middleware

package

v0.0.0-...-4bcff6b Latest Latest Go to latest Published: Jan 31, 2026 License: MIT Imports: 13 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/SamNet-dev/wg-orchestrator

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func Auth(db *sql.DB, next http.Handler) http.Handler
func CSRF(next http.Handler) http.Handler
func GetClientIP(r *http.Request) string
func GetRequestID(r *http.Request) string
func GetUserID(r *http.Request) int
func GetUserRole(r *http.Request) string
func LocalhostOnly(next http.Handler) http.Handler
func Logger(next http.Handler) http.Handler
func LoginRateLimitMiddleware(next http.Handler) http.Handler
func RateLimit(next http.HandlerFunc) http.HandlerFunc
func RateLimitMiddleware(next http.Handler) http.Handler
func RequestID(next http.Handler) http.Handler
func RequireAdmin(next http.Handler) http.Handler
func SecurityHeaders(next http.Handler) http.Handler
func StopGlobalLimiter()
type BoundedRateLimiter
- func NewBoundedRateLimiter(maxSize, limit int, window time.Duration) *BoundedRateLimiter
- func (rl *BoundedRateLimiter) Stop()

Constants ¶

View Source

const (
	UserIDKey    contextKey = "user_id"
	UserRoleKey  contextKey = "user_role"
	RequestIDKey contextKey = "request_id"
)

Variables ¶

This section is empty.

Functions ¶

func Auth ¶

func Auth(db *sql.DB, next http.Handler) http.Handler

Auth middleware validates session and propagates user context

func CSRF ¶

func CSRF(next http.Handler) http.Handler

CSRF middleware implements double-submit cookie pattern

func GetClientIP ¶

func GetClientIP(r *http.Request) string

GetClientIP extracts real client IP, only trusting X-Forwarded-For from known proxies Exported for use by handlers and other packages

func GetRequestID ¶

func GetRequestID(r *http.Request) string

GetRequestID retrieves request ID from context

func GetUserID ¶

func GetUserID(r *http.Request) int

GetUserID retrieves user ID from request context

func GetUserRole ¶

func GetUserRole(r *http.Request) string

GetUserRole retrieves user role from request context

func LocalhostOnly ¶

func LocalhostOnly(next http.Handler) http.Handler

LocalhostOnly middleware restricts access to localhost (127.0.0.1) only This is used for the internal CLI API that bypasses authentication. It strictly checks RemoteAddr to prevent X-Forwarded-For spoofing.

func Logger ¶

func Logger(next http.Handler) http.Handler

Logger middleware with structured logging including User-Agent

func LoginRateLimitMiddleware ¶

func LoginRateLimitMiddleware(next http.Handler) http.Handler

LoginRateLimitMiddleware applies tighter rate limiting to login attempts

func RateLimit ¶

func RateLimit(next http.HandlerFunc) http.HandlerFunc

RateLimit middleware for http.HandlerFunc (backwards compat)

func RateLimitMiddleware ¶

func RateLimitMiddleware(next http.Handler) http.Handler

RateLimitMiddleware applies rate limiting to http.Handler

func RequestID ¶

func RequestID(next http.Handler) http.Handler

RequestID middleware injects a unique request ID for distributed tracing

func RequireAdmin ¶

func RequireAdmin(next http.Handler) http.Handler

RequireAdmin middleware ensures user has admin role

func SecurityHeaders ¶

func SecurityHeaders(next http.Handler) http.Handler

SecurityHeaders adds security headers to all responses

func StopGlobalLimiter ¶

func StopGlobalLimiter()

StopGlobalLimiter stops the global rate limiter cleanup goroutine

Types ¶

type BoundedRateLimiter ¶

type BoundedRateLimiter struct {
	// contains filtered or unexported fields
}

func NewBoundedRateLimiter ¶

func NewBoundedRateLimiter(maxSize, limit int, window time.Duration) *BoundedRateLimiter

func (*BoundedRateLimiter) Stop ¶

func (rl *BoundedRateLimiter) Stop()

Stop gracefully stops the rate limiter cleanup goroutine

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL