// setupMiddleware is an internal method where we setup GIN middleware
func setupMiddleware(r *gin.Engine) {
// TODO: CACHE_URL should come from an environment variable but this requires
// validating and parsing of the connection url into it's base components.
store, err := sessions.NewRedisStore(10, "tcp", "localhost:6379", "", []byte(config.Config.Session_Secret))
if err != nil {
log.Fatalln("Failed to connect to Redis.", err)
}
r.Use(
secure.Secure(secure.Options{ // TODO: we should get these from config
AllowedHosts: []string{},
SSLRedirect: false,
SSLHost: "",
SSLProxyHeaders: map[string]string{"X-Forwarded-Proto": "https"},
STSSeconds: 315360000,
STSIncludeSubdomains: true,
FrameDeny: true,
ContentTypeNosniff: true,
BrowserXssFilter: true,
ContentSecurityPolicy: "default-src 'self'",
}),
sessions.Sessions("session", store),
auth.UserMiddleware(),
)
}
func main() {
r := gin.Default()
r.Use(secure.Secure(secure.Options{
AllowedHosts: []string{"example.com", "ssl.example.com"},
SSLRedirect: true,
SSLHost: "ssl.example.com",
SSLProxyHeaders: map[string]string{"X-Forwarded-Proto": "https"},
STSSeconds: 315360000,
STSIncludeSubdomains: true,
FrameDeny: true,
ContentTypeNosniff: true,
BrowserXssFilter: true,
ContentSecurityPolicy: "default-src 'self'",
}))
r.GET("/ping", func(c *gin.Context) {
c.String(200, "pong "+fmt.Sprint(time.Now().Unix()))
})
// Listen and Server in 0.0.0.0:8080
r.Run(":8080")
}
// SecureMiddleware returns Middleware of Secure
func SecureMiddleware(opt SecureOptions) Middleware {
return Middleware{Func: secure.Secure(secure.Options(opt))}
}