Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var SecureAdmin = secure.New(secure.Options{ AllowedHosts: strings.Split(os.Getenv("CORS_ADMIN_ORIGINS"), ","), HostsProxyHeaders: []string{"X-Forwarded-Host"}, SSLRedirect: true, SSLHost: "ssl.example.com", SSLProxyHeaders: map[string]string{"X-Forwarded-Proto": "https"}, STSSeconds: 315360000, STSIncludeSubdomains: true, STSPreload: true, FrameDeny: true, ContentTypeNosniff: true, BrowserXssFilter: true, IsDevelopment: true, ContentSecurityPolicy: "", PublicKey: `pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubdomains; report-uri="https://www.example.com/hpkp-report"`, })
SecureAdmin configuration for the admin security middleware
var SecureUser = secure.New(secure.Options{ AllowedHosts: strings.Split(os.Getenv("CORS_ALLOWED_ORIGINS"), ","), HostsProxyHeaders: []string{"X-Forwarded-Host"}, SSLRedirect: true, SSLHost: "ssl.example.com", SSLProxyHeaders: map[string]string{"X-Forwarded-Proto": "https"}, STSSeconds: 315360000, STSIncludeSubdomains: true, STSPreload: true, FrameDeny: true, ContentTypeNosniff: true, BrowserXssFilter: true, IsDevelopment: true, ContentSecurityPolicy: "", PublicKey: `pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubdomains; report-uri="https://www.example.com/hpkp-report"`, })
SecureUser configuration for the user security middleware
Functions ¶
func BasicAuthAdmin ¶
AdminAuth contains the middleware functionality to authenticate an admin
The admin is authenticated using the BasicAuth method against the ADMIN_AUTH_USER and ADMIN_AUTH_PASS environment variables
func BasicAuthUser ¶
BasicAuthUser contains the middleware functionality to authenticate an admin
The admin is authenticated using the BasicAuth method against the BASIC_AUTH_USER and BASIC_AUTH_PASS environment variables
func JwtAuthentication ¶
JwtAuthentication with the jwt, first we set the paths allowed without token(none in this case) Check if the response contains the token Generates the access token using the secret key contained on the .env file and compares it with the received one, if they match, we grant access, if not, we deny it.
Returns 401 - "Unauthorized" if the request contains a malformed authorization token
Returns 403 - "Forbidden" if the request does not contain an authorization token If the token is correct, we perform the request of the user
func RateLimiter ¶
RateLimiter middleware sets up the request limit based on the user ip
The user ip gets stored on a map and has associated a rate, if the rate is exceeded, a TooManyRequests error is thrown ¶
The map is checked every 3 minutes, the ips that have not called in that time are deleted
Types ¶
type Token ¶
type Token struct { UserId string jwt.StandardClaims }