Documentation ¶
Overview ¶
Package middleware provides auth middle procedures
Index ¶
- func AllowCORS(h http.Handler) http.Handler
- func AuthHTTP(metricsPrefix string, next http.Handler, oauth2provider fosite.OAuth2Provider, ...) http.Handler
- func HTTPContextWrapper(h http.Handler, ctxWrapper func(ctx context.Context) context.Context) http.Handler
- func HTTPSession(h http.Handler, manager *scs.SessionManager) http.Handler
- func RealIP(h http.Handler) http.Handler
- func RequestID(next http.Handler, opts ...requestid.Option) http.Handler
- func SetTestMode(test bool)
- type AuthOption
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AllowCORS ¶
AllowCORS allows Cross Origin Resoruce Sharing from any origin. Don't do this without consideration in production systems.
func AuthHTTP ¶
func AuthHTTP(metricsPrefix string, next http.Handler, oauth2provider fosite.OAuth2Provider, jwtProvider *jwt.Provider, authOpt *AuthOption) http.Handler
AuthHTTP middleware
func HTTPContextWrapper ¶
func HTTPContextWrapper(h http.Handler, ctxWrapper func(ctx context.Context) context.Context) http.Handler
HTTPContextWrapper global middelware of the HTTP rounter
func HTTPSession ¶
HTTPSession middleware wrapper
func RealIP ¶
RealIP is a middleware that sets a http.Request's RemoteAddr to the results of parsing either the X-Forwarded-For header or the X-Real-IP header (in that order).
This middleware should be inserted fairly early in the middleware stack to ensure that subsequent layers (e.g., request loggers) which examine the RemoteAddr will see the intended value.
You should only use this middleware if you can trust the headers passed to you (in particular, the two headers this middleware uses), for example because you have placed a reverse proxy like HAProxy or nginx in front of chi. If your reverse proxies are configured to pass along arbitrary header values from the client, or if you use this middleware without a reverse proxy, malicious clients will be able to make you very sad (or, depending on how you're using RemoteAddr, vulnerable to an attack of some sort).
Types ¶
type AuthOption ¶
AuthOption to access to default user