40 lines
1016 B
Go
40 lines
1016 B
Go
package main
|
|
|
|
import "net/http"
|
|
import "log"
|
|
|
|
func secure_headers(next http.Handler) http.Handler {
|
|
fn := func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Set("X-XSS-Protection", "1; mode=block")
|
|
w.Header().Set("X-Frame-Options", "deny")
|
|
|
|
next.ServeHTTP(w, r)
|
|
}
|
|
|
|
return http.HandlerFunc(fn)
|
|
}
|
|
|
|
func log_connection(next http.Handler) http.Handler {
|
|
fn := func(w http.ResponseWriter, r *http.Request) {
|
|
log.Println("Connection!")
|
|
|
|
next.ServeHTTP(w, r)
|
|
}
|
|
|
|
return http.HandlerFunc(fn)
|
|
}
|
|
|
|
func require_authenticated_user(next http.HandlerFunc) http.HandlerFunc {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
// If the user is not authenticated, redirect them to the login page and
|
|
// return from the middleware chain so that no subsequent handlers in
|
|
// the chain are executed.
|
|
if authenticated_user(w, r) == 0 {
|
|
http.Redirect(w, r, "/login", http.StatusSeeOther)
|
|
return
|
|
}
|
|
// Otherwise call the next handler in the chain.
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|