func NewHandler(backends domain.Backends, logger lager.Logger, apiConfig config.API, staticDir string) http.Handler {
mux := http.NewServeMux()
mux.Handle("/", http.FileServer(http.Dir(staticDir)))
mux.Handle("/v0/backends", BackendsIndex(backends))
return middleware.Chain{
middleware.NewPanicRecovery(logger),
middleware.NewLogger(logger, "/v0"),
middleware.NewHttpsEnforcer(apiConfig.ForceHttps),
middleware.NewBasicAuth(apiConfig.Username, apiConfig.Password),
}.Wrap(mux)
}
BeforeEach(func() {
routePrefix = "/v0"
dummyRequest, err = http.NewRequest("GET", "/v0/backends", nil)
Expect(err).NotTo(HaveOccurred())
dummyRequest.Header.Add("Authorization", fakePassword)
fakeResponseWriter = &apifakes.FakeResponseWriter{}
fakeHandler = &fakes.FakeHandler{}
logger = lagertest.NewTestLogger("backup-download-test")
logger.RegisterSink(lager.NewWriterSink(GinkgoWriter, lager.INFO))
})
It("should log requests that are prefixed with routePrefix", func() {
loggerMiddleware := middleware.NewLogger(logger, routePrefix)
loggerHandler := loggerMiddleware.Wrap(fakeHandler)
loggerHandler.ServeHTTP(fakeResponseWriter, dummyRequest)
logContents := logger.Buffer().Contents()
Expect(logContents).To(ContainSubstring("request"))
Expect(logContents).To(ContainSubstring("response"))
})
It("should not log credentials", func() {
loggerMiddleware := middleware.NewLogger(logger, routePrefix)
loggerHandler := loggerMiddleware.Wrap(fakeHandler)
loggerHandler.ServeHTTP(fakeResponseWriter, dummyRequest)
