server

package
v1.0.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2022 License: GPL-3.0 Imports: 43 Imported by: 0

README

Server

Server library provides a complete HTTP/HTTPS server that can be easily embedded in your application and requires minimum to no configuration, being able to run securely with its default settings.

Features
  • Automatic routing
  • Auto acquire HTTPS certificates through Let's Encrypt
  • Session management with support for different stores (DB, Redis, In-Memory built in stores)
  • Support for various input/output encodings (JSON, XML, Binary, gRPC built in)
  • Support for various compression algorithms (GZip, Deflate, Brotli built in)
  • Access logs (Apache format compatible)
  • Security enhancements (XSS, CSRF, DNT, HSTS, CSP, BruteForce, Rate Limiter, Whitelist/Blacklist built in)
  • Request tracing
  • Server statistics
  • Internationalization and GeoIP detection support
Install
$ go get github.com/najibulloShapoatov/server-core/server
Usage example(s)
Start a server that listens on HTTP(80)
import (
   "github.com/najibulloShapoatov/server-core/server"
)

func main() {
    svc := server.New(nil)
    svc.Start()
}
Register custom stores and engines
// register 2 new middleware functions
server.UseMiddleware(m1, m2) 

// register decoder/encoder for some custom content type
server.RegisterDecoder("text/yaml", myYAMLDecoder)
server.RegisterEncoder("text/yaml", myYAMLEncoder)

// register http endpoints for all your module handlers
server.RegisterRoute(myService)

Documentation

Overview

Package server contains the main web server

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RegisterDecoder 

func RegisterDecoder(contentType string, inFunc InputFunc)

RegisterDecoder registers a InputFunc decoder that can handle the given MIME type

func RegisterEncoder 

func RegisterEncoder(contentType string, outFunc OutputFunc)

RegisterEncoder registers a OutputFunc decoder that can handle the given MIME type

func RegisterRoute 

func RegisterRoute(module platform.Module) error

Register all services handlers

func UnregisterRoute 

func UnregisterRoute(name string)

Remove service handler

func UnregisterRoutes 

func UnregisterRoutes()

Remove all service handlers

func UseMiddleware 

func UseMiddleware(middleware ...Middleware)

Register a handler that will be called before the request handler is called

Types

type BruteForceConfig 

type BruteForceConfig struct {
	// Enabled the brute force protection using a leaky bucket rate limiter
	Enabled bool `config:"platform.server.security.bruteForce.enabled" default:"false"`
	// Rate parameter for the leaky bucket
	Rate float64 `config:"platform.server.security.bruteForce.rate" default:"1"`
	// Capacity parameter for the leaky bucket
	Capacity int64 `config:"platform.server.security.bruteForce.capacity" default:"10"`
}

type CacheConfig 

type CacheConfig struct {
	// Enable cache headers for static resources
	Enabled bool `config:"platform.server.cache.enable" default:"yes"`
	// TTL for static resources (js, css, images etc)
	TTL time.Duration `json:"platform.server.cache.ttl" default:"3d"`
}

type Config 

type Config struct {
	// HTTPS configuration
	HTTPS HTTPSConfig `config:"."`
	// Name of the server that will be used in response headers
	// Default value is ServerCore
	Name string `config:"platform.server.name" default:"ServerCore"`
	// Host is the domain name the web server will reply to.
	// Default value is localhost
	Host string `config:"platform.server.host" default:"localhost"`
	// Address on which the server will bind to.
	// Default value is 0.0.0.0 which will bind to all network interfaces
	Address string `config:"platform.server.address" default:"0.0.0.0"`
	// StaticPath where static assets are loaded from
	StaticPath string `config:"platform.server.staticPath" default:"/var/www"`
	// TraceHeader represents the name of the HTTP header used to add trace ids
	// Default value is X-Trace-Id
	TraceHeader string `config:"platform.server.security.tracing.header" default:"X-Trace-Id"`
	// Port to use to bind the HTTP server to.
	// Default value is 80
	Port int `config:"platform.server.port" default:"80"`
	// ReadTimeout for client requests. A timeout of 0 means no timeout.
	// Default value is 0
	ReadTimeout time.Duration `config:"platform.sever.readTimeout" default:"0"`
	// WriteTimeout for client responses. A timeout of 0 means no timeout.
	// Default value is 0
	WriteTimeout time.Duration `config:"platform.server.writeTimeout" default:"0"`
	// IdleTimeout for keep-alive connections. A timeout of 0 means no timeout.
	// Default value is 0
	IdleTimeout time.Duration `config:"platform.server.idleTimeout" default:"0"`
	// PostMaxSize is the maximum amount of payload a client can send.
	// Default value is 100MB
	PostMaxSize int `config:"platform.server.maxPostSize" default:"100MB"`
	// Session settings
	Session *session.Config `config:"."`
	// Cache settings
	Cache *CacheConfig `config:"."`
	// Security settings
	Security *SecurityConfig `config:"."`
	// UseCompression will enable a middleware to compress server responses
	// using one of the supported compression methods (GZip, Deflate, Br).
	// Default value is enabled
	UseCompression bool `config:"platform.server.gzip" default:"true"`
	// EnableTracing will enable the TraceHeader on all responses.
	// Default value is enabled
	EnableTracing bool `config:"platform.server.security.tracing.enabled" default:"yes"`
	// TraceRequired indicates that this service will be a middleware or backend service and
	// all requests coming to it should come from a service that emits the tracing header, thus making
	// it a requirement on all incoming requests.
	// Default value is disabled
	TraceRequired bool `config:"platform.server.security.tracing.required" default:"no"`
}

