func main() {
middle := interpose.New()
router := mux.NewRouter()
router.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, `<h1>Welcome to the public page!</h1><p><a href="/protected/">Rabbit hole</a></p>`)
})
middle.UseHandler(router)
// Now we will define a sub-router that uses the BasicAuth middleware
// When you call any url starting with the path /protected, you will need to authenticate
protectedRouter := mux.NewRouter().Methods("GET").PathPrefix("/protected").Subrouter()
protectedRouter.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the protected page!")
})
// Define middleware that pertains to the part of the site protected behind HTTP Auth
// and add the protected router to the protected middleware
protectedMiddlew := interpose.New()
protectedMiddlew.Use(middleware.BasicAuth("john", "doe"))
protectedMiddlew.UseHandler(protectedRouter)
// Add the protected middleware and its router to the main router
router.Methods("GET").PathPrefix("/protected").Handler(protectedMiddlew)
http.ListenAndServe(":3001", middle)
}
func main() {
middle := interpose.New()
router := mux.NewRouter()
router.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, `<h1>Welcome to the public page!</h1><p><a href="/protected/">Rabbit hole</a></p>`)
})
middle.UseHandler(router)
// Now we will define a sub-router that uses the BasicAuth middleware
// When you call any url starting with the path /protected, you will need to authenticate
protectedRouter := mux.NewRouter().Methods("GET").PathPrefix("/protected").Subrouter()
protectedRouter.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the protected page, %s!", context.Get(req, authKey))
})
protectedMiddlew := interpose.New()
protectedMiddlew.Use(middleware.BasicAuthFunc(func(user, pass string, req *http.Request) bool {
if middleware.SecureCompare(user, "admin") && middleware.SecureCompare(pass, "guessme") {
context.Set(req, authKey, user)
return true
} else {
return false
}
}))
protectedMiddlew.Use(context.ClearHandler)
protectedMiddlew.UseHandler(protectedRouter)
router.Methods("GET").PathPrefix("/protected").Handler(protectedMiddlew)
http.ListenAndServe(":3001", middle)
}
func main() {
middle := interpose.New()
// Tell the browser which server this came from.
// This modifies headers, so we want this to be called before
// any middleware which might modify the body (in HTTP, the headers cannot be
// modified after the body is modified)
middle.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
rw.Header().Set("X-Server-Name", "Interpose Test Server")
next.ServeHTTP(rw, req)
})
})
// Apply the router. By adding it last, all of our other middleware will be
// executed before the router, allowing us to modify headers before any
// output has been generated.
router := mux.NewRouter()
middle.UseHandler(router)
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the home page, %s!", mux.Vars(req)["user"])
})
// Launch and permit graceful shutdown, allowing up to 10 seconds for existing
// connections to end
graceful.Run(":3001", 10*time.Second, middle)
}
func main() {
middle := interpose.New()
// Create a middleware that yields a global counter that increments until
// the server is shut down. Note that this would actually require a mutex
// or a channel to be safe for concurrent use. Therefore, this example is
// unsafe.
middle.Use(context.ClearHandler)
middle.Use(func() func(http.Handler) http.Handler {
c := 0
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
c++
context.Set(req, CountKey, c)
next.ServeHTTP(w, req)
})
}
}())
// Apply the router.
router := mux.NewRouter()
router.HandleFunc("/test/{user}", func(w http.ResponseWriter, req *http.Request) {
c, ok := context.GetOk(req, CountKey)
if !ok {
fmt.Println("Context not ok")
}
fmt.Fprintf(w, "Hi %s, this is visit #%d to the site since the server was last rebooted.", mux.Vars(req)["user"], c)
})
middle.UseHandler(router)
http.ListenAndServe(":3001", middle)
}
func main() {
mw := interpose.New()
// Turn on output buffering. It's added first because it encapsulates all other output.
// This enables headers to be written after data is sent, because they're all stored
// in a buffer, so the user's browser will see everything in the order it expects.
mw.Use(middleware.Buffer())
// Tell the browser our output will be JSON. Note that because this is added
// before the router, we will write JSON headers AFTER the router starts
// writing output to the browser! Usually this would mean that the header would
// not get set correctly. However, because we are buffering (see below),
// nothing will get sent to the browser until all output is finished rendering.
// This means that the header will get set correctly.
mw.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Content-Type", "application/json")
next.ServeHTTP(w, req)
})
})
// Apply the router.
router := mux.NewRouter()
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the home page, %s!", mux.Vars(req)["user"])
})
mw.UseHandler(router)
// Launch and permit graceful shutdown, allowing up to 10 seconds for existing
// connections to end
graceful.Run(":3001", 10*time.Second, mw)
}
func main() {
middle := interpose.New()
// Send a header telling the world this is coming from an Interpose Test Server
// You could imagine setting Content-type application/json or other useful
// headers in other circumstances.
middle.UseHandler(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
rw.Header().Set("X-Server-Name", "Interpose Test Server")
}))
// In this example, we use a basic router with a catchall route that
// matches any path. In other examples in this project, we use a
// more advanced router.
// The last middleware added is the last executed, so by adding the router
// last, our other middleware get a chance to modify HTTP headers before our
// router writes to the HTTP Body
router := http.NewServeMux()
middle.UseHandler(router)
router.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to %s!", req.URL.Path)
}))
http.ListenAndServe(":3001", middle)
}
func main() {
mw := interpose.New()
// Set a random integer everytime someone loads the page
mw.Use(context.ClearHandler)
mw.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
c := rand.Int()
fmt.Println("Setting ctx count to:", c)
context.Set(req, CountKey, c)
next.ServeHTTP(w, req)
})
})
// Apply the router.
router := mux.NewRouter()
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
c, ok := context.GetOk(req, CountKey)
if !ok {
fmt.Println("Get not ok")
}
fmt.Fprintf(w, "Welcome to the home page, %s!\nCount:%d", mux.Vars(req)["user"], c)
})
mw.UseHandler(router)
// Launch and permit graceful shutdown, allowing up to 10 seconds for existing
// connections to end
graceful.Run(":3001", 10*time.Second, mw)
}
func main() {
mw := interpose.New()
// Use unrolled's secure framework
// If you inspect the headers, you will see X-Frame-Options set to DENY
// Must be called before the router because it modifies HTTP headers
secureMiddleware := secure.New(secure.Options{
FrameDeny: true,
})
mw.Use(secureMiddleware.Handler)
// Apply the router. By adding it first, all of our other middleware will be
// executed before the router, allowing us to modify headers before any
// output has been generated.
router := mux.NewRouter()
mw.UseHandler(router)
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the home page, %s!", mux.Vars(req)["user"])
})
// Launch and permit graceful shutdown, allowing up to 10 seconds for existing
// connections to end
graceful.Run(":3001", 10*time.Second, mw)
}
func Test_BasicAuthFunc(t *testing.T) {
for auth, valid := range map[string]bool{
"foo:spam": true,
"bar:spam": true,
"foo:eggs": false,
"bar:eggs": false,
"baz:spam": false,
"foo:spam:extra": false,
"dummy:": false,
"dummy": false,
"": false,
} {
recorder := httptest.NewRecorder()
encoded := "Basic " + base64.StdEncoding.EncodeToString([]byte(auth))
i := interpose.New()
i.Use(BasicAuthFunc(func(username, password string, _ *http.Request) bool {
return (username == "foo" || username == "bar") && password == "spam"
}))
i.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
w.Write([]byte("hello"))
next.ServeHTTP(w, req)
})
})
r, _ := http.NewRequest("GET", "foo", nil)
i.ServeHTTP(recorder, r)
if recorder.Code != 401 {
t.Error("Response not 401, params:", auth)
}
if recorder.Body.String() == "hello" {
t.Error("Auth block failed, params:", auth)
}
recorder = httptest.NewRecorder()
r.Header.Set("Authorization", encoded)
i.ServeHTTP(recorder, r)
if valid && recorder.Code == 401 {
t.Error("Response is 401, params:", auth)
}
if !valid && recorder.Code != 401 {
t.Error("Response not 401, params:", auth)
}
if valid && recorder.Body.String() != "hello" {
t.Error("Auth failed, got: ", recorder.Body.String(), "params:", auth)
}
if !valid && recorder.Body.String() == "hello" {
t.Error("Auth block failed, params:", auth)
}
}
}
func main() {
middle := interpose.New()
// Invoke the Gorilla framework's combined logger
middle.Use(middleware.GorillaLog())
// Create a router to serve HTTP content at two paths
// and tell our middleware about the router
router := mux.NewRouter()
middle.UseHandler(router)
router.PathPrefix("/green").Subrouter().Handle("/{name}", Green(http.HandlerFunc(welcomeHandler)))
router.Handle("/{name}", http.HandlerFunc(welcomeHandler))
http.ListenAndServe(":3001", middle)
}
func main() {
middle := interpose.New()
// First apply any middleware that will not write output to http body
// but which may (or may not) modify headers
middle.Use(middleware.GorillaLog())
// Now apply any middleware that might modify the http body. This permits the
// preceding middleware to alter headers
router := mux.NewRouter()
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the home page, %s!", mux.Vars(req)["user"])
})
middle.UseHandler(router)
http.ListenAndServe(":3001", middle)
}
func main() {
router := mux.NewRouter()
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the home page, %s!", mux.Vars(req)["user"])
})
middle := interpose.New()
// Use Martini-Auth, a Martini library for basic HTTP authentication
middle.Use(adaptors.FromMartini(auth.Basic("user", "basic")))
// Finally, add the router
middle.UseHandler(router)
// Now visit http://localhost:3001/guest and enter username "user"
// and password "basic"
http.ListenAndServe(":3001", middle)
}
func main() {
middle := interpose.New()
// First apply any middleware that will not write output to http body
// Log to stdout. Taken from Gorilla
middle.Use(middleware.GorillaLog())
// Gzip output that follows. Taken from Negroni
middle.Use(middleware.NegroniGzip(gzip.DefaultCompression))
// Now apply any middleware that modify the http body.
