Documentation
¶
Index ¶
- Constants
- func APIKeyMiddleware(config APIKeyMiddlewareConfig) func(http.Handler) http.Handler
- func CORSMiddleware(config CORSConfig) func(http.Handler) http.Handler
- func JWTMiddleware(config JWTMiddlewareConfig) func(http.Handler) http.Handler
- func RateLimitMiddleware(limiter ratelimit.RateLimiter) func(http.Handler) http.Handler
- func RequireAdmin(next http.Handler) http.Handler
- func RoleFromContext(ctx context.Context) string
- func UserFromContext(ctx context.Context) (*auth.User, bool)
- func WithUser(ctx context.Context, user *auth.User) context.Context
- func WithUserRole(ctx context.Context, role string) context.Context
- type APIKeyMiddlewareConfig
- type CORSConfig
- type JWTMiddlewareConfig
Constants ¶
const ( ErrForbidden = "FORBIDDEN" ErrRateLimited = "RATE_LIMITED" ErrInternal = "INTERNAL_ERROR" )
Error code constants for middleware responses (UPPER_SNAKE_CASE). These mirror the codes in the api package but live here to avoid import cycles.
Variables ¶
This section is empty.
Functions ¶
func APIKeyMiddleware ¶
func APIKeyMiddleware(config APIKeyMiddlewareConfig) func(http.Handler) http.Handler
APIKeyMiddleware creates middleware that validates X-API-Key header. Flow: 1. Read X-API-Key header 2. If present: SHA256(key) → query api_keys WHERE key_hash = ? AND revoked = 0 3. If found: load user (join users table) → WithUser(ctx, user) + store role 4. If not found and Strict: 401 Unauthorized 5. If not found and !Strict: pass through without user
func CORSMiddleware ¶
func CORSMiddleware(config CORSConfig) func(http.Handler) http.Handler
CORSMiddleware creates middleware that adds CORS headers to responses. For preflight OPTIONS requests, responds with 204 No Content. For requests without Origin header, passes through without adding CORS headers.
func JWTMiddleware ¶
func JWTMiddleware(config JWTMiddlewareConfig) func(http.Handler) http.Handler
JWTMiddleware creates an HTTP middleware that parses JWTs and attaches the User to the context.
func RateLimitMiddleware ¶
RateLimitMiddleware creates HTTP middleware that enforces rate limits based on the authenticated user's tenant/user identity in the request context.
Behavior:
- Health/metrics endpoints bypass rate limiting entirely.
- If no user is in context (auth middleware handles rejection), pass through.
- If the rate limiter returns ErrQuotaNotFound, pass through (no quota configured).
- On other rate limiter errors, log and pass through (fail-open).
- If allowed, sets X-RateLimit-Remaining header on the response.
- If blocked, returns 429 with Retry-After header.
func RequireAdmin ¶
RequireAdmin checks that the authenticated user has admin role.
func RoleFromContext ¶
RoleFromContext retrieves the user role from the context.
func UserFromContext ¶
UserFromContext retrieves the user from the context.
Types ¶
type APIKeyMiddlewareConfig ¶
type APIKeyMiddlewareConfig struct {
DB *sql.DB
Strict bool // If true, reject requests without valid API key
}
APIKeyMiddlewareConfig holds configuration for API Key auth.
type CORSConfig ¶
type CORSConfig struct {
AllowedOrigins []string
AllowedMethods []string
AllowedHeaders []string
AllowCredentials bool
}
CORSConfig holds configuration for the CORS middleware.
type JWTMiddlewareConfig ¶
type JWTMiddlewareConfig struct {
// SecretKey is used to verify the JWT signature.
SecretKey []byte
// Strict determines if requests without a valid token are rejected.
// If false, invalid or missing tokens just mean no User is attached to context.
Strict bool
}
JWTMiddlewareConfig holds configuration for the JWT middleware.
Source Files