config contains all the configurations of the server and is suited with default values that require minimum to no intervention to start a secure web server

func (*Config) Validate 

func (cfg *Config) Validate() error

type Context 

type Context struct {
	// Request is a reference to the original HTTP request
	Request *http.Request
	// Response is a reference to the original HTTP response writer
	Response *Response
	// Server is reference to the server instance through which you can access the server
	// configuration
	Server *Server
	// Session
	Session *session.Session
	// Data is a map of values that can be stored for the duration of the request
	Data map[string]interface{}
	// DoNotTrack flag
	DNT bool
	// Consent given to track and use cookies
	Consent bool
	// contains filtered or unexported fields
}

Context provided by the server to handle a request

func (*Context) AccountID 

func (c *Context) AccountID() *string

AccountID returns the current logged in user id, 0 otherwise

func (*Context) Authenticated 

func (c *Context) Authenticated() bool

Authenticated verifies the user if it is authenticated

func (*Context) BadRequest 

func (c *Context) BadRequest(err interface{})

Generic bad request from user (missing parameters, bad encoding, etc)

func (*Context) Can 

func (c *Context) Can(permission platform.Permission) bool

Can verifies if the user can perform the given operations

func (*Context) CanAll 

func (c *Context) CanAll(permissions ...platform.Permission) bool

Can verifies if the user can perform the given operations

func (*Context) CanAny 

func (c *Context) CanAny(permissions ...platform.Permission) bool

Can verifies if the user can perform the given operations

func (*Context) ErrorBadRequest 

func (c *Context) ErrorBadRequest(e interface{}) (status int, err error)

Generic bad request from user (missing parameters, bad encoding, etc)

func (*Context) ErrorForbidden 

func (c *Context) ErrorForbidden(err error) (int, error)

User is authenticated but doesn't have permission to do what it wants

func (*Context) ErrorServerError 

func (c *Context) ErrorServerError(err error) (int, error)

User is not authenticated

func (*Context) ErrorUnauthorized 

func (c *Context) ErrorUnauthorized(err error) (int, error)

User is not authenticated

func (*Context) Forbidden 

func (c *Context) Forbidden(err interface{})

User is authenticated but doesn't have permission to do what it wants

func (*Context) FormFile 

func (c *Context) FormFile(name string) (file multipart.File, header *multipart.FileHeader, err error)

func (*Context) FormValue 

func (c *Context) FormValue(name string) (string, error)

func (*Context) Get 

func (c *Context) Get(key string, val interface{}) error

func (*Context) OK 

func (c *Context) OK() (int, error)

func (*Context) RemoteAddr 

func (c *Context) RemoteAddr() string

RemoteAddress returns the network address that sent the request

func (*Context) ServerError 

func (c *Context) ServerError(err error)

User is not authenticated

func (*Context) Set 

func (c *Context) Set(key string, val interface{})

func (*Context) Unauthorized 

func (c *Context) Unauthorized(err interface{})

User is not authenticated

func (*Context) UserAgent 

func (c *Context) UserAgent() string

UserAgent returns the client's User-Agent, if sent in the request.

type HTTPSConfig 

type HTTPSConfig struct {
	// Enable HTTPS
	Enabled bool `config:"platform.server.https.enabled" default:"false"`
	// Try to automatically generate or acquire SSL certificate from LetsEncrypt
	Auto bool `config:"platform.server.https.auto" default:"true"`
	// Method of auto generated certificate to use. Available options are lets-encrypt, self-signed or auto
	CertType string `config:"platform.server.https.autoType" default:"lets-encrypt"`
	// Default HTTPS port
	Port int `config:"platform.server.https.port" default:"433"`
	// Path to server certificate
	Cert string `config:"platform.server.https.cert"`
	// Path to server private key
	Key string `config:"platform.server.https.key"`
}

type HandlerFunc 

type HandlerFunc func(*Context) error

Handler function used by middleware to chain call all of them

type InputFunc 

type InputFunc func(ctx *Context, h *handler) ([]interface{}, error)

InputFunc is the signature a decoder must implement to be registered as valid input decoder

type Manager 

type Manager interface {
	GetCertificate(clientHello *tls.ClientHelloInfo) (*tls.Certificate, error)
	GetCertificateFiles() (string, string)
	TLSConfig() *tls.Config
}

Manager interface is required by the server to be used as certificate provider

type Middleware 

type Middleware func(HandlerFunc) HandlerFunc

Middleware function signature

type OutputFunc 

type OutputFunc func(ctx *Context, params ...interface{}) ([]byte, error)

