Documentation
¶
Index ¶
- Constants
- func RateLimiterErrorHandler(handler httpx.ErrorHandler) func(*RateLimiter)
- func RateLimiterHandler(handler RateLimitHandler) func(*RateLimiter)
- type AllowContentTypes
- type Authentication
- func (m *Authentication) HandleError(ctx context.Context, request *httpx.Request, err merry.Error) httpx.Response
- func (m *Authentication) HandleUnauthorized(ctx context.Context, request *httpx.Request) httpx.Response
- func (m *Authentication) Service(ctx context.Context, request *httpx.Request) httpx.Response
- type CSRFProtector
- type CheckOrigin
- type Invoker
- type PassiveAuthentication
- type RateLimitHandler
- type RateLimiter
- func NewClientLimiter(provider ratelimit.Provider, opts ...RateLimiterOption) (*RateLimiter, merry.Error)
- func NewRateLimiter(provider ratelimit.Provider, extractor httpx.StringExtractor, ...) (*RateLimiter, merry.Error)
- func NewUserLimiter(provider ratelimit.Provider, opts ...RateLimiterOption) (*RateLimiter, merry.Error)
- type RateLimiterOption
- type Responder
- type RestrictContentTypes
- type ReverseProxy
- type Router
Constants ¶
View Source
const (
AcceptHeaderKey = "Accept"
)
View Source
const (
RetryAfterHeaderKey = "Retry-After"
)
View Source
const (
WWWAuthenticateHeaderKey = "Www-Authenticate"
)
Variables ¶
This section is empty.
Functions ¶
func RateLimiterErrorHandler ¶
func RateLimiterErrorHandler(handler httpx.ErrorHandler) func(*RateLimiter)
func RateLimiterHandler ¶
func RateLimiterHandler(handler RateLimitHandler) func(*RateLimiter)
Types ¶
type AllowContentTypes ¶
type AllowContentTypes struct {
// Permitted is content types that should be allowed.
Permitted []contenttype.ContentType
// ErrorHandler can be set to optionally customize the response
// for an error. The `err` parameter passed to the handler will
// have a recommended HTTP status code. The default handler will
// return the recommended status code and an empty body.
ErrorHandler httpx.ErrorHandler
}
AllowContentTypes is middleware to whitelist incoming Content-Type and Accept Headers.
type Authentication ¶
type Authentication struct {
// Authenticator must be non-nil or an InternalServiceError
// status response will be returned.
Authenticator authn.Authenticator
// response for an unknown user. The default handler will
// return a 401 status code, the "WWW-Authenticate" header
// and an empty body.
UnauthorizedHandler httpx.Handler
// `ErrorHandler` can be set to optionally customize the
// response for an error. The `err` parameter passed to the
// handler will have a recommended HTTP status code. The
// default handler will return the recommended status code,
// the "WWW-Authenticate" header (if the recommended status
// code is 401) and an empty body.
ErrorHandler httpx.ErrorHandler
}
Authentication is middleware to help automate authentication.
func (*Authentication) HandleError ¶
func (*Authentication) HandleUnauthorized ¶
type CSRFProtector ¶
type CSRFProtector struct {
// SiteURL is the URL to use for CSRF protection. This must
// be non-nil and contain non-empty Scheme and Host values
// or a internal server error will be returned.
SiteURL *url.URL
// IsExempt optionally customizes checking request exemption
// from CSRF protection.
// The default checker always returns `false`.
IsExempt httpx.RequestPredicate
// CheckOrigin optionally customizes how URLs should be
// compared for the purposes of CSRF protection.
// The default comparisons ensures that URL Schemes and Hosts
// are equal.
CheckOrigin CheckOrigin
// ExtractToken optionally customizes how the CSRF token is
// extracted from the request.
// The default extractor uses the header "X-Csrf-Token".
ExtractToken httpx.StringExtractor
// CookieName optionally customizes the name of the CSRF
// cookie sent by the user agent.
