Affected by 
Documentation
¶
Overview ¶
Package middleware contains application specific gin middleware functions.
Package middleware defines shared middleware for handlers.
Package middleware defines shared middleware for handlers.
Index ¶
- Constants
- func AddHSTS(ctx context.Context) mux.MiddlewareFunc
- func ConfigureCSRF(ctx context.Context, config *config.ServerConfig, h *render.Renderer) mux.MiddlewareFunc
- func EmailFromFirebaseCookie(ctx context.Context, fbClient *auth.Client, cookie string) (string, error)
- func MutateMethod(ctx context.Context) mux.MiddlewareFunc
- func PopulateTemplateVariables(ctx context.Context, config *config.ServerConfig) mux.MiddlewareFunc
- func RequireAPIKey(ctx context.Context, cacher cache.Cacher, db *database.Database, ...) mux.MiddlewareFunc
- func RequireAdmin(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc
- func RequireAuth(ctx context.Context, cacher cache.Cacher, fbClient *auth.Client, ...) mux.MiddlewareFunc
- func RequireHeader(ctx context.Context, h *render.Renderer, header string) mux.MiddlewareFunc
- func RequireHeaderValues(ctx context.Context, h *render.Renderer, header string, allowed []string) mux.MiddlewareFunc
- func RequireRealm(ctx context.Context, cacher cache.Cacher, db *database.Database, ...) mux.MiddlewareFunc
- func RequireRealmAdmin(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc
- func RequireSession(ctx context.Context, store sessions.Store, h *render.Renderer) func(http.Handler) http.Handler
- func RequireVerified(ctx context.Context, client *auth.Client, db *database.Database, ...) mux.MiddlewareFunc
Constants ¶
const (
// APIKeyHeader is the authorization header required for APIKey protected requests.
APIKeyHeader = "X-API-Key"
)
Variables ¶
This section is empty.
Functions ¶
func AddHSTS ¶ added in v0.5.1
func AddHSTS(ctx context.Context) mux.MiddlewareFunc
AddHSTS adds the required HSTS headers to the response. You should only enable this middlware in production systems.
func ConfigureCSRF ¶
func ConfigureCSRF(ctx context.Context, config *config.ServerConfig, h *render.Renderer) mux.MiddlewareFunc
ConfigureCSRF injects the CSRF handling and populates the global template map with the csrfToken and csrfTemplate.
func EmailFromFirebaseCookie ¶ added in v0.5.0
func EmailFromFirebaseCookie(ctx context.Context, fbClient *auth.Client, cookie string) (string, error)
EmailFromFirebaseCookie extracts the user's email address from the provided firebase cookie, if it exists.
func MutateMethod ¶ added in v0.3.0
func MutateMethod(ctx context.Context) mux.MiddlewareFunc
MutateMethod looks for HTML form values that define the "real" HTTP method and then forward that along to the router. This must be a very early middleware.
func PopulateTemplateVariables ¶
func PopulateTemplateVariables(ctx context.Context, config *config.ServerConfig) mux.MiddlewareFunc
PopulateTemplateVariables populates the template variables with common information and bootstraps the map for more values to be set by other middlewares.
func RequireAPIKey ¶
func RequireAPIKey(ctx context.Context, cacher cache.Cacher, db *database.Database, h *render.Renderer, allowedTypes []database.APIUserType) mux.MiddlewareFunc
RequireAPIKey reads the X-API-Key header and validates it is a real authorized app. It also ensures currentAuthorizedApp is set in the template map.
func RequireAdmin ¶
RequireAdmin requires the current user is a global administrator. It must come after RequireAuth so that a user is set on the context.
func RequireAuth ¶
func RequireAuth(ctx context.Context, cacher cache.Cacher, fbClient *auth.Client, db *database.Database, h *render.Renderer, ttl time.Duration) mux.MiddlewareFunc
RequireAuth requires a user to be logged in. It also ensures that currentUser is set in the template map. It fetches a user from the session and stores the full record in the request context.
func RequireHeader ¶ added in v0.4.0
RequireHeader requires that the request have a certain header present. The header just needs to exist - it does not need to have a specific value.
func RequireHeaderValues ¶ added in v0.4.0
func RequireHeaderValues(ctx context.Context, h *render.Renderer, header string, allowed []string) mux.MiddlewareFunc
RequireHeaderValues requires that the request have a certain header present and that the value be one of the supplied entries.
func RequireRealm ¶
func RequireRealm(ctx context.Context, cacher cache.Cacher, db *database.Database, h *render.Renderer) mux.MiddlewareFunc
RequireRealm requires a realm to exist in the session. It also ensures the realm is set as currentRealm in the template map. It must come after RequireAuth so that a user is set on the context.
func RequireRealmAdmin ¶
RequireRealmAdmin verifies the user is an admin of the current realm. It must come after RequireAuth and RequireRealm so that a user and realm are set on the context.
func RequireSession ¶
func RequireSession(ctx context.Context, store sessions.Store, h *render.Renderer) func(http.Handler) http.Handler
RequireSession retrieves or creates a new session and stores it on the request's context for future retrieval. It also ensures the flash data is populated in the template map. Any handler that wants to utilize sessions should use this middleware.
Types ¶
This section is empty.
Source Files