Documentation
¶
Index ¶
- Constants
- func CSRFMiddleware() gin.HandlerFunc
- func GetCSRFToken(c *gin.Context) string
- func MetricsAuthMiddleware(token string) gin.HandlerFunc
- func NewRateLimiter(config RateLimitConfig) (gin.HandlerFunc, error)
- func RequireAdmin(userService *services.UserService) gin.HandlerFunc
- func RequireAuth(userService *services.UserService) gin.HandlerFunc
- func SessionFingerprintMiddleware(enabled bool, includeIP bool) gin.HandlerFunc
- func SessionIdleTimeout(idleTimeoutSeconds int) gin.HandlerFunc
- type RateLimitConfig
- type RateLimitStoreType
Constants ¶
const ( SessionUserID = "user_id" SessionLastActivity = "last_activity" SessionFingerprint = "session_fingerprint" )
Variables ¶
This section is empty.
Functions ¶
func CSRFMiddleware ¶ added in v0.2.0
func CSRFMiddleware() gin.HandlerFunc
CSRFMiddleware provides CSRF protection for state-changing operations
func GetCSRFToken ¶ added in v0.2.0
GetCSRFToken retrieves the CSRF token from the context
func MetricsAuthMiddleware ¶ added in v0.8.0
func MetricsAuthMiddleware(token string) gin.HandlerFunc
MetricsAuthMiddleware creates a middleware that protects metrics endpoint with Bearer token
func NewRateLimiter ¶ added in v0.7.0
func NewRateLimiter(config RateLimitConfig) (gin.HandlerFunc, error)
NewRateLimiter creates a new rate limiter with configurable store backend
func RequireAdmin ¶ added in v0.2.0
func RequireAdmin(userService *services.UserService) gin.HandlerFunc
RequireAdmin is a middleware that requires the user to have admin role This middleware should be used after RequireAuth
func RequireAuth ¶
func RequireAuth(userService *services.UserService) gin.HandlerFunc
RequireAuth is a middleware that requires the user to be logged in
func SessionFingerprintMiddleware ¶ added in v0.8.0
func SessionFingerprintMiddleware(enabled bool, includeIP bool) gin.HandlerFunc
SessionFingerprintMiddleware validates session fingerprint to prevent session hijacking Checks User-Agent (and optionally IP) against stored fingerprint
func SessionIdleTimeout ¶ added in v0.8.0
func SessionIdleTimeout(idleTimeoutSeconds int) gin.HandlerFunc
SessionIdleTimeout checks if the session has been idle for too long and clears it if necessary. Set idleTimeoutSeconds to 0 to disable.
Types ¶
type RateLimitConfig ¶ added in v0.7.0
type RateLimitConfig struct {
// Rate limit settings
RequestsPerMinute int // Number of requests allowed per minute
CleanupInterval time.Duration // How often to cleanup (only for memory store)
// Store settings
StoreType RateLimitStoreType // "memory" or "redis"
// Redis settings (only used when StoreType = "redis")
// Must be provided when StoreType is "redis" (initialized in main.go)
RedisClient *redis.Client // Required for Redis store: shared go-redis client
// Audit settings
AuditService *services.AuditService // Optional: audit service for logging rate limit events
}
RateLimitConfig holds the configuration for rate limiting with store support
type RateLimitStoreType ¶ added in v0.7.0
type RateLimitStoreType string
RateLimitStoreType defines the type of rate limit store
const ( // RateLimitStoreMemory uses in-memory storage (single instance only) RateLimitStoreMemory RateLimitStoreType = "memory" // RateLimitStoreRedis uses Redis storage (distributed, multi-pod support) RateLimitStoreRedis RateLimitStoreType = "redis" )
Source Files