// The default cookie name is "csrftoken".
CookieName string
// TokenLength optionally customizes the expected CSRF token
// length.
// The default length is 32.
TokenLength int
// ErrorHandler optionally customizes the response for an
// error. The `err` parameter passed to the handler will
// have a recommended HTTP status code.
// The default handler will return the recommended status
// code and an empty body.
ErrorHandler httpx.ErrorHandler
}
CSRFProtector is middleware used to guard against CSRF attacks.
type CheckOrigin ¶
CheckOrigin compares two URLs and determines if they should be considered the "same" for the purposes of CSRF protection.
func (CheckOrigin) InvokeSafely ¶
type PassiveAuthentication ¶
type PassiveAuthentication struct {
Authenticator authn.Authenticator
}
PassiveAuthentication is middleware to help automate optional authentication. If the authenticator returns a principal it will be added to the context. An error response will never be generated if no principal is found. `Authenticator` must be non-nil or an InternalServiceError status response will be returned. If the Authenticator panics an Unauthorized status response will be returned.
type RateLimitHandler ¶
type RateLimiter ¶
type RateLimiter struct {
// RateLimitHandler optionally customizes the response for a
// throttled request. The default handler will return
// a 429 Too Many Requests response code, an empty body, and
// the cooldown in seconds in the `Retry-After` header.
Handler RateLimitHandler
// ErrorHandler optionally customizes the response for an
// error. The `err` parameter passed to the handler will
// have a recommended HTTP status code.
// The default handler will return the recommended status
// code and an empty body.
ErrorHandler httpx.ErrorHandler
// contains filtered or unexported fields
}
func NewClientLimiter ¶
func NewClientLimiter(provider ratelimit.Provider, opts ...RateLimiterOption) (*RateLimiter, merry.Error)
NewClient returns a rate-limiting middleware that throttles requests from the request's client IP address using the given rate limit Provider.
func NewRateLimiter ¶
func NewRateLimiter(provider ratelimit.Provider, extractor httpx.StringExtractor, opts ...RateLimiterOption) (*RateLimiter, merry.Error)
New returns a rate-limiting middleware that throttles requests from the given extractor's value using the given rate limit Provider.
func NewUserLimiter ¶
func NewUserLimiter(provider ratelimit.Provider, opts ...RateLimiterOption) (*RateLimiter, merry.Error)
NewUser returns a rate-limiting middleware that throttles requests from the context's Actor using the given rate limit Provider.
type RateLimiterOption ¶
type RateLimiterOption func(*RateLimiter)
type RestrictContentTypes ¶
type RestrictContentTypes struct {
// Forbidden is the content types that should be rejected.
Forbidden []contenttype.ContentType
// ErrorHandler can be set to optionally customize the
// response for an error. The `err` parameter passed to the
// handler will have a recommended HTTP status code. The
// default handler will return the recommended status code
// and an empty body.
ErrorHandler httpx.ErrorHandler
}
RestrictContentTypes is middleware to blacklist incoming Content-Type and Accept Headers.
type ReverseProxy ¶
type ReverseProxy struct {
// Router must be non-nil or an InternalServiceError
// status response will be returned.
Router Router
// Invoker can be set to optionally customize how the proxied
// server is contacted. If this is not set
// `http.DefaultTransport` will be used.
Invoker Invoker
// Responder can be set to optionally customize the response
// from the proxied server. If this is not set the response
// will not be modified.
Responder Responder
// ErrorHandler can be set to optionally customize the
// response for an error. The `err` parameter passed to the
// handler will have a recommended HTTP status code. The
// default handler will return the recommended status code
// and an empty body.
ErrorHandler httpx.ErrorHandler
}
ReverseProxy is a Handler that takes an incoming request and sends it to another server, proxying the response back to the user agent.
Source Files
Click to show internal directories.
Click to hide internal directories.