middleware

package
Version: v0.11.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 28, 2020 License: MIT Imports: 10 Imported by: 22

Documentation

Overview

Package middleware is responsible for the definition/implementation of middleware functionality. This package will also handle maintaining request Context and Session.

Index

Constants

This section is empty.

Variables

View Source
var CSRFExemptPrefixes = []string{
	"/api",
}

CSRFExemptPrefixes are a list of routes that are exempt from CSRF protection

Store contains the session information for the request

Functions

func ApplySecurityHeaders added in v0.11.0

func ApplySecurityHeaders(next http.Handler) http.HandlerFunc

ApplySecurityHeaders applies various security headers according to best- practices.

func CSRFExceptions added in v0.7.0

func CSRFExceptions(handler http.Handler) http.HandlerFunc

CSRFExceptions is a middleware that prevents CSRF checks on routes listed in CSRFExemptPrefixes.

func EnforceViewOnly added in v0.9.0

func EnforceViewOnly(next http.Handler) http.Handler

EnforceViewOnly is a global middleware that limits the ability to edit objects to accounts with the PermissionModifyObjects permission.

func GetContext

func GetContext(handler http.Handler) http.HandlerFunc

GetContext wraps each request in a function which fills in the context for a given request. This includes setting the User and Session keys and values as necessary for use in later functions.

func JSONError

func JSONError(w http.ResponseWriter, c int, m string)

JSONError returns an error in JSON format with the given status code and message

func RequireAPIKey

func RequireAPIKey(handler http.Handler) http.Handler

RequireAPIKey ensures that a valid API key is set as either the api_key GET parameter, or a Bearer token.

func RequireLogin

func RequireLogin(handler http.Handler) http.HandlerFunc

RequireLogin checks to see if the user is currently logged in. If not, the function returns a 302 redirect to the login page.

func RequirePermission added in v0.9.0

func RequirePermission(perm string) func(http.Handler) http.HandlerFunc

RequirePermission checks to see if the user has the requested permission before executing the handler. If the request is unauthorized, a JSONError is returned.

func Use added in v0.9.0

func Use(handler http.HandlerFunc, mid ...func(http.Handler) http.HandlerFunc) http.HandlerFunc

Use allows us to stack middleware to process the request Example taken from https://github.com/gorilla/mux/pull/36#issuecomment-25849172

Types

This section is empty.

Directories

Path Synopsis
Package ratelimit provides a simple token-bucket rate limiting middleware which only allows n POST requests every minute.
Package ratelimit provides a simple token-bucket rate limiting middleware which only allows n POST requests every minute.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL