/middleware

The default middleware for Buffalo apps

Primary LanguageGoMIT LicenseMIT

Middleware

Standard Test Go Report Card Go Reference

Middleware is a fundamental module that provides the default middleware for buffalo applications.

Installation

with Buffalo

The default middleware is setup by default on a new Buffalo app.

$ buffalo new myapp

Buffalo CLI will generate application scafflod and actions/app.go will be configured to use default middlewares by default.

Standalone

$ go get github.com/gobuffalo/middleware

contenttype

contenttype middleware provides a feature that sets the fallback content type (which is used when the client sent nothing) or overrides the client-specified content type. This middleware will be enabled by default in your app when you generate a new API application with buffalo new --api command.

csrf

csrf middleware provides CSRF protection for Buffalo apps. This middleware will be enabled by default in your app when you generate a new application scaffold with buffalo new command.

forcessl

forcessl middleware provides a feature that automatically redirects requests that is not use HTTPS. This middleware will be enabled by default in your app when you generate a new application scaffold with buffalo new command. It is configured to enforce the redirection in the production mode only. You could customize it in actions/app.go if you need a different behavior.

i18n

i18n middleware provides internationalization support in your application:

  • User language detection from configurable sources
  • Translation helper using locales bundles from github.com/nicksnyder/go-i18n
  • Localized views

See https://gobuffalo.io/documentation/guides/localization/ for further information about Buffalo translation features and configuration.

paramlogger

paramlogger middleware provides the request parameter logging feature. This middleware will be enabled by default in your app when you generate a new application scaffold with buffalo new command.

By default, it filters out pre-defined sensitive parameters and they will be printed as [FILTERED] in the log. (keywords are case insensitive)

Currently, the pre-defined parameters are:

  • password
  • passwordconfirmation
  • creditcard
  • cvc

paramlogger also allows to exclude user-defined parameters by specifying those in the ParameterExclusionList before using the ParamegerLogger middleware in the app.

    paramlogger.ParameterExclusionList = append(paramlogger.ParameterExclusionList, "secret", "phone_number")
    app.Use(paramlogger.ParameterLogger)

or

    paramlogger.ParameterExclusionList = []string{
        "password",
        "passwordconfirmation",
        "secret",
        "phone_number",
    }
    app.Use(paramlogger.ParameterLogger)

Documentation