Documentation ¶
Index ¶
- Variables
- func AssertEqualTime(t *testing.T, expected, actual time.Time)
- func DefaultCSRFToken(r *http.Request) string
- func DerefUUID(id *uuid.UUID) uuid.UUID
- func EasyCookieJar(t *testing.T, o *cookiejar.Options) *cookiejar.Jar
- func EasyGet(t *testing.T, c *http.Client, url string) (*http.Response, []byte)
- func EasyGetBody(t *testing.T, c *http.Client, url string) []byte
- func FakeCSRFTokenGenerator(r *http.Request) string
- func FakeCSRFTokenGeneratorWithToken(token string) func(r *http.Request) string
- func IsBrowserRequest(r *http.Request) bool
- func IsJSONRequest(r *http.Request) bool
- func IsValidNumber(s string) bool
- func IsZeroUUID(id db.UUID) bool
- func MaxItemsPerPage(is int) int
- func MustEncodeJSON(t *testing.T, in interface{}) string
- func MustPkgerRead(f pkging.File, err error) []byte
- func MustReadAll(r io.Reader) []byte
- func NewCSRFHandler(router http.Handler, writer herodot.Writer, logger *logrusx.Logger, ...) *nosurf.CSRFHandler
- func NewTestCSRFHandler(router http.Handler, reg interface{ ... }) *nosurf.CSRFHandler
- func NewTestHTTPRequest(t *testing.T, method, url string, body io.Reader) *http.Request
- func NewUUID() db.UUID
- func NoCache(w http.ResponseWriter)
- func NoCacheHandler(handle httprouter.Handle) httprouter.Handle
- func PaginationHeader(w http.ResponseWriter, u *url.URL, total int64, page, itemsPerPage int)
- func ParsePagination(r *http.Request) (page, itemsPerPage int)
- func ParseUUID(in string) db.UUID
- func PkgerRead(f pkging.File, err error) ([]byte, error)
- func PointToUUID(id uuid.UUID) *uuid.UUID
- func RecoverStatusCode(err error, fallback int) int
- func RequestURL(r *http.Request) *url.URL
- func RequireEqualTime(t *testing.T, expected, actual time.Time)
- func RequireJSONMarshal(t *testing.T, in interface{}) []byte
- func SecureContentNegotiationRedirection(w http.ResponseWriter, r *http.Request, out interface{}, requestURL string, ...) error
- func SecureRedirectTo(r *http.Request, defaultReturnTo *url.URL, opts ...SecureRedirectOption) (returnTo *url.URL, err error)
- func SessionGetString(r *http.Request, s sessions.Store, id string, key interface{}) (string, error)
- func SessionGetStringOr(r *http.Request, s sessions.Store, id, key, fallback string) string
- func SessionPersistValues(w http.ResponseWriter, r *http.Request, s sessions.Store, id string, ...) error
- func SessionUnset(w http.ResponseWriter, r *http.Request, s sessions.Store, id string) error
- func SessionUnsetKey(w http.ResponseWriter, r *http.Request, s sessions.Store, id, key string) error
- func TypeMap(m map[string]string) (map[string]interface{}, error)
- func UntypedMapToJSON(m map[string]string) (json.RawMessage, error)
- func WatchAndValidateViper(log *logrusx.Logger)
- type CSRFHandler
- type CSRFProvider
- type CSRFToken
- type CSRFTokenGeneratorProvider
- type CookieProvider
- type FakeCSRFHandler
- type Ider
- type LoggingProvider
- type MigrationPkger
- type RouterAdmin
- type RouterPublic
- func (r *RouterPublic) DELETE(path string, handle httprouter.Handle)
- func (r *RouterPublic) GET(path string, handle httprouter.Handle)
- func (r *RouterPublic) HEAD(path string, handle httprouter.Handle)
- func (r *RouterPublic) PATCH(path string, handle httprouter.Handle)
- func (r *RouterPublic) POST(path string, handle httprouter.Handle)
- func (r *RouterPublic) PUT(path string, handle httprouter.Handle)
- type SecureRedirectOption
- func SecureRedirectAllowSelfServiceURLs(publicURL *url.URL) SecureRedirectOption
