middleware

package
v0.0.25 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 8, 2022 License: MIT Imports: 24 Imported by: 0

Documentation

Overview

Package middleware provides helpful functions that implement some common functionalities in http servers. A middleware is a function that returns a http.HandlerFunc

Example (All) 
package main

import (
	"io"
	"net/http"
	"os"

	"github.com/komuw/ong/log"
	"github.com/komuw/ong/middleware"
)

func main() {
	l := log.New(os.Stdout, 100)
	opts := middleware.WithOpts("example.com", 443, "secretKey", l)

	myHandler := func(w http.ResponseWriter, _ *http.Request) {
		_, _ = io.WriteString(w, "Hello from a HandleFunc \n")
	}

	handler := middleware.All(myHandler, opts)

	http.HandleFunc("/", handler)
	err := http.ListenAndServe(":8080", nil)
	if err != nil {
		panic(err)
	}
}

Output:
Example (Get) 
package main

import (
	"fmt"
	"net/http"
	"os"

	"github.com/komuw/ong/log"
	"github.com/komuw/ong/middleware"
)

func loginHandler() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		cspNonce := middleware.GetCspNonce(r.Context())
		_ = cspNonce

		_, _ = fmt.Fprint(w, "welcome to your favorite website.")
	}
}

func main() {
	l := log.New(os.Stdout, 100)
	opts := middleware.WithOpts("example.com", 443, "secretKey", l)
	handler := middleware.Get(loginHandler(), opts)
	_ = handler // use handler

}

Output:
Example (GetCspNonce) 
package main

import (
	"fmt"
	"net/http"
	"os"

	"github.com/komuw/ong/log"
	"github.com/komuw/ong/middleware"
)

func loginHandler() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		cspNonce := middleware.GetCspNonce(r.Context())
		_ = cspNonce

		_, _ = fmt.Fprint(w, "welcome to your favorite website.")
	}
}

func main() {
	handler := middleware.Get(
		loginHandler(),
		middleware.WithOpts("example.com", 443, "secretKey", log.New(os.Stdout, 100)),
	)
	_ = handler // use handler

}

Output:
Example (GetCsrfToken) 
package main

import (
	"fmt"
	"net/http"
	"os"

	"github.com/komuw/ong/log"
	"github.com/komuw/ong/middleware"
)

func welcomeHandler() http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		csrfToken := middleware.GetCsrfToken(r.Context())
		_ = csrfToken

		_, _ = fmt.Fprint(w, "welcome.")
	}
}

func main() {
	handler := middleware.Get(
		welcomeHandler(),
		middleware.WithOpts("example.com", 443, "secretKey", log.New(os.Stdout, 100)),
	)
	_ = handler // use handler

}

Output:

Index

Examples

Constants

View Source 
const (
	// CsrfTokenFormName is the name of the html form name attribute for csrf token.
	CsrfTokenFormName = "csrftoken" // named after what django uses.
	// CsrfHeader is the name of the http header that Ong uses to store csrf token.
	CsrfHeader = "X-Csrf-Token" // named after what fiber uses.

)

Variables

This section is empty.

Functions

func All 

func All(wrappedHandler http.HandlerFunc, o Opts) http.HandlerFunc

All is a middleware that allows all http methods.

It is composed of the [recoverer], [logger], [rateLimiter], [loadShedder], [httpsRedirector], [securityHeaders], [cors], [csrf], [reloadProtector] & [session] middleware. As such, it provides the features and functionalities of all those middlewares.

func BasicAuth 

func BasicAuth(wrappedHandler http.HandlerFunc, user, passwd string) http.HandlerFunc

BasicAuth is a middleware that protects wrappedHandler using basic authentication.

func Delete 

func Delete(wrappedHandler http.HandlerFunc, o Opts) http.HandlerFunc

Delete is a middleware that only allows http DELETE requests and http OPTIONS requests.

It is composed of the [recoverer], [logger], [rateLimiter], [loadShedder], [httpsRedirector], [securityHeaders], [cors], [csrf], [reloadProtector] & [session] middleware. As such, it provides the features and functionalities of all those middlewares.

func Get 

func Get(wrappedHandler http.HandlerFunc, o Opts) http.HandlerFunc

Get is a middleware that only allows http GET requests and http OPTIONS requests.

It is composed of the [recoverer], [logger], [rateLimiter], [loadShedder], [httpsRedirector], [securityHeaders], [cors], [csrf], [reloadProtector] & [session] middleware. As such, it provides the features and functionalities of all those middlewares.

func GetCspNonce 

func GetCspNonce(c context.Context) string

GetCspNonce returns the Content-Security-Policy nonce that was set for the http request in question.

func GetCsrfToken 

func GetCsrfToken(c context.Context) string

GetCsrfToken returns the csrf token that was set for the http request in question. 

func Head(wrappedHandler http.HandlerFunc, o Opts) http.HandlerFunc

Head is a middleware that only allows http HEAD requests and http OPTIONS requests.

It is composed of the [recoverer], [logger], [rateLimiter], [loadShedder], [httpsRedirector], [securityHeaders], [cors], [csrf], [reloadProtector] & [session] middleware. As such, it provides the features and functionalities of all those middlewares.

func Post 

func Post(wrappedHandler http.HandlerFunc, o Opts) http.HandlerFunc

Post is a middleware that only allows http POST requests and http OPTIONS requests.

It is composed of the [recoverer], [logger], [rateLimiter], [loadShedder], [httpsRedirector], [securityHeaders], [cors], [csrf], [reloadProtector] & [session] middleware. As such, it provides the features and functionalities of all those middlewares.

func Put 

func Put(wrappedHandler http.HandlerFunc, o Opts) http.HandlerFunc

Put is a middleware that only allows http PUT requests and http OPTIONS requests.

It is composed of the [recoverer], [logger], [rateLimiter], [loadShedder], [httpsRedirector], [securityHeaders], [cors], [csrf], [reloadProtector] & [session] middleware. As such, it provides the features and functionalities of all those middlewares.

Types

type Opts 

type Opts struct {
	// contains filtered or unexported fields
}

Opts are the various parameters(optionals) that can be used to configure middlewares.

Use either New or WithOpts to get a valid Opts.

func New added in v0.0.14 

func New(
	domain string,
	httpsPort uint16,
	allowedOrigins []string,
	allowedMethods []string,
	allowedHeaders []string,
	secretKey string,
	l log.Logger,
) Opts

New returns a new Opts.

domain is the domain name of your website. httpsPort is the tls port where http requests will be redirected to. allowedOrigins, allowedMethods, & allowedHeaders are used by the [cors] middleware.

The secretKey should be kept secret and should not be shared. If it becomes compromised, generate a new one and restart your application using the new one.

func WithOpts 

func WithOpts(domain string, httpsPort uint16, secretKey string, l log.Logger) Opts

WithOpts returns a new Opts that has sensible defaults.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.