Session manager, middleware, utilities and error handler for goFiber app.
Http packages comes with two type session driver by default (header and cookie).
- Session use
"github.com/gomig/cache"for storing session data. - Session required a generator function
func() stringfor creating unique session id. By default session driver contains UUID generator function.
Note: Set expiration 0 to ignore cookie expiration time (delete cookie on browser close and delete cache data after 24 hour).
// Signature:
NewCookieSession(cache cache.Cache, ctx *fiber.Ctx, secure bool, domain string, sameSite string, exp time.Duration, generator func() string, name string) Session
// Example:
import "github.com/gomig/http/session"
cSession := session.NewCookieSession(rCache, ctx, false, "", session.SameSiteLax, 30 * time.Minute, session.UUIDGenerator, "session")Header sessions attached to and parsed from HTTP headers.
Note: If expiration time set to zero cache deleted after 24 hour.
// Signature:
NewHeaderSession(cache cache.Cache, ctx *fiber.Ctx, exp time.Duration, generator func() string, name string) Session
// Example:
import "github.com/gomig/http/session"
hSession := session.NewHeaderSession(rCache, ctx, 30 * time.Minute, session.UUIDGenerator, "X-SESSION-ID")Session interface contains following methods:
Get session id.
ID() stringGet request context.
Context() *fiber.CtxParse session from request.
Parse() errorRegenerate session id.
Regenerate() errorSet session value.
Set(key string, value any)Get session value.
Get(key string) anyDelete session value.
Delete(key string)Check if session is exists.
Exists(key string) boolParse session item as caster.
Cast(key string) caster.CasterDestroy session.
Destroy() errorSave session (must called at end of request).
Save() errorHTTP Package contains following middleware by default:
This middleware automatically generate and attach CSRF key to session if not exists.
// Signature:
CSRFMiddleware(session session.Session) fiber.Handler
// Example:
import "github.com/gomig/http/middlewares"
app.Use(middlewares.CSRFMiddleware(mySession))Check if request is a json request. You can pass a callback handler to call when request is not json. If nil passed to callback this middleware returns 406 HTTP error.
// Signature:
JSONOnly(callback fiber.Handler) fiber.Handler
// Example:
import "github.com/gomig/http/middlewares"
app.Use(middlewares.JSONOnly(nil))This middleware limit maximum request to server. this middleware send X-LIMIT-UNTIL header on locked and X-LIMIT-REMAIN. You can pass a callback handler to call when request is not json. If nil passed to callback this middleware returns 429 HTTP error.
// Signature:
RateLimiter(
key string,
maxAttempts uint32,
ttl time.Duration,
c cache.Cache,
callback fiber.Handler,
methods []string,
ignore []string,
) fiber.Handler
// Example:
import "github.com/gomig/http/middlewares"
app.Use(middlewares.RateLimiter("global", 60, 1 * time.Minute, rCache, nil, []string{"POST", "PUT"}, []string{"/assets.*"})) // Accept 60 request in minutesThis middleware format and log request information to logger (use "github.com/gomig/logger" driver).
// Signature:
AccessLogger(logger logger.Logger) fiber.Handler
// Example:
import "github.com/gomig/http/middlewares"
app.Use(middlewares.AccessLogger(myLogger))This middleware create a session from cookie.
NOTE: Cookie sessions must save manually after data changed!
// Signature:
NewCookieSession(cache cache.Cache, secure bool, domain string, sameSite string, exp time.Duration) fiber.Handler
// Example:
import "github.com/gomig/http/middlewares"
import "github.com/gomig/http/session"
app.Use(middlewares.NewCookieSession(myCache, false, "", session.SameSiteNone, 0))This middleware create a session from HTTP header.
// Signature:
NewHeaderSession(cache cache.Cache, exp time.Duration) fiber.Handler
// Example:
import "github.com/gomig/http/middlewares"
import "github.com/gomig/http/session"
app.Use(middlewares.NewHeaderSession(myCache, 0))Note: You can use GetSession(ctx) helper for resolve session from cookie or session (if cookie not exists then try parse from header).
This Error handler log error to logger and return http error to response. You can use this function instead of default fiber error handler to log error to github.com/gomig/logger driver. You can customize error response by passing callback. If nil passed as callback value this function returns HTTP Status code for response.
Note: You can pass a list of code as onlyCodes parameter to log errors only if error code contains in your list.
// Signature:
ErrorLogger(logger logger.Logger, formatter logger.TimeFormatter, callback ErrorCallback, onlyCodes ...int) fiber.ErrorHandler
// Example:
import "github.com/gomig/http"
app := fiber.New(fiber.Config{
ErrorHandler: http.ErrorLogger(myLogger, myFormatter, nil),
})Check check if request contains file.
func HasFile(ctx *fiber.Ctx, name string) (bool, error)Check if request is json.
func IsJsonRequest(ctx *fiber.Ctx) boolCheck if request want json.
func WantJson(ctx *fiber.Ctx) boolGet cookie session driver from context. return nil on fail!
func CookieSession(ctx *fiber.Ctx) session.SessionGet header session driver from context. return nil on fail!
func HeaderSession(ctx *fiber.Ctx) session.SessionGet session driver from context. If cookie session exists return cookie session otherwise try to resolve header session or return nil on fail.
func GetSession(ctx *fiber.Ctx) session.SessionGet csrf key.
func GetCSRF(session session.Session) (string, error)Check csrf token.
func CheckCSRF(session session.Session, key string) (bool, error)