- func SecureRedirectAllowURLs(urls []url.URL) SecureRedirectOption
- func SecureRedirectOverrideDefaultReturnTo(defaultReturnTo *url.URL) SecureRedirectOption
- func SecureRedirectUseSourceURL(source string) SecureRedirectOption
- type StatusCodeCarrier
- type TransportWithHeader
- type WriterProvider
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidCSRFToken = herodot.ErrForbidden.WithReasonf("A request failed due to a missing or invalid csrf_token value.") ErrGone = herodot.DefaultError{ CodeField: http.StatusGone, StatusField: http.StatusText(http.StatusGone), ReasonField: "", DebugField: "", DetailsField: nil, ErrorField: "The requested resource is no longer available because it has expired or is otherwise invalid.", } )
var EmptyUUID db.UUID
var FakeCSRFToken = base64.StdEncoding.EncodeToString([]byte(randx.MustString(32, randx.AlphaLowerNum)))
var PseudoPanic = herodot.DefaultError{ StatusField: http.StatusText(http.StatusInternalServerError), ErrorField: "Code Bug Detected", ReasonField: "The code ended up at a place where it should not have. Please report this as an issue at https://github.com/zzpu/ums", CodeField: http.StatusConflict, }
Functions ¶
func DefaultCSRFToken ¶
func FakeCSRFTokenGenerator ¶
func IsBrowserRequest ¶
func IsJSONRequest ¶
func IsValidNumber ¶
IsValidNumber reports whether s is a valid JSON number literal.
Taken from encoding/json
func IsZeroUUID ¶
func MaxItemsPerPage ¶
MaxItemsPerPage is used to prevent DoS attacks against large lists by limiting the items per page to 500.
func MustEncodeJSON ¶
func MustReadAll ¶
func NewCSRFHandler ¶
func NewTestCSRFHandler ¶
func NewTestCSRFHandler(router http.Handler, reg interface { WithCSRFHandler(CSRFHandler) WithCSRFTokenGenerator(CSRFToken) WriterProvider LoggingProvider }) *nosurf.CSRFHandler
func NewTestHTTPRequest ¶
func NoCache ¶
func NoCache(w http.ResponseWriter)
NoCache adds `Cache-Control: 0` to the response header.
func NoCacheHandler ¶
func NoCacheHandler(handle httprouter.Handle) httprouter.Handle
NoCacheHandler wraps httprouter.Handle with `Cache-Control: 0` headers.
func PaginationHeader ¶
func ParsePagination ¶
ParsePagination parses limit and page from *http.Request with given limits and defaults.
func RecoverStatusCode ¶
func RequireJSONMarshal ¶
func SecureContentNegotiationRedirection ¶
func SecureContentNegotiationRedirection( w http.ResponseWriter, r *http.Request, out interface{}, requestURL string, writer herodot.Writer, c configuration.Provider, opts ...SecureRedirectOption, ) error
func SecureRedirectTo ¶
func SecureRedirectTo(r *http.Request, defaultReturnTo *url.URL, opts ...SecureRedirectOption) (returnTo *url.URL, err error)
SecureRedirectTo implements a HTTP redirector who mitigates open redirect vulnerabilities by working with whitelisting.
func SessionGetString ¶
func SessionGetString(r *http.Request, s sessions.Store, id string, key interface{}) (string, error)
SessionGetString returns a string for the given id and key or an error if the session is invalid, the key does not exist, or the key value is not a string.
func SessionGetStringOr ¶
SessionGetStringOr returns a string for the given id and key or the fallback value if the session is invalid, the key does not exist, or the key value is not a string.
func SessionPersistValues ¶
func SessionPersistValues(w http.ResponseWriter, r *http.Request, s sessions.Store, id string, values map[string]interface{}) error
SessionPersistValues adds values to the session store and persists the changes.