router := mux.NewRouter()
middle.UseHandler(router)
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the home page, %s!", mux.Vars(req)["user"])
})
http.ListenAndServe(":3001", middle)
}
func main() {
router := mux.NewRouter()
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the home page, %s!", mux.Vars(req)["user"])
})
mw := interpose.New()
// Use logrus
x := negroni.Handler(negronilogrus.NewMiddleware())
mw.Use(adaptors.FromNegroni(x))
// Apply the router. By adding it last, all of our other middleware will be
// executed before the router, allowing us to modify headers before any
// output has been generated.
mw.UseHandler(router)
// Launch and permit graceful shutdown, allowing up to 10 seconds for existing
// connections to end
graceful.Run(":3001", 10*time.Second, mw)
}
func main() {
InitLogLevel()
log.Println("Launching liveplant server")
app, _ := NewApplication()
middle := interpose.New()
middle.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.Header().Set("Access-Control-Allow-Origin", "*")
next.ServeHTTP(w, req)
})
})
middle.UseHandler(app.mux())
ServerPort := "5000" // default port
if len(os.Getenv("PORT")) > 0 {
ServerPort = os.Getenv("PORT")
}
drainInterval, _ := time.ParseDuration("1s")
srv := &graceful.Server{
Timeout: drainInterval,
Server: &http.Server{
Addr: ":" + ServerPort,
Handler: middle,
},
}
log.Println("Running liveplant server on port " + ServerPort)
err := srv.ListenAndServe()
if err != nil {
log.Fatal(err.Error())
}
}
func main() {
mw := interpose.New()
// Tell the browser our output will be JSON
mw.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Content-Type", "application/json")
next.ServeHTTP(w, req)
})
})
// Apply the router. Because HTTP requires that headers be modified before
// the body, the JSON header function must be added to the middleware stack
// before the router.
router := mux.NewRouter()
router.HandleFunc("/{user}", func(w http.ResponseWriter, req *http.Request) {
fmt.Fprintf(w, "Welcome to the home page, %s!", mux.Vars(req)["user"])
})
mw.UseHandler(router)
// Launch and permit graceful shutdown, allowing up to 10 seconds for existing
// connections to end
graceful.Run(":3001", 10*time.Second, mw)
}
func main() {
mw := interpose.New()
// Invoke NoSurf (it modifies headers so must be called before your router)
mw.Use(middleware.Nosurf())
// Create and apply the router
router := mux.NewRouter()
mw.UseHandler(router)
router.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) {
context := make(map[string]string)
context["token"] = nosurf.Token(req)
if req.Method == "POST" {
context["name"] = req.FormValue("name")
}
templ.Execute(w, context)
})
// Launch and permit graceful shutdown, allowing up to 10 seconds for existing
// connections to end
graceful.Run(":3001", 10*time.Second, mw)
}
func Test_BasicAuth(t *testing.T) {
recorder := httptest.NewRecorder()
auth := "Basic " + base64.StdEncoding.EncodeToString([]byte("foo:bar"))
i := interpose.New()
i.Use(BasicAuth("foo", "bar"))
i.Use(func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
w.Write([]byte("hello"))
next.ServeHTTP(w, req)
})
})
r, _ := http.NewRequest("GET", "foo", nil)
i.ServeHTTP(recorder, r)
if recorder.Code != 401 {
t.Errorf("recorder.Code wrong. Got %d wanted 401", recorder.Code)
}
if recorder.Body.String() == "hello" {
t.Error("Auth block failed")
}
recorder = httptest.NewRecorder()
r.Header.Set("Authorization", auth)
i.ServeHTTP(recorder, r)
if recorder.Code == 401 {
t.Error("Response is 401")
}
if recorder.Body.String() != "hello" {
t.Error("Auth failed, got: ", recorder.Body.String())
}
}
