Documentation
¶
Index ¶
- Constants
- func Chain(h http.Handler, middlewares ...Middleware) http.Handler
- type AuthConfig
- type DebugAuthConfig
- type Middleware
- func Auth(config *AuthConfig, excludePaths ...string) Middleware
- func DebugAuth(config *DebugAuthConfig) Middleware
- func Logging(logger *slog.Logger) Middleware
- func MaxBody(maxSize int64) Middleware
- func PerIPRateLimit(config *PerIPRateLimitConfig) Middleware
- func RateLimit(config *RateLimitConfig) Middleware
- func Recovery(logger *slog.Logger) Middleware
- func SecurityHeaders() Middleware
- type PerIPRateLimitConfig
- type RateLimitConfig
Constants ¶
const MaxBodySize = 1 << 20 // 1 MB
MaxBodySize is the default maximum request body size (1 MB).
Variables ¶
This section is empty.
Functions ¶
Types ¶
type AuthConfig ¶
type AuthConfig struct {
Enabled bool
User string
Password string
// contains filtered or unexported fields
}
AuthConfig holds authentication configuration. Thread-safe for concurrent access and updates.
func (*AuthConfig) Update ¶
func (c *AuthConfig) Update(enabled bool, user, password string)
Update safely updates auth configuration.
type DebugAuthConfig ¶
type DebugAuthConfig struct {
// Token for Bearer authentication on debug endpoints.
Token string
// FallbackAuthConfig is used when Token is empty.
FallbackAuthConfig *AuthConfig
}
DebugAuthConfig holds debug endpoint authentication configuration.
type Middleware ¶
func Auth ¶
func Auth(config *AuthConfig, excludePaths ...string) Middleware
Auth creates a Basic Auth middleware. Paths in excludePaths will be excluded from authentication. Paths ending with "*" are treated as prefixes (e.g., "/debug/*" matches "/debug/foo").
func DebugAuth ¶
func DebugAuth(config *DebugAuthConfig) Middleware
DebugAuth creates a middleware that protects debug endpoints. If token is set, requires Bearer <token> header. If token is empty but fallback auth is enabled, uses Basic Auth. If both are empty/disabled, blocks all requests.
func Logging ¶
func Logging(logger *slog.Logger) Middleware
func MaxBody ¶
func MaxBody(maxSize int64) Middleware
MaxBody creates a middleware that limits the request body size. If maxSize is 0, uses MaxBodySize constant (1 MB).
func PerIPRateLimit ¶
func PerIPRateLimit(config *PerIPRateLimitConfig) Middleware
PerIPRateLimit creates a middleware that limits request rate per client IP.
func RateLimit ¶
func RateLimit(config *RateLimitConfig) Middleware
RateLimit creates a middleware that limits request rate. Uses token bucket algorithm: allows bursts up to Burst size, refills at RequestsPerSecond rate.
func Recovery ¶
func Recovery(logger *slog.Logger) Middleware
func SecurityHeaders ¶
func SecurityHeaders() Middleware
SecurityHeaders adds security-related HTTP headers to responses. Provides protection against common web vulnerabilities.
type PerIPRateLimitConfig ¶
type PerIPRateLimitConfig struct {
// RequestsPerSecond is the rate limit per IP.
RequestsPerSecond float64
// Burst is the maximum burst size per IP.
Burst int
// Enabled controls whether rate limiting is active.
Enabled bool
// TrustProxy enables trusting X-Forwarded-For and X-Real-IP headers.
// Only enable if behind a trusted reverse proxy.
TrustProxy bool
}
PerIPRateLimitConfig holds per-IP rate limiting configuration.
type RateLimitConfig ¶
type RateLimitConfig struct {
// RequestsPerSecond is the rate limit (requests per second).
RequestsPerSecond float64
// Burst is the maximum burst size.
Burst int
// Enabled controls whether rate limiting is active.
Enabled bool
}
RateLimitConfig holds rate limiting configuration.
Source Files