middleware

Documentation

Index

• func AllowCORS(h http.Handler) http.Handler
• func HTTPContextWrapper(h http.Handler, ctxWrapper func(ctx context.Context) context.Context) http.Handler
• func HTTPSession(h http.Handler, manager *scs.SessionManager) http.Handler
• func RealIP(h http.Handler) http.Handler
• func RequestID(next http.Handler, opts ...requestid.Option) http.Handler

Functions

func AllowCORS

func AllowCORS(h http.Handler) http.Handler

AllowCORS allows Cross Origin Resoruce Sharing from any origin. Don't do this without consideration in production systems.

func HTTPContextWrapper

func HTTPContextWrapper(h http.Handler, ctxWrapper func(ctx context.Context) context.Context) http.Handler

HTTPContextWrapper global middelware of the HTTP rounter

func HTTPSession

func HTTPSession(h http.Handler, manager *scs.SessionManager) http.Handler

HTTPSession middleware wrapper

func RealIP

func RealIP(h http.Handler) http.Handler

RealIP is a middleware that sets a http.Request's RemoteAddr to the results of parsing either the X-Forwarded-For header or the X-Real-IP header (in that order).

This middleware should be inserted fairly early in the middleware stack to ensure that subsequent layers (e.g., request loggers) which examine the RemoteAddr will see the intended value.

You should only use this middleware if you can trust the headers passed to you (in particular, the two headers this middleware uses), for example because you have placed a reverse proxy like HAProxy or nginx in front of chi. If your reverse proxies are configured to pass along arbitrary header values from the client, or if you use this middleware without a reverse proxy, malicious clients will be able to make you very sad (or, depending on how you're using RemoteAddr, vulnerable to an attack of some sort).

func RequestID

func RequestID(next http.Handler, opts ...requestid.Option) http.Handler

RequestID middleware adds a unique request id to the request context