func SessionUnset ¶
func SessionUnsetKey ¶
func UntypedMapToJSON ¶
func UntypedMapToJSON(m map[string]string) (json.RawMessage, error)
func WatchAndValidateViper ¶
Types ¶
type CSRFHandler ¶
type CSRFProvider ¶
type CSRFProvider interface {
CSRFHandler() CSRFHandler
}
type CookieProvider ¶
type FakeCSRFHandler ¶
type FakeCSRFHandler struct {
// contains filtered or unexported fields
}
func NewFakeCSRFHandler ¶
func NewFakeCSRFHandler(name string) *FakeCSRFHandler
func (*FakeCSRFHandler) ExemptPath ¶
func (f *FakeCSRFHandler) ExemptPath(s string)
func (*FakeCSRFHandler) RegenerateToken ¶
func (f *FakeCSRFHandler) RegenerateToken(w http.ResponseWriter, r *http.Request) string
func (*FakeCSRFHandler) ServeHTTP ¶
func (f *FakeCSRFHandler) ServeHTTP(w http.ResponseWriter, r *http.Request)
type LoggingProvider ¶
type MigrationPkger ¶
MigrationPkger is a wrapper around pkger.Dir and Migrator. This will allow you to run migrations from migrations packed inside of a compiled binary.
func NewPkgerMigration ¶
func NewPkgerMigration(dir pkger.Dir, c *pop.Connection) (MigrationPkger, error)
NewPkgerMigration from a packr.Box and a Connection.
migrations, err := NewPkgerMigration(pkger.Dir("/migrations"))
type RouterAdmin ¶
type RouterAdmin struct {
*httprouter.Router
}
func NewRouterAdmin ¶
func NewRouterAdmin() *RouterAdmin
type RouterPublic ¶
type RouterPublic struct {
*httprouter.Router
}
func NewRouterPublic ¶
func NewRouterPublic() *RouterPublic
func (*RouterPublic) DELETE ¶
func (r *RouterPublic) DELETE(path string, handle httprouter.Handle)
DELETE is a shortcut for router.Handle("DELETE", path, handle)
func (*RouterPublic) GET ¶
func (r *RouterPublic) GET(path string, handle httprouter.Handle)
GET is a shortcut for router.Handle("GET", path, handle)
func (*RouterPublic) HEAD ¶
func (r *RouterPublic) HEAD(path string, handle httprouter.Handle)
HEAD is a shortcut for router.Handle("HEAD", path, handle)
func (*RouterPublic) PATCH ¶
func (r *RouterPublic) PATCH(path string, handle httprouter.Handle)
PATCH is a shortcut for router.Handle("PATCH", path, handle)
func (*RouterPublic) POST ¶
func (r *RouterPublic) POST(path string, handle httprouter.Handle)
POST is a shortcut for router.Handle("POST", path, handle)
func (*RouterPublic) PUT ¶
func (r *RouterPublic) PUT(path string, handle httprouter.Handle)
PUT is a shortcut for router.Handle("PUT", path, handle)
type SecureRedirectOption ¶
type SecureRedirectOption func(*secureRedirectOptions)
func SecureRedirectAllowSelfServiceURLs ¶
func SecureRedirectAllowSelfServiceURLs(publicURL *url.URL) SecureRedirectOption
SecureRedirectAllowSelfServiceURLs allows the caller to define `?return_to=` values which contain the server's URL and `/self-service` path prefix. Useful for redirecting to the login endpoint, for example.
func SecureRedirectAllowURLs ¶
func SecureRedirectAllowURLs(urls []url.URL) SecureRedirectOption
SecureRedirectAllowURLs whitelists the given URLs for redirects.
func SecureRedirectOverrideDefaultReturnTo ¶
func SecureRedirectOverrideDefaultReturnTo(defaultReturnTo *url.URL) SecureRedirectOption
SecureRedirectOverrideDefaultReturnTo overrides the defaultReturnTo address specified as the second arg.
func SecureRedirectUseSourceURL ¶
func SecureRedirectUseSourceURL(source string) SecureRedirectOption
SecureRedirectUseSourceURL uses the given source URL (checks the `?return_to` value) instead of r.URL.
type StatusCodeCarrier ¶
type StatusCodeCarrier interface {
StatusCode() int
}
type TransportWithHeader ¶
type TransportWithHeader struct { http.RoundTripper // contains filtered or unexported fields }
func NewTransportWithHeader ¶
func NewTransportWithHeader(h http.Header) *TransportWithHeader