden method from the query parameter.

type ProxyBalancer

type ProxyBalancer interface {
	AddTarget(*ProxyTarget) bool
	RemoveTarget(string) bool
	Next(gz.Context) *ProxyTarget
}

ProxyBalancer defines an interface to implement a load balancing technique.

func NewRandomBalancer

func NewRandomBalancer(targets []*ProxyTarget) ProxyBalancer

NewRandomBalancer returns a random proxy balancer.

func NewRoundRobinBalancer

func NewRoundRobinBalancer(targets []*ProxyTarget) ProxyBalancer

NewRoundRobinBalancer returns a round-robin proxy balancer.

type ProxyConfig

type ProxyConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Balancer defines a load balancing technique.
	// Required.
	Balancer ProxyBalancer

	// Rewrite defines URL path rewrite rules. The values captured in asterisk can be
	// retrieved by index e.g. $1, $2 and so on.
	// Examples:
	// "/old":              "/new",
	// "/api/*":            "/$1",
	// "/js/*":             "/public/javascripts/$1",
	// "/users/*/orders/*": "/user/$1/order/$2",
	Rewrite map[string]string

	// Context key to store selected ProxyTarget into context.
	// Optional. Default value "target".
	ContextKey string

	// To customize the transport to remote.
	// Examples: If custom TLS certificates are required.
	Transport http.RoundTripper
	// contains filtered or unexported fields
}

ProxyConfig defines the config for Proxy middleware.

type ProxyTarget

type ProxyTarget struct {
	Name string
	URL  *url.URL
	Meta gz.Map
}

ProxyTarget defines the upstream target.

type RecoverConfig

type RecoverConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Size of the stack to be printed.
	// Optional. Default value 4KB.
	StackSize int `yaml:"stack_size"`

	// DisableStackAll disables formatting stack traces of all other goroutines
	// into buffer after the trace for the current goroutine.
	// Optional. Default value false.
	DisableStackAll bool `yaml:"disable_stack_all"`

	// DisablePrintStack disables printing stack trace.
	// Optional. Default value as false.
	DisablePrintStack bool `yaml:"disable_print_stack"`

	// LogLevel is log level to printing stack trace.
	// Optional. Default value 0 (Print).
	LogLevel log.Lvl
}

RecoverConfig defines the config for Recover middleware.

type RedirectConfig

type RedirectConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper

	// Status code to be used when redirecting the request.
	// Optional. Default value http.StatusMovedPermanently.
	Code int `yaml:"code"`
}

RedirectConfig defines the config for Redirect middleware.

type RequestIDConfig

type RequestIDConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Generator defines a function to generate an ID.
	// Optional. Default value random.String(32).
	Generator func() string
}

RequestIDConfig defines the config for RequestID middleware.

type RewriteConfig

type RewriteConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Rules defines the URL path rewrite rules. The values captured in asterisk can be
	// retrieved by index e.g. $1, $2 and so on.
	// Example:
	// "/old":              "/new",
	// "/api/*":            "/$1",
	// "/js/*":             "/public/javascripts/$1",
	// "/users/*/orders/*": "/user/$1/order/$2",
	// Required.
	Rules map[string]string `yaml:"rules"`
	// contains filtered or unexported fields
}

RewriteConfig defines the config for Rewrite middleware.

type SecureConfig

type SecureConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// XSSProtection provides protection against cross-site scripting attack (XSS)
	// by setting the `X-XSS-Protection` header.
	// Optional. Default value "1; mode=block".
	XSSProtection string `yaml:"xss_protection"`

	// ContentTypeNosniff provides protection against overriding Content-Type
	// header by setting the `X-Content-Type-Options` header.
	// Optional. Default value "nosniff".
	ContentTypeNosniff string `yaml:"content_type_nosniff"`

	// XFrameOptions can be used to indicate whether or not a browser should
	// be allowed to render a page in a <frame>, <iframe> or <object> .
	// Sites can use this to avoid clickjacking attacks, by ensuring that their
	// content is not embedded into other sites.provides protection against
	// clickjacking.
	// Optional. Default value "SAMEORIGIN".
	// Possible values:
	// - "SAMEORIGIN" - The page can only be displayed in a frame on the same origin as the page itself.
	// - "DENY" - The page cannot be displayed in a frame, regardless of the site attempting to do so.
	// - "ALLOW-FROM uri" - The page can only be displayed in a frame on the specified origin.
	XFrameOptions string `yaml:"x_frame_options"`

	// HSTSMaxAge sets the `Strict-Transport-Security` header to indicate how
	// long (in seconds) browsers should remember that this site is only to
	// be accessed using HTTPS. This reduces your exposure to some SSL-stripping
	// man-in-the-middle (MITM) attacks.
	// Optional. Default value 0.
	HSTSMaxAge int `yaml:"hsts_max_age"`

	// HSTSExcludeSubdomains won't include subdomains tag in the `Strict Transport Security`
	// header, excluding all subdomains from security policy. It has no effect
	// unless HSTSMaxAge is set to a non-zero value.
	// Optional. Default value false.
	HSTSExcludeSubdomains bool `yaml:"hsts_exclude_subdomains"`

	// ContentSecurityPolicy sets the `Content-Security-Policy` header providing
	// security against cross-site scripting (XSS), clickjacking and other code
	// injection attacks resulting from execution of malicious content in the
	// trusted web page context.
	// Optional. Default value "".
	ContentSecurityPolicy string `yaml:"content_security_policy"`

	// CSPReportOnly would use the `Content-Security-Policy-Report-Only` header instead
	// of the `Content-Security-Policy` header. This allows iterative updates of the
	// content security policy by only reporting the violations that would
	// have occurred instead of blocking the resource.
	// Optional. Default value false.
	CSPReportOnly bool `yaml:"csp_report_only"`

	// HSTSPreloadEnabled will add the preload tag in the `Strict Transport Security`
	// header, which enables the domain to be included in the HSTS preload list
	// maintained by Chrome (and used by Firefox and Safari): https://hstspreload.org/
	// Optional.  Default value false.
	HSTSPreloadEnabled bool `yaml:"hsts_preload_enabled"`

	// ReferrerPolicy sets the `Referrer-Policy` header providing security against
	// leaking potentially sensitive request paths to third parties.
	// Optional. Default value "".
	ReferrerPolicy string `yaml:"referrer_policy"`
}

SecureConfig defines the config for Secure middleware.

type Skipper

type Skipper func(gz.Context) bool

Skipper defines a function to skip middleware. Returning true skips processing the middleware.

type StaticConfig

type StaticConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Root directory from where the static content is served.
	// Required.
	Root string `yaml:"root"`

	// Index file for serving a directory.
	// Optional. Default value "index.html".
	Index string `yaml:"index"`

	// Enable HTML5 mode by forwarding all not-found requests to root so that
	// SPA (single-page application) can handle the routing.
	// Optional. Default value false.
	HTML5 bool `yaml:"html5"`

	// Enable directory browsing.
	// Optional. Default value false.
	Browse bool `yaml:"browse"`
}

StaticConfig defines the config for Static middleware.

type TrailingSlashConfig

type TrailingSlashConfig struct {
	// Skipper defines a function to skip middleware.
	Skipper Skipper

	// Status code to be used when redirecting the request.
	// Optional, but when provided the request is redirected using this code.
	RedirectCode int `yaml:"redirect_code"`
}

TrailingSlashConfig defines the config for TrailingSlash middleware.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL