Documentation
¶
Overview ¶
Example: secure-by-default lagodev HTTP service.
Run with `go run ./examples/secure` and try the endpoints:
# 1. Health — passes through the security stack
curl -i http://localhost:8080/ping
# 2. Validation failure → 422 with {"errors":{...}}
curl -i -X POST http://localhost:8080/users \
-H 'Content-Type: application/json' \
-d '{"email":"not-an-email","name":""}'
# 3. Unknown field is rejected → 400
curl -i -X POST http://localhost:8080/users \
-H 'Content-Type: application/json' \
-d '{"name":"A","email":"a@b.co","ghost":1}'
# 4. Rate limit (3 req/10s) → 429 on the 4th
for i in 1 2 3 4; do curl -s -o /dev/null -w "%{http_code}\n" http://localhost:8080/ping; done
The middleware stack mirrors the snippet in SECURITY.md.
Source Files
Click to show internal directories.
Click to hide internal directories.