Documentation
¶
Index ¶
- Constants
- func CSRFTemplateField(r *http.Request) template.HTML
- func CSRFToken(r *http.Request) string
- func GetRequestID(ctx context.Context) string
- func ParseCSRFKey(secret string) ([]byte, error)
- type CSRFConfig
- type DecompressOptions
- type Middleware
- func CORS(options cors.Options) Middleware
- func CSRF(config CSRFConfig) Middleware
- func Compress() Middleware
- func CreateStack(middlewares ...Middleware) Middleware
- func Decompress(opts *DecompressOptions) Middleware
- func DecompressDefault() Middleware
- func Logging() Middleware
- func MaxBodySize(maxSize int64) Middleware
- func Recovery() Middleware
- func RequestID() Middleware
- func SecureHeaders() Middleware
- func Timeout(duration time.Duration) Middleware
Constants ¶
const RequestIDHeader = "X-Request-ID"
RequestIDHeader is the HTTP header for request ID
Variables ¶
This section is empty.
Functions ¶
func CSRFTemplateField ¶
CSRFTemplateField gets the hidden input field containing the CSRF token
func GetRequestID ¶
GetRequestID retrieves the request ID from context
func ParseCSRFKey ¶
ParseCSRFKey validates and converts a CSRF secret string to the required 32-byte key It returns the key as a byte slice and an error if the key is invalid
Types ¶
type CSRFConfig ¶
type CSRFConfig struct {
// Secret is the 32-byte secret key used to generate tokens
Secret []byte
// Cookie defines cookie options
Cookie struct {
Name string
Domain string
HttpOnly bool
MaxAge int
Path string
SameSite csrf.SameSiteMode
Secure bool
}
// ErrorHandler is a custom error handler for CSRF errors
ErrorHandler http.Handler
// FieldName is the name of the hidden form field containing the CSRF token
FieldName string
// RequestHeader is the name of the request header containing the CSRF token
RequestHeader string
// TrustedOrigins defines trusted origins for CSRF protection
TrustedOrigins []string
// Path defines URL paths where CSRF protection applies
// If empty, all paths are protected
Path string
// Ignore functions determine if a request should skip CSRF protection
Ignore []func(r *http.Request) bool
}
CSRFConfig defines the configuration options for CSRF middleware
type DecompressOptions ¶
type DecompressOptions struct {
// MaxSize is the maximum size of the decompressed body in bytes
// Zero means no limit
MaxSize int64
}
DecompressOptions configures the decompression middleware
func DefaultDecompressOptions ¶
func DefaultDecompressOptions() *DecompressOptions
DefaultDecompressOptions provides sensible default options
type Middleware ¶
func CORS ¶
func CORS(options cors.Options) Middleware
CORS middleware handles Cross-Origin Resource Sharing
func CSRF ¶
func CSRF(config CSRFConfig) Middleware
CSRF middleware provides Cross-Site Request Forgery protection
func Compress ¶
func Compress() Middleware
Compress creates a middleware that compresses HTTP responses using default settings
func CreateStack ¶
func CreateStack(middlewares ...Middleware) Middleware
CreateStack creates a stack of middleware handlers
func Decompress ¶
func Decompress(opts *DecompressOptions) Middleware
Decompress creates a middleware that decompresses HTTP requests with gzip content encoding
func DecompressDefault ¶
func DecompressDefault() Middleware
DecompressDefault creates a middleware that decompresses HTTP requests with default options
func Logging ¶
func Logging() Middleware
Logging is a middleware function that logs requests with structured logging
func MaxBodySize ¶
func MaxBodySize(maxSize int64) Middleware
MaxBodySize limits the maximum size of request bodies size parameter is in bytes
func Recovery ¶
func Recovery() Middleware
Recovery middleware catches panics and logs them with structured logging
func RequestID ¶
func RequestID() Middleware
RequestID middleware generates a unique ID for each request
func SecureHeaders ¶
func SecureHeaders() Middleware
SecurityHeaders adds security and cache-control headers to all responses
func Timeout ¶
func Timeout(duration time.Duration) Middleware
Timeout sets a timeout for each request
Source Files