middleware

package

v1.6.391 Latest Latest Go to latest Published: Jul 2, 2024 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/hungtd121/gorest

Links

Open Source Insights

Documentation ¶

Overview ¶

Package middleware contains:

- CORS - Application firewall - Pongo2 template engine - JWT - Sentry logger - Two-factor auth validator

Index ¶

func CORS(cp []CORSPolicy) gin.HandlerFunc
func CheckOrigin() gin.HandlerFunc
func ConvertContext(thing interface{}) pongo2.Context
func Firewall(listType string, ipList string) gin.HandlerFunc
func GetJWT(customClaims MyCustomClaims, tokenType string) (string, string, error)
func JWT() gin.HandlerFunc
func Pongo2(baseDirectory string) gin.HandlerFunc
func RateLimit(limiterInstance *limiter.Limiter) gin.HandlerFunc
func RefreshJWT() gin.HandlerFunc
func SentryCapture(sentryDsn string, v ...string) gin.HandlerFunc
func StringFromContext(c *gin.Context, input string) string
func TwoFA(keywordOn, keywordOff, keywordVerified string) gin.HandlerFunc
func ValidateAccessJWT(token *jwt.Token) (interface{}, error)
func ValidateECDSA(token *jwt.Token) (interface{}, error)
func ValidateHMACAccess(token *jwt.Token) (interface{}, error)
func ValidateHMACRefresh(token *jwt.Token) (interface{}, error)
func ValidateRSA(token *jwt.Token) (interface{}, error)
func ValidateRefreshJWT(token *jwt.Token) (interface{}, error)
type CORSPolicy
type JWTClaims
type JWTParameters
type JWTPayload
type MyCustomClaims

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CORS ¶

func CORS(cp []CORSPolicy) gin.HandlerFunc

CORS - Cross-Origin Resource Sharing

func CheckOrigin ¶

func CheckOrigin() gin.HandlerFunc

CheckOrigin - check whether the request generated from the allowed origin

func ConvertContext ¶

func ConvertContext(thing interface{}) pongo2.Context

ConvertContext function converts the input map to a pongo2.Context type and preserves the key-value pairs

func Firewall ¶

func Firewall(listType string, ipList string) gin.HandlerFunc

Firewall - whitelist/blacklist IPs

func GetJWT ¶

func GetJWT(customClaims MyCustomClaims, tokenType string) (string, string, error)

GetJWT - issue new tokens

func JWT ¶

func JWT() gin.HandlerFunc

JWT - validate access token

func Pongo2 ¶

func Pongo2(baseDirectory string) gin.HandlerFunc

Pongo2 uses the Pongo2 template library https://github.com/flosch/pongo2 to render templates

Example: baseDirectory = "templates/"

func RateLimit ¶

func RateLimit(limiterInstance *limiter.Limiter) gin.HandlerFunc

RateLimit - rate limit middleware

func RefreshJWT ¶

func RefreshJWT() gin.HandlerFunc

RefreshJWT - validate refresh token

func SentryCapture ¶

func SentryCapture(sentryDsn string, v ...string) gin.HandlerFunc

SentryCapture - capture errors and forward to sentry.io

required parameter (1st parameter): sentryDsn

optional parameter (2nd parameter): environment (development or production)

optional parameter (3rd parameter): release version or git commit number

optional parameter (4th parameter): enableTracing (yes or no)

optional parameter (5th parameter): tracesSampleRate (0.0 - 1.0)

func StringFromContext ¶

func StringFromContext(c *gin.Context, input string) string

StringFromContext function retrieves the value from the context and returns it as a string

func TwoFA ¶

func TwoFA(keywordOn, keywordOff, keywordVerified string) gin.HandlerFunc

TwoFA validates 2-FA status from JWT before forwarding the request to the controller

func ValidateAccessJWT ¶

func ValidateAccessJWT(token *jwt.Token) (interface{}, error)

ValidateAccessJWT - verify the access JWT's signature, and validate its claims

func ValidateECDSA ¶

func ValidateECDSA(token *jwt.Token) (interface{}, error)

ValidateECDSA - validate elliptic curve digital signature algorithm based token

func ValidateHMACAccess ¶

func ValidateHMACAccess(token *jwt.Token) (interface{}, error)

ValidateHMACAccess - validate hash based access token

func ValidateHMACRefresh ¶

func ValidateHMACRefresh(token *jwt.Token) (interface{}, error)

ValidateHMACRefresh - validate hash based refresh token

func ValidateRSA ¶

func ValidateRSA(token *jwt.Token) (interface{}, error)

ValidateRSA - validate Rivest–Shamir–Adleman cryptosystem based token

func ValidateRefreshJWT ¶

func ValidateRefreshJWT(token *jwt.Token) (interface{}, error)

ValidateRefreshJWT - verify the refresh JWT's signature, and validate its claims

Types ¶

type CORSPolicy ¶

type CORSPolicy struct {
	Key   string
	Value string
}

CORSPolicy struct to handle all policies

type JWTClaims ¶

type JWTClaims struct {
	MyCustomClaims
	jwt.RegisteredClaims
}

JWTClaims ...

type JWTParameters ¶

type JWTParameters struct {
	Algorithm     string
	AccessKey     []byte
	AccessKeyTTL  int
	RefreshKey    []byte
	RefreshKeyTTL int
	PrivKeyECDSA  *ecdsa.PrivateKey
	PubKeyECDSA   *ecdsa.PublicKey
	PrivKeyRSA    *rsa.PrivateKey
	PubKeyRSA     *rsa.PublicKey

	Audience string
	Issuer   string
	AccNbf   int
	RefNbf   int
	Subject  string
}

JWTParameters - params to configure JWT

var JWTParams JWTParameters

JWTParams - exported variables

type JWTPayload ¶

type JWTPayload struct {
	AccessJWT   string `json:"accessJWT,omitempty"`
	RefreshJWT  string `json:"refreshJWT,omitempty"`
	TwoAuth     string `json:"twoFA,omitempty"`
	RecoveryKey string `json:"recoveryKey,omitempty"`
}

JWTPayload ...

type MyCustomClaims ¶

type MyCustomClaims struct {
	AuthID  uint64 `json:"authID,omitempty"`
	Email   string `json:"email,omitempty"`
	Role    string `json:"role,omitempty"`
	Scope   string `json:"scope,omitempty"`
	TwoFA   string `json:"twoFA,omitempty"`
	SiteLan string `json:"siteLan,omitempty"`
	Custom1 string `json:"custom1,omitempty"`
	Custom2 string `json:"custom2,omitempty"`
}

MyCustomClaims ...

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL