Package middleware

gophish: github.com/gophish/gophish/middleware Index | Files | Directories

package middleware

import "github.com/gophish/gophish/middleware"

Package middleware is responsible for the definition/implementation of middleware functionality. This package will also handle maintaining request Context and Session.

var CSRFExemptPrefixes = []string{
    "/api",
}

CSRFExemptPrefixes are a list of routes that are exempt from CSRF protection

❖

var Store = sessions.NewCookieStore(
    []byte(securecookie.GenerateRandomKey(64)),
    []byte(securecookie.GenerateRandomKey(32)))

Store contains the session information for the request

func ApplySecurityHeaders ¶ Uses

❖

func ApplySecurityHeaders(next http.Handler) http.HandlerFunc

ApplySecurityHeaders applies various security headers according to best- practices.

func CSRFExceptions ¶ Uses

❖

func CSRFExceptions(handler http.Handler) http.HandlerFunc

CSRFExceptions is a middleware that prevents CSRF checks on routes listed in CSRFExemptPrefixes.

func EnforceViewOnly ¶ Uses

❖

func EnforceViewOnly(next http.Handler) http.Handler

EnforceViewOnly is a global middleware that limits the ability to edit objects to accounts with the PermissionModifyObjects permission.

func GetContext ¶ Uses

❖

func GetContext(handler http.Handler) http.HandlerFunc

GetContext wraps each request in a function which fills in the context for a given request. This includes setting the User and Session keys and values as necessary for use in later functions.

func JSONError ¶ Uses

❖

func JSONError(w http.ResponseWriter, c int, m string)

JSONError returns an error in JSON format with the given status code and message

func RequireAPIKey ¶ Uses

❖

func RequireAPIKey(handler http.Handler) http.Handler

RequireAPIKey ensures that a valid API key is set as either the api_key GET parameter, or a Bearer token.

func RequireLogin ¶ Uses

❖

func RequireLogin(handler http.Handler) http.HandlerFunc

RequireLogin checks to see if the user is currently logged in. If not, the function returns a 302 redirect to the login page.

func RequirePermission ¶ Uses

❖

func RequirePermission(perm string) func(http.Handler) http.HandlerFunc

RequirePermission checks to see if the user has the requested permission before executing the handler. If the request is unauthorized, a JSONError is returned.

func Use ¶ Uses

❖

func Use(handler http.HandlerFunc, mid ...func(http.Handler) http.HandlerFunc) http.HandlerFunc

Use allows us to stack middleware to process the request Example taken from https://github.com/gorilla/mux/pull/36#issuecomment-25849172

Directories ¶

Path	Synopsis
ratelimit	Package ratelimit provides a simple token-bucket rate limiting middleware which only allows n POST requests every minute.

Package middleware imports 10 packages (graph) and is imported by 19 packages. Updated 2020-10-15. Refresh now. Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
g then i	: Go to index
g then e	: Go to examples