OutputFunc is the signature a encoder must implement to be registered as valid output encoder

type Response 

type Response struct {
	Writer http.ResponseWriter

	Status    int
	Size      int64
	Committed bool
	// contains filtered or unexported fields
}

func (*Response) Compressor 

func (r *Response) Compressor(wr io.Writer)

func (*Response) Flush 

func (r *Response) Flush()

Flush buffered data to the client.

func (*Response) Header 

func (r *Response) Header() http.Header

Header returns the response writer header

func (*Response) Write 

func (r *Response) Write(b []byte) (n int, err error)

Write sends the given byte array to the user through the ResponseWriter

func (*Response) WriteHeader 

func (r *Response) WriteHeader(code int)

WriteHeader writers the response status code the the client

type SecurityConfig 

type SecurityConfig struct {
	// BruteForce protection configuration
	BruteForce *BruteForceConfig `config:"."`
	// CSRFTokenRequired indicates that POST, PUT, PATCH methods should have a CSRF token header
	// or they will be discarded.
	// Default value is disabled.
	CSRFTokenRequired bool `config:"platform.server.security.csrfRequired" default:"no"`
	// DNT flag indicates if the server should respect Do Not Track requests
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/DNT
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Tk
	// Default value is enabled
	DNT bool `config:"platform.server.security.dnt" default:"yes"`
	// PreventIFraming is set if you want to prevent web page to be embedded in a iframe by adding
	// the X-Frame-Options header which tells the browser the page should not be rendered in an iframe
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
	// Default value is enabled
	PreventIFraming bool `config:"platform.server.security.preventIFraming" default:"no"`
	// XSSProtection provides protection against cross-site scripting attack (XSS)
	// by setting the `X-XSS-Protection` header.
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
	// Default value is enabled.
	XSSProtection bool `config:"platform.server.security.XSSProtection" default:"yes"`
	// HSTS (http strict transport security header) enables the Strict-Transport-Security header
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
	// Default value is no.
	HSTS bool `config:"platform.server.security.hsts" default:"no"`
	// ContentTypeOptions enables the X-Content-Type-Options response HTTP header which is a marker used by
	// the server to indicate that the MIME types advertised in the Content-Type headers should not be
	// changed and be followed.
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
	// Default value is enabled
	ContentTypeOptions bool `config:"platform.server.security.contentTypeOptions" default:"true"`
	// HSTSDirectives enables the HSTS Strict-Transport-Security header directives
	// Default value is "max-age=63072000; includeSubDomains"
	HSTSDirectives string `config:"platform.server.security.HSTSDirectives" default:"max-age=63072000; includeSubDomains"`
	// CSP enables Content-Security-Policy header
	// Header can also be used for reporting by adding 'report-uri http://reportcollector.example.com/collector.cgi'
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
	// Default value is "default-src 'self'"
	CSP string `config:"platform.server.security.csp" default:"default-src 'self'"`
	// Whitelist contains a comma separated list of IP's that can access the application.
	// The IP's can be defined as simple IP addresses, IP ranges, CIDR ranges and *
	Whitelist string `config:"platform.server.security.whitelist"`
	// Blacklist contains a comma separated list of IP's that cannot access the application.
	// The IP's can be defined as simple IP addresses, IP ranges, CIDR ranges and *
	Blacklist string `config:"platform.server.security.blacklist"`
	// Server security with url scan
	URLScanner bool `config:"platform.server.security.urlScanner" default:"false"`
	// IP ban time for url scan detection
	BanDuration time.Duration `config:"platform.server.security.banDuration" default:"5h"`
	// The Access-Control-Allow-Origin response header indicates whether the response can be
	// shared with requesting code from the given origin.
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
	CORSOrigin string `config:"platform.server.security.cors.origin"`
	// The Access-Control-Allow-Headers response header is used in response to a preflight request
	// which includes the Access-Control-Request-Headers to indicate which HTTP headers can be used
	// during the actual request.
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
	CORSHeaders string `config:"platform.server.security.cors.headers"`
	// The Access-Control-Expose-Headers response header indicates which headers can be exposed
	// as part of the response by listing their names.
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers
	CORSExposeHeaders string `config:"platform.server.security.cors.expose"`
	// The Access-Control-Allow-Methods response header specifies the method or methods allowed
	// when accessing the resource in response to a preflight request.
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods
	CORSMethods string `config:"platform.server.security.cors.methods"`
	// The Access-Control-Request-Headers request header is used by browsers when issuing a preflight
	// request, to let the server know which HTTP headers the client might send when the actual request
	// is made (such as with setRequestHeader()). This browser side header will be answered by the complementary
	// server side header of Access-Control-Allow-Headers.
	// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers
	CORSRequest string `config:"platform.server.security.cors.request"`
}

type Server 

type Server struct {
	// config for server
	Config *Config
	// contains filtered or unexported fields
}

func New 

func New(config *Config) (*Server, error)

func (*Server) Restart 

func (s *Server) Restart() error

func (*Server) ServeHTTP 

func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request)

func (*Server) Start 

func (s *Server) Start() error

func (*Server) Stop 

func (s *Server) Stop() error

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.