middleware

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 1, 2020 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Overview

Package middleware contains application specific gin middleware functions.

Package middleware defines shared middleware for handlers.

Package middleware defines shared middleware for handlers.

Index

Constants

View Source
const (
	// APIKeyHeader is the authorization header required for APIKey protected requests.
	APIKeyHeader = "X-API-Key"
)

Variables

This section is empty.

Functions

func ConfigureCSRF

func ConfigureCSRF(ctx context.Context, config *config.ServerConfig, h *render.Renderer) mux.MiddlewareFunc

ConfigureCSRF injects the CSRF handling and populates the global template map with the csrfToken and csrfTemplate.

func EmailFromFirebaseCookie added in v0.5.0

func EmailFromFirebaseCookie(ctx context.Context, fbClient *auth.Client, cookie string) (string, error)

EmailFromFirebaseCookie extracts the user's email address from the provided firebase cookie, if it exists.

func MutateMethod added in v0.3.0

func MutateMethod(ctx context.Context) mux.MiddlewareFunc

MutateMethod looks for HTML form values that define the "real" HTTP method and then forward that along to the router. This must be a very early middleware.

func PopulateTemplateVariables

func PopulateTemplateVariables(ctx context.Context, config *config.ServerConfig) mux.MiddlewareFunc

PopulateTemplateVariables populates the template variables with common information and bootstraps the map for more values to be set by other middlewares.

func RequireAPIKey

func RequireAPIKey(ctx context.Context, cacher cache.Cacher, db *database.Database, h *render.Renderer, allowedTypes []database.APIUserType) mux.MiddlewareFunc

RequireAPIKey reads the X-API-Key header and validates it is a real authorized app. It also ensures currentAuthorizedApp is set in the template map.

func RequireAdmin

func RequireAdmin(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc

RequireAdmin requires the current user is a global administrator. It must come after RequireAuth so that a user is set on the context.

func RequireAuth

func RequireAuth(ctx context.Context, cacher cache.Cacher, fbClient *auth.Client, db *database.Database, h *render.Renderer, ttl time.Duration) mux.MiddlewareFunc

RequireAuth requires a user to be logged in. It also ensures that currentUser is set in the template map. It fetches a user from the session and stores the full record in the request context.

func RequireHeader added in v0.4.0

func RequireHeader(ctx context.Context, h *render.Renderer, header string) mux.MiddlewareFunc

RequireHeader requires that the request have a certain header present. The header just needs to exist - it does not need to have a specific value.

func RequireHeaderValues added in v0.4.0

func RequireHeaderValues(ctx context.Context, h *render.Renderer, header string, allowed []string) mux.MiddlewareFunc

RequireHeaderValues requires that the request have a certain header present and that the value be one of the supplied entries.

func RequireRealm

func RequireRealm(ctx context.Context, cacher cache.Cacher, db *database.Database, h *render.Renderer) mux.MiddlewareFunc

RequireRealm requires a realm to exist in the session. It also ensures the realm is set as currentRealm in the template map. It must come after RequireAuth so that a user is set on the context.

func RequireRealmAdmin

func RequireRealmAdmin(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc

RequireRealmAdmin verifies the user is an admin of the current realm. It must come after RequireAuth and RequireRealm so that a user and realm are set on the context.

func RequireSession

func RequireSession(ctx context.Context, store sessions.Store, h *render.Renderer) func(http.Handler) http.Handler

RequireSession retrieves or creates a new session and stores it on the request's context for future retrieval. It also ensures the flash data is populated in the template map. Any handler that wants to utilize sessions should use this middleware.

func RequireVerified added in v0.5.0

func RequireVerified(ctx context.Context, client *auth.Client, db *database.Database, h *render.Renderer, ttl time.Duration) mux.MiddlewareFunc

RequireVerified requires a user to have verified their login email. MUST first run RequireAuth to populate user.

func SecureHeaders added in v0.6.0

func SecureHeaders(ctx context.Context, devMode bool, serverType string) mux.MiddlewareFunc

SecureHeaders sets a bunch of default secure headers that our servers should have.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL