Skip to content

Middleware Module

HTTP middleware collection for Go web applications.

What's Included

  • Recovery — panic recovery with logging
  • CORS — Cross-Origin Resource Sharing
  • Logging — request/response logging
  • Timeout — request timeout
  • Request ID — unique request identifier
  • Body Limit — request body size limit
  • Proxy — trusted proxy handling
  • Debug — debug mode detection

Quick Copy

bash
cp -r registry/middleware/src/go/* yourproject/internal/middleware/

Usage

Chain Middlewares

go
handler := middleware.Chain(
    middleware.Recovery(),
    middleware.CORS(middleware.CORSConfig{
        AllowOrigins: []string{"https://example.com"},
        AllowMethods: []string{"GET", "POST", "PUT", "DELETE"},
    }),
    middleware.Logging(),
    middleware.Timeout(30 * time.Second),
    middleware.BodyLimit(10 << 20), // 10 MB
)(yourHandler)

Individual Middleware

go
// Recovery
http.Handle("/api", middleware.Recovery()(handler))

// CORS
http.Handle("/api", middleware.CORS(config)(handler))

// Logging
http.Handle("/api", middleware.Logging()(handler))

Configuration

CORS

go
config := middleware.CORSConfig{
    AllowOrigins: []string{"https://example.com"},
    AllowMethods: []string{"GET", "POST"},
    AllowHeaders: []string{"Content-Type", "Authorization"},
    MaxAge: 86400,
}

Timeout

go
handler := middleware.Timeout(30 * time.Second)(handler)

File Reference

FilePurpose
recovery.goPanic recovery middleware
cors.goCORS middleware
logging.goRequest logging
timeout.goRequest timeout
requestid.goRequest ID generation
bodylimit.goBody size limit
chain.goMiddleware chaining
config.goConfiguration

Security Features

  • CRLF injection prevention in headers
  • Trusted proxy validation
  • Body size limit prevents large payload attacks

Tests

bash
cd registry/middleware/src/go
go test -v ./...

Released under the MIT License.