middleware

package
v0.8.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 15, 2020 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Overview

Package middleware contains application specific gin middleware functions.

Package middleware defines shared middleware for handlers.

Package middleware defines shared middleware for handlers.

Index

Constants

View Source 
const (
	HeaderDebug         = "x-debug"
	HeaderDebugBuildID  = "x-build-id"
	HeaderDebugBuildTag = "x-build-tag"
)
View Source 
const (
	// APIKeyHeader is the authorization header required for APIKey protected requests.
	APIKeyHeader = "X-API-Key"
)

Variables

This section is empty.

Functions

func ConfigureCSRF 

func ConfigureCSRF(ctx context.Context, config *config.ServerConfig, h *render.Renderer) mux.MiddlewareFunc

ConfigureCSRF injects the CSRF handling and populates the global template map with the csrfToken and csrfTemplate.

func EmailFromFirebaseCookie added in v0.5.0 

func EmailFromFirebaseCookie(ctx context.Context, fbClient *auth.Client, cookie string) (string, error)

EmailFromFirebaseCookie extracts the user's email address from the provided firebase cookie, if it exists.

func LoadCurrentRealm added in v0.8.0 

func LoadCurrentRealm(ctx context.Context, cacher cache.Cacher, db *database.Database, h *render.Renderer) mux.MiddlewareFunc

LoadCurrentRealm loads the selected realm from the cache to the context

func MutateMethod added in v0.3.0 

func MutateMethod(ctx context.Context) mux.MiddlewareFunc

MutateMethod looks for HTML form values that define the "real" HTTP method and then forward that along to the router. This must be a very early middleware.

func NeedsMFARedirect added in v0.8.0 

func NeedsMFARedirect(session *sessions.Session, realm *database.Realm) bool

func PopulateTemplateVariables 

func PopulateTemplateVariables(ctx context.Context, config *config.ServerConfig) mux.MiddlewareFunc

PopulateTemplateVariables populates the template variables with common information and bootstraps the map for more values to be set by other middlewares.

func ProcessDebug added in v0.8.0 

func ProcessDebug(ctx context.Context) mux.MiddlewareFunc

ProcessDebug adds additional debugging information to the response if the request included the "X-Debug" header with any value.

func RequireAPIKey 

func RequireAPIKey(ctx context.Context, cacher cache.Cacher, db *database.Database, h *render.Renderer, allowedTypes []database.APIUserType) mux.MiddlewareFunc

RequireAPIKey reads the X-API-Key header and validates it is a real authorized app. It also ensures currentAuthorizedApp is set in the template map.

func RequireAdmin 

func RequireAdmin(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc

RequireAdmin requires the current user is a global administrator. It must come after RequireAuth so that a user is set on the context.

func RequireAuth 

func RequireAuth(ctx context.Context, cacher cache.Cacher, fbClient *auth.Client, db *database.Database, h *render.Renderer, ttl time.Duration) mux.MiddlewareFunc

RequireAuth requires a user to be logged in. It also ensures that currentUser is set in the template map. It fetches a user from the session and stores the full record in the request context.

func RequireHeader added in v0.4.0 

func RequireHeader(ctx context.Context, h *render.Renderer, header string) mux.MiddlewareFunc

RequireHeader requires that the request have a certain header present. The header just needs to exist - it does not need to have a specific value.

func RequireHeaderValues added in v0.4.0 

func RequireHeaderValues(ctx context.Context, h *render.Renderer, header string, allowed []string) mux.MiddlewareFunc

RequireHeaderValues requires that the request have a certain header present and that the value be one of the supplied entries.

func RequireMFA added in v0.8.0 

func RequireMFA(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc

RequireMFA checks the realm's MFA requirements and enforces them. Use requireRealm before requireMFA to ensure the currently selected realm is on context. If no realm is selected, this assumes MFA is required.

func RequireRealm 

func RequireRealm(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc

RequireRealm requires a realm to exist in the session. It also ensures the realm is set as currentRealm in the template map.

Must come after: 

LoadCurrentRealm to populate the current realm.
RequireAuth so that a user is set on the context.

func RequireRealmAdmin 

func RequireRealmAdmin(ctx context.Context, h *render.Renderer) mux.MiddlewareFunc

RequireRealmAdmin verifies the user is an admin of the current realm.

Must come after: 

LoadCurrentRealm to populate the current realm.
RequireAuth so that a user is set on the context.

func RequireSession 

func RequireSession(ctx context.Context, store sessions.Store, h *render.Renderer) func(http.Handler) http.Handler

RequireSession retrieves or creates a new session and stores it on the request's context for future retrieval. It also ensures the flash data is populated in the template map. Any handler that wants to utilize sessions should use this middleware.

func RequireVerified added in v0.5.0 

func RequireVerified(ctx context.Context, client *auth.Client, db *database.Database, h *render.Renderer, ttl time.Duration) mux.MiddlewareFunc

RequireVerified requires a user to have verified their login email. MUST first run RequireAuth to populate user.

func SecureHeaders added in v0.6.0 

func SecureHeaders(ctx context.Context, devMode bool, serverType string) mux.MiddlewareFunc

SecureHeaders sets a bunch of default secure headers that our servers should have.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.