Documentation ¶
Overview ¶
Package middleware contains application specific gin middleware functions.
Package middleware defines shared middleware for handlers.
Package middleware defines shared middleware for handlers.
Package middleware defines shared middleware for handlers.
Index ¶
- Constants
- func ConfigureCSRF(ctx context.Context, config *config.ServerConfig, h *render.Renderer) mux.MiddlewareFunc
- func InjectCurrentPath() mux.MiddlewareFunc
- func LoadCurrentRealm(ctx context.Context, cacher cache.Cacher, db *database.Database, ...) mux.MiddlewareFunc
- func MutateMethod(ctx context.Context) mux.MiddlewareFunc
- func PopulateTemplateVariables(ctx context.Context, config *config.ServerConfig) mux.MiddlewareFunc
- func ProcessDebug(ctx context.Context) mux.MiddlewareFunc
- func ProcessFirewall(ctx context.Context, h *render.Renderer, typ string) mux.MiddlewareFunc
- func RequireAPIKey(ctx context.Context, cacher cache.Cacher, db *database.Database, ...) mux.MiddlewareFunc
- func RequireAdmin(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc
- func RequireAuth(ctx context.Context, cacher cache.Cacher, authProvider auth.Provider, ...) mux.MiddlewareFunc
- func RequireHeader(ctx context.Context, h *render.Renderer, header string) mux.MiddlewareFunc
- func RequireHeaderValues(ctx context.Context, h *render.Renderer, header string, allowed []string) mux.MiddlewareFunc
- func RequireMFA(ctx context.Context, authProvider auth.Provider, h *render.Renderer) mux.MiddlewareFunc
- func RequireRealm(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc
- func RequireRealmAdmin(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc
- func RequireSession(ctx context.Context, store sessions.Store, h *render.Renderer) func(http.Handler) http.Handler
- func RequireVerified(ctx context.Context, authProvider auth.Provider, db *database.Database, ...) mux.MiddlewareFunc
- func SecureHeaders(ctx context.Context, devMode bool, serverType string) mux.MiddlewareFunc
- type Path
Constants ¶
const ( HeaderDebug = "x-debug" HeaderDebugBuildID = "x-build-id" HeaderDebugBuildTag = "x-build-tag" )
const (
// APIKeyHeader is the authorization header required for APIKey protected requests.
APIKeyHeader = "X-API-Key"
)
Variables ¶
This section is empty.
Functions ¶
func ConfigureCSRF ¶
func ConfigureCSRF(ctx context.Context, config *config.ServerConfig, h *render.Renderer) mux.MiddlewareFunc
ConfigureCSRF injects the CSRF handling and populates the global template map with the csrfToken and csrfTemplate.
func InjectCurrentPath ¶ added in v0.9.0
func InjectCurrentPath() mux.MiddlewareFunc
func LoadCurrentRealm ¶ added in v0.8.0
func LoadCurrentRealm(ctx context.Context, cacher cache.Cacher, db *database.Database, h *render.Renderer) mux.MiddlewareFunc
LoadCurrentRealm loads the selected realm from the cache to the context
func MutateMethod ¶ added in v0.3.0
func MutateMethod(ctx context.Context) mux.MiddlewareFunc
MutateMethod looks for HTML form values that define the "real" HTTP method and then forward that along to the router. This must be a very early middleware.
func PopulateTemplateVariables ¶
func PopulateTemplateVariables(ctx context.Context, config *config.ServerConfig) mux.MiddlewareFunc
PopulateTemplateVariables populates the template variables with common information and bootstraps the map for more values to be set by other middlewares.
func ProcessDebug ¶ added in v0.8.0
func ProcessDebug(ctx context.Context) mux.MiddlewareFunc
ProcessDebug adds additional debugging information to the response if the request included the "X-Debug" header with any value.
func ProcessFirewall ¶ added in v0.10.0
ProcessFirewall verifies the application-level firewall configuration.
This must come after the realm has been loaded in the context, probably via a different middleware.
func RequireAPIKey ¶
func RequireAPIKey(ctx context.Context, cacher cache.Cacher, db *database.Database, h *render.Renderer, allowedTypes []database.APIKeyType) mux.MiddlewareFunc
RequireAPIKey reads the X-API-Key header and validates it is a real authorized app. It also ensures currentAuthorizedApp is set in the template map.
func RequireAdmin ¶
RequireAdmin requires the current user is a global administrator. It must come after RequireAuth so that a user is set on the context.
func RequireAuth ¶
func RequireAuth(ctx context.Context, cacher cache.Cacher, authProvider auth.Provider, db *database.Database, h *render.Renderer, sessionIdleTTL, expiryCheckTTL time.Duration) mux.MiddlewareFunc
RequireAuth requires a user to be logged in. It also ensures that currentUser is set in the template map. It fetches a user from the session and stores the full record in the request context.
func RequireHeader ¶ added in v0.4.0
RequireHeader requires that the request have a certain header present. The header just needs to exist - it does not need to have a specific value.
func RequireHeaderValues ¶ added in v0.4.0
func RequireHeaderValues(ctx context.Context, h *render.Renderer, header string, allowed []string) mux.MiddlewareFunc
RequireHeaderValues requires that the request have a certain header present and that the value be one of the supplied entries.
func RequireMFA ¶ added in v0.8.0
func RequireMFA(ctx context.Context, authProvider auth.Provider, h *render.Renderer) mux.MiddlewareFunc
RequireMFA checks the realm's MFA requirements and enforces them. Use requireRealm before requireMFA to ensure the currently selected realm is on context. If no realm is selected, this assumes MFA is required.
func RequireRealm ¶
RequireRealm requires a realm to exist in the session. It also ensures the realm is set as currentRealm in the template map.
Must come after:
LoadCurrentRealm to populate the current realm. RequireAuth so that a user is set on the context.
func RequireRealmAdmin ¶
RequireRealmAdmin verifies the user is an admin of the current realm.
Must come after:
LoadCurrentRealm to populate the current realm. RequireAuth so that a user is set on the context.
func RequireSession ¶
func RequireSession(ctx context.Context, store sessions.Store, h *render.Renderer) func(http.Handler) http.Handler
RequireSession retrieves or creates a new session and stores it on the request's context for future retrieval. It also ensures the flash data is populated in the template map. Any handler that wants to utilize sessions should use this middleware.
func RequireVerified ¶ added in v0.5.0
func RequireVerified(ctx context.Context, authProvider auth.Provider, db *database.Database, h *render.Renderer, ttl time.Duration) mux.MiddlewareFunc
RequireVerified requires a user to have verified their login email.
MUST first run RequireAuth to populate user and RequireRealm to populate the realm.
func SecureHeaders ¶ added in v0.6.0
SecureHeaders sets a bunch of default secure headers that our servers should have.