middleware

package
v0.0.1-20260114-103824... Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 14, 2026 License: Apache-2.0 Imports: 34 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	MetricsEndpoint = "/metrics"
)

Variables

This section is empty.

Functions

func AutoRefreshMiddleware 

func AutoRefreshMiddleware(ctx *context.ServiceContext) result.Result[bool]

TODO create correct logic for autorefresh basically token services needs to be called for auto- refresh **Gin Middleware for Auto-Refresh**

func BasicAuthMiddleware 

func BasicAuthMiddleware(username, password string) gin.HandlerFunc

BasicAuthMiddleware implements simple HTTP Basic Auth

func CORSMiddleware 

func CORSMiddleware(additionalHeaders ...string) gin.HandlerFunc

CORSMiddleware returns a gin.HandlerFunc that handles CORS requests

func CSRFMiddleware 

func CSRFMiddleware(csrfManager *CSRFManager) gin.HandlerFunc

CSRFMiddleware is a middleware to handle CSRF protection

func CompressionMiddleware 

func CompressionMiddleware() gin.HandlerFunc

**Gin Middleware for Compression**

func GetCSRFToken 

func GetCSRFToken(c *gin.Context) string

GetCSRFToken is a helper to get the CSRF token from the Gin context

func GetServiceContext 

func GetServiceContext(c *gin.Context) (*context.ServiceContext, error)

GetServiceContext retrieves the ServiceContext from the gin.Context. It returns an error if the ServiceContext is not found or is of the wrong type.

func GinMiddleware 

func GinMiddleware(mc *prometheus.MetricsCollector) gin.HandlerFunc

GinMiddleware returns a Gin middleware for collecting metrics

func GinRequestLogger 

func GinRequestLogger(logger *log.Log) gin.HandlerFunc

GinRequestLogger returns a gin.HandlerFunc that logs incoming HTTP requests and their corresponding responses. It records method, URL, client IP, request body, request and correlation IDs, user agent, and headers for each request. It also logs response status and request latency, and — when enabled by configuration or when not running in production — captures and logs the response body.

func HSTSMiddleware 

func HSTSMiddleware() gin.HandlerFunc

**Gin Middleware for HSTS**

func InjectMiddleware 

func InjectMiddleware(key string, value any) gin.HandlerFunc

Middleware to Inject anything in the gin context

func PasetoVerifyMiddleware 

func PasetoVerifyMiddleware(ctx *context.ServiceContext) result.Result[bool]

**Gin Middleware for Paseto Verification**

func RegisterMetricsEndpoint 

func RegisterMetricsEndpoint(router *gin.Engine, mc *prometheus.MetricsCollector)

RegisterMetricsEndpoint registers the Prometheus metrics endpoint

func RequestIDMiddleware 

func RequestIDMiddleware(log1 *log.Log) gin.HandlerFunc

RequestIDMiddleware creates a Gin middleware that generates a request ID and a correlation ID, stores them in the request context, and logs both identifiers.

The middleware reads the correlation ID from the request header named by constant.CorrelationIDHeader; if absent, it generates a new UUID. Both IDs are stored in the Gin context under constant.RequestID and constant.CorrelationID. The provided logger is used to emit a debug log containing the IDs.

func ServiceContextMiddleware 

func ServiceContextMiddleware(opts ...context.ServiceContextOption) gin.HandlerFunc

Middleware to create ServiceContext for each API request

func ServiceNameMiddleware 

func ServiceNameMiddleware() gin.HandlerFunc

Middleware to add the service name to the context from request parameters

func SessionVerifyMiddleware 

func SessionVerifyMiddleware(ctx *context.ServiceContext) result.Result[bool]

SessionVerifyMiddleware validates user sessions stored by SessionManager

func SetSessionCookie 

func SetSessionCookie(c *gin.Context, sessionID, env, domainOverride string, ttl time.Duration)

SetSessionCookie writes a cookie using the request host/scheme defaults. - env: "prod", "staging", "dev", ... - domainOverride: optional; pass empty string to auto-detect

func VerifyCorrelationId 

func VerifyCorrelationId(ctx *context.ServiceContext) result.Result[bool]

**Gin Middleware for Correlation ID**

Types

type CSRFManager 

type CSRFManager struct {
	// contains filtered or unexported fields
}

CSRFManager centrally manages CSRF tokens across requests

func CreateCSRFConfig 

func CreateCSRFConfig(secretKey string, excludedRoutes []string) *CSRFManager

CreateCSRFConfig initializes the CSRF configuration settings.

func NewCSRFManager 

func NewCSRFManager(secretKey string, excludedRoutes []string) *CSRFManager

NewCSRFManager creates a new CSRF manager

func (*CSRFManager) CreateToken 

func (m *CSRFManager) CreateToken(sessionID string) (*CSRFToken, error)

CreateToken generates and stores a new token for the given session

func (*CSRFManager) GetOrCreateSessionID 

func (m *CSRFManager) GetOrCreateSessionID(r *http.Request, w http.ResponseWriter) (string, error)

GetOrCreateSessionID gets the existing session ID or creates a new one

func (*CSRFManager) GetToken 

func (m *CSRFManager) GetToken(sessionID string) *CSRFToken

GetToken retrieves a token for the given session

func (*CSRFManager) HandleCSRF 

func (m *CSRFManager) HandleCSRF(w http.ResponseWriter, r *http.Request) (*CSRFToken, error)

HandleCSRF processes the CSRF token for a request

func (*CSRFManager) SetCSRFCookie 

func (m *CSRFManager) SetCSRFCookie(w http.ResponseWriter, token *CSRFToken)

SetCSRFCookie sets the CSRF token cookie

func (*CSRFManager) ValidateToken 

func (m *CSRFManager) ValidateToken(sessionID, tokenValue string) bool

ValidateToken checks if the provided token matches the stored one

type CSRFToken 

type CSRFToken struct {
	Value     string
	CreatedAt time.Time
	ExpiresAt time.Time
}

CSRFToken represents a cross-site request forgery token

type IPRateLimiter 

type IPRateLimiter struct {
	// contains filtered or unexported fields
}

IPRateLimiter manages rate limiters for all clients (IPs)

func NewIPRateLimiter 

func NewIPRateLimiter(r rate.Limit, b int, ttl time.Duration) *IPRateLimiter

NewIPRateLimiter creates a new rate limiter manager. r: The number of events allowed per second. b: The burst size (how many requests can be made in a short burst). ttl: How long to keep an IP's limiter in memory after its last request.

func (*IPRateLimiter) Middleware 

func (l *IPRateLimiter) Middleware() gin.HandlerFunc

Middleware returns the Gin middleware handler.

func (*IPRateLimiter) StopCleanup 

func (l *IPRateLimiter) StopCleanup()

StopCleanup stops the cleanup goroutine.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.