Documentation ¶
Index ¶
Constants ¶
const ( MiddlewareDependencyCSRF = "*securitymw.CSRFMiddleware" MiddlewareDependencyCSRFGet = "*securitymw.CSRFGetMiddleware" )
const MIDDLEWARE_DEPENDENCY_RESTRICTADDRESS = "*securitymw.RestrictAddressMiddleware"
const MiddlewareDependencyHSTS = "*securitymw.HSTSMiddleware"
Variables ¶
This section is empty.
Functions ¶
func GetCSRFToken ¶
GetCSRFToken returns the CSRF token for the current session.
If the token is not exists, the function generates one and places it inside the session.
Types ¶
type AdminKeyMiddleware ¶
type AdminKeyMiddleware string
func (AdminKeyMiddleware) Dependencies ¶
func (key AdminKeyMiddleware) Dependencies() []string
type CSRFGetMiddleware ¶
type CSRFGetMiddleware struct {
// contains filtered or unexported fields
}
CSRFGetMiddleware checks the CSRF token in the urlParam URL parameter.
This is useful if you want CSRF protection in a GET request. For example, this middleware is used on the auth service's login/logout endpoints. Adding this to the server is discouraged. The middlware should be used only on the individual handlers.
func NewCSRFGetMiddleware ¶
func NewCSRFGetMiddleware(urlParam string) *CSRFGetMiddleware
func (*CSRFGetMiddleware) Dependencies ¶
func (c *CSRFGetMiddleware) Dependencies() []string
type CSRFMiddleware ¶
type CSRFMiddleware struct{}
CSRFMiddleware enforces the correct X-CSRF-Token header on all POST, PUT, DELETE, PATCH requests.
To obtain a token, use CSRFTokenHandler on a path.
func NewCSRFMiddleware ¶
func NewCSRFMiddleware() *CSRFMiddleware
func (*CSRFMiddleware) Dependencies ¶
func (c *CSRFMiddleware) Dependencies() []string
type HSTSMiddleware ¶
type HSTSMiddleware struct { MaxAge time.Duration IncludeSubDomains bool middleware.NoDependencies }
HSTSMiddleware adds HTTP Strict Transport Security headers to the responses.
func (*HSTSMiddleware) String ¶
func (h *HSTSMiddleware) String() string
type RestrictAddressMiddleware ¶
type RestrictAddressMiddleware struct { middleware.NoDependencies // contains filtered or unexported fields }
RestrictAddressMiddleware restricts access based on the IP address of the client.
Only IP addresses in the given CIDR address ranges will be allowed.
func NewRestrictAddressMiddleware ¶
func NewRestrictAddressMiddleware(addresses ...string) *RestrictAddressMiddleware
func NewRestrictPrivateAddressMiddleware ¶
func NewRestrictPrivateAddressMiddleware() *RestrictAddressMiddleware