Documentation
¶
Index ¶
Constants ¶
const ( HealthCheckTTL = 5 * time.Minute // 5 minutes for health checks DefaultTTL = 30 * time.Second // 30 seconds default for other endpoints )
Variables ¶
var ( ErrTokenMissing = errors.New("CSRF token missing") ErrTokenMismatch = errors.New("CSRF token mismatch") )
Functions ¶
func CSRF ¶
func CSRF(config *CSRFConfig) gin.HandlerFunc
CSRF returns a middleware that provides CSRF protection
func Logger ¶
func Logger() gin.HandlerFunc
Logger returns a gin middleware for logging HTTP requests with zerolog
func Secure ¶
func Secure(config *SecureConfig) gin.HandlerFunc
Secure returns a middleware that adds security headers
func SetupCORS ¶
func SetupCORS() gin.HandlerFunc
SetupCORS returns the CORS middleware configuration
Types ¶
type AuthMiddleware ¶
type AuthMiddleware struct {
// contains filtered or unexported fields
}
func NewAuthMiddleware ¶
func NewAuthMiddleware(cache cache.Store) *AuthMiddleware
func (*AuthMiddleware) OptionalAuth ¶
func (m *AuthMiddleware) OptionalAuth() gin.HandlerFunc
OptionalAuth middleware checks for authentication but doesn't require it
func (*AuthMiddleware) RequireAuth ¶
func (m *AuthMiddleware) RequireAuth() gin.HandlerFunc
RequireAuth middleware checks for valid authentication
type CSRFConfig ¶
type CSRFConfig struct { // Secure indicates if the cookie should be sent only over HTTPS Secure bool // Cookie path Path string // Cookie domain Domain string // Cookie max age in seconds MaxAge int // If true, cookie is not accessible via JavaScript HttpOnly bool // Methods that don't require CSRF validation ExemptMethods []string // Paths that don't require CSRF validation ExemptPaths []string }
CSRFConfig holds configuration for CSRF protection
func DefaultCSRFConfig ¶
func DefaultCSRFConfig() *CSRFConfig
DefaultCSRFConfig returns the default CSRF configuration
type CacheMiddleware ¶
type CacheMiddleware struct {
// contains filtered or unexported fields
}
func NewCacheMiddleware ¶
func NewCacheMiddleware(store cache.Store) *CacheMiddleware
func (*CacheMiddleware) Cache ¶
func (m *CacheMiddleware) Cache() gin.HandlerFunc
type CachedResponse ¶
type RateLimiter ¶
type RateLimiter struct {
// contains filtered or unexported fields
}
func NewRateLimiter ¶
func NewRateLimiter(store cache.Store, window time.Duration, limit int, keyPrefix string) *RateLimiter
NewRateLimiter creates a new rate limiter with the specified configuration
func (*RateLimiter) RateLimit ¶
func (rl *RateLimiter) RateLimit() gin.HandlerFunc
RateLimit returns a Gin middleware function that implements rate limiting
type SecureConfig ¶
type SecureConfig struct { CSPEnabled bool CSPDefaultSrc []string CSPScriptSrc []string CSPStyleSrc []string CSPImgSrc []string CSPConnectSrc []string CSPFontSrc []string CSPObjectSrc []string CSPMediaSrc []string CSPFrameSrc []string CSPWorkerSrc []string CSPManifestSrc []string HSTSEnabled bool HSTSMaxAge int HSTSIncludeSubdomains bool HSTSPreload bool FrameGuardEnabled bool FrameGuardAction string // DENY, SAMEORIGIN ContentTypeNosniff bool XSSProtection bool XSSProtectionMode string // "0", "1", "1; mode=block" ReferrerPolicy string }
SecureConfig holds configuration for secure headers
func DefaultSecureConfig ¶
func DefaultSecureConfig() *SecureConfig
DefaultSecureConfig returns the default secure configuration