middleware

package
v0.18.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 8, 2020 License: Apache-2.0 Imports: 30 Imported by: 0

Documentation

Overview

Package middleware contains application specific gin middleware functions.

Package middleware defines shared middleware for handlers.

Package middleware defines shared middleware for handlers.

Package middleware defines shared middleware for handlers.

Index

Constants

View Source 
const (
	// ChaffHeader is the chaff header key.
	ChaffHeader = "X-Chaff"

	// ChaffDailyKey is the key to check if the chaff should be counted toward
	// daily stats.
	ChaffDailyKey = "daily"
)
View Source 
const (
	HeaderDebug         = "x-debug"
	HeaderDebugBuildID  = "x-build-id"
	HeaderDebugBuildTag = "x-build-tag"
)
View Source 
const (
	HeaderAcceptLanguage = "Accept-Language"
	QueryKeyLanguage     = "lang"
)
View Source 
const (
	// APIKeyHeader is the authorization header required for APIKey protected requests.
	APIKeyHeader = "X-API-Key"
)

Variables

This section is empty.

Functions

func ConfigureCSRF 

func ConfigureCSRF(ctx context.Context, config *config.ServerConfig, h *render.Renderer) mux.MiddlewareFunc

ConfigureCSRF injects the CSRF handling and populates the global template map with the csrfToken and csrfTemplate.

func InjectCurrentPath added in v0.9.0 

func InjectCurrentPath() mux.MiddlewareFunc

func LoadCurrentRealm added in v0.8.0 

func LoadCurrentRealm(cacher cache.Cacher, db *database.Database, h *render.Renderer) mux.MiddlewareFunc

LoadCurrentRealm loads the selected realm from the cache to the context

func MutateMethod added in v0.3.0 

func MutateMethod() mux.MiddlewareFunc

MutateMethod looks for HTML form values that define the "real" HTTP method and then forward that along to the router. This must be a very early middleware.

func PopulateLogger added in v0.16.0 

func PopulateLogger(originalLogger *zap.SugaredLogger) mux.MiddlewareFunc

PopulateLogger populates the logger onto the context.

func PopulateRequestID added in v0.16.0 

func PopulateRequestID(h *render.Renderer) mux.MiddlewareFunc

PopulateRequestID populates the request context with a random UUID.

func PopulateTemplateVariables 

func PopulateTemplateVariables(config *config.ServerConfig) mux.MiddlewareFunc

PopulateTemplateVariables populates the template variables with common information and bootstraps the map for more values to be set by other middlewares.

func ProcessChaff added in v0.18.0 

func ProcessChaff(db *database.Database, t *chaff.Tracker) mux.MiddlewareFunc

ProcessChaff injects the chaff processing middleware. If chaff requests send a value of "daily" (case-insensitive), they will be counted toward the realm's total active users and return a chaff response. Any other values will only return a chaff response.

This must come after RequireAPIKey.

func ProcessDebug added in v0.8.0 

func ProcessDebug() mux.MiddlewareFunc

ProcessDebug adds additional debugging information to the response if the request included the "X-Debug" header with any value.

func ProcessFirewall added in v0.10.0 

func ProcessFirewall(h *render.Renderer, typ string) mux.MiddlewareFunc

ProcessFirewall verifies the application-level firewall configuration.

This must come after the realm has been loaded in the context, probably via a different middleware.

func ProcessLocale added in v0.17.0 

func ProcessLocale(locales *i18n.LocaleMap) mux.MiddlewareFunc

ProcessLocale extracts the locale from the various possible locations and sets the template translator to the correct language.

This must be called after the template map has been created.

func RequireAPIKey 

func RequireAPIKey(cacher cache.Cacher, db *database.Database, h *render.Renderer, allowedTypes []database.APIKeyType) mux.MiddlewareFunc

RequireAPIKey reads the X-API-Key header and validates it is a real authorized app. It also ensures currentAuthorizedApp is set in the template map.

func RequireAuth 

func RequireAuth(cacher cache.Cacher, authProvider auth.Provider, db *database.Database, h *render.Renderer, sessionIdleTTL, expiryCheckTTL time.Duration) mux.MiddlewareFunc

RequireAuth requires a user to be logged in. It also ensures that currentUser is set in the template map. It fetches a user from the session and stores the full record in the request context.

func RequireHeader added in v0.4.0 

func RequireHeader(h *render.Renderer, header string) mux.MiddlewareFunc

RequireHeader requires that the request have a certain header present. The header just needs to exist - it does not need to have a specific value.

func RequireHeaderValues added in v0.4.0 

func RequireHeaderValues(ctx context.Context, h *render.Renderer, header string, allowed []string) mux.MiddlewareFunc

RequireHeaderValues requires that the request have a certain header present and that the value be one of the supplied entries.

func RequireMFA added in v0.8.0 

func RequireMFA(authProvider auth.Provider, h *render.Renderer) mux.MiddlewareFunc

RequireMFA checks the realm's MFA requirements and enforces them. Use requireRealm before requireMFA to ensure the currently selected realm is on context. If no realm is selected, this assumes MFA is required.

func RequireRealm 

func RequireRealm(h *render.Renderer) mux.MiddlewareFunc

RequireRealm requires a realm to exist in the session. It also ensures the realm is set as currentRealm in the template map.

Must come after: 

LoadCurrentRealm to populate the current realm.
RequireAuth so that a user is set on the context.

func RequireRealmAdmin 

func RequireRealmAdmin(h *render.Renderer) mux.MiddlewareFunc

RequireRealmAdmin verifies the user is an admin of the current realm.

Must come after: 

LoadCurrentRealm to populate the current realm.
RequireAuth so that a user is set on the context.

func RequireSession 

func RequireSession(store sessions.Store, h *render.Renderer) func(http.Handler) http.Handler

RequireSession retrieves or creates a new session and stores it on the request's context for future retrieval. It also ensures the flash data is populated in the template map. Any handler that wants to utilize sessions should use this middleware.

func RequireSystemAdmin added in v0.16.0 

func RequireSystemAdmin(h *render.Renderer) mux.MiddlewareFunc

RequireSystemAdmin requires the current user is a global administrator. It must come after RequireAuth so that a user is set on the context.

func RequireVerified added in v0.5.0 

func RequireVerified(authProvider auth.Provider, db *database.Database, h *render.Renderer, ttl time.Duration) mux.MiddlewareFunc

RequireVerified requires a user to have verified their login email.

MUST first run RequireAuth to populate user and RequireRealm to populate the realm.

func SecureHeaders added in v0.6.0 

func SecureHeaders(devMode bool, serverType string) mux.MiddlewareFunc

SecureHeaders sets a bunch of default secure headers that our servers should have.

func WithObservability added in v0.18.0 

func WithObservability(ctx context.Context) (context.Context, mux.MiddlewareFunc)

WithObservability sets common observability context fields.

Types

type Path added in v0.9.0 

type Path struct {
	// contains filtered or unexported fields
}

func (*Path) IsDir added in v0.9.0 

func (p *Path) IsDir(s string) bool

func (*Path) IsFile added in v0.9.0 

func (p *Path) IsFile(s string) bool

func (*Path) IsPath added in v0.9.0 

func (p *Path) IsPath(s string) bool

func (*Path) String added in v0.16.0 

func (p *Path) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.