Documentation
¶
Overview ¶
Package echopop adds middleware functions to projects using the Invopop API and the Echo v4 web framework.
Index ¶
- func AssetPath(content embed.FS, file ...string) string
- func AuthEnrollment(ic *invopop.Client) echo.MiddlewareFuncdeprecated
- func AuthToken(c echo.Context) string
- func GenerateCookieSecret() string
- func GetClient(c echo.Context) *invopop.Client
- func GetEnrollment(c echo.Context) *invopop.Enrollment
- func GetSession(c echo.Context) *invopop.Session
- func LoadEnrollment(ic *invopop.Client, c echo.Context) error
- func LoadSession(ic *invopop.Client) echo.MiddlewareFunc
- func Render(c echo.Context, status int, t templ.Component) error
- func StoreSessionCookie(c echo.Context, sess *invopop.Session) error
- type Option
- type Service
- func (s *Service) Render(name, src string, fs embed.FS)deprecated
- func (s *Service) Root(fn func(*echo.Group))
- func (s *Service) Serve(fn func(*echo.Echo))
- func (s *Service) Start(port string) error
- func (s *Service) StaticRootFS(fs fs.FS, root string)
- func (s *Service) Stop(ctx context.Context) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AssetPath ¶ added in v0.36.0
AssetPath will find the file inside the embedded filesystem and attempt to add a version hash in the query parameter so that when the asset is loaded it will always provide the latest version.
For example, to load a JS file inside a Templ component:
<script src={ echopop.AssetPath(assets.Content, "scripts", "app.js") }></script>
Where `assets.Content` is the source of the file and `"scripts", "app.js"` identify the file's location. Output assumes that sources are from the root, for example, the above method might produce:
<script src="/scripts/app.js?v=12345678"></script>
A simple version cache is used, and will only be renewed upon reloading the application. Paths must be unique for this to work correctly.
func AuthEnrollment
deprecated
func AuthEnrollment(ic *invopop.Client) echo.MiddlewareFunc
AuthEnrollment defines a middleware function that will authenticate an enrollment with the Invopop API. This middleware will only work if the invopop client has been prepared using the OAuth Client ID and Secret.
This method supports tokens provided either via the "Authorization" header, or a "state" query parameter, and is meant to be used by applications that offer a web interface via the Invopop Console.
Enrollments authorized in this way will include a new token with additional scopes that can be used to access restricted functionality like updating the embedded enrollment data or accessing silo entry meta rows.
Deprecated: You should provide your own middleware around the LoadEnrollment method and provide custom response handling for your application.
func AuthToken ¶ added in v0.58.0
AuthToken is a convenience method to extract the authentication token from the request context. It will look for a Bearer token in the Authorization header, or a "state" query parameter which is often used in OAuth 2.0 flows. If no token is found, an empty string is returned.
func GenerateCookieSecret ¶ added in v0.58.0
func GenerateCookieSecret() string
GenerateCookieSecret will generate a sufficiently random secret suitable for use with sessions.
func GetClient ¶
GetClient provides the Invopop client that was prepared with the enrollment's auth token.
func GetEnrollment ¶
func GetEnrollment(c echo.Context) *invopop.Enrollment
GetEnrollment retrieves the enrollment object from the context.
func GetSession ¶ added in v0.58.0
GetSession will retrieve the session object from the context assuming that it was already prepared using the echopop Service's LoadSession middleware.
func LoadEnrollment ¶ added in v0.58.0
LoadEnrollment will try to load the enrollment using the request details and provide the enrollment and prepared client in the context.
This method supports tokens provided either via the "Authorization" header, or a "state" query parameter, and is meant to be used by applications that offer a web interface via the Invopop Console.
Enrollments authorized in this way will include a new token with additional scopes that can be used to access restricted functionality like updating the embedded enrollment data or accessing silo entry meta rows.
We'd recommend using sessions instead of this method for most applications.
func LoadSession ¶ added in v0.58.0
func LoadSession(ic *invopop.Client) echo.MiddlewareFunc
LoadSession provides the session middleware for usage in routes that may use a session. This will only try and prepare the session object based on the presence of the `Authorization` header, `state` query parameter, or a cookie, and will not enforce that a session is authorized.
Depending on your use-case, you may want to follow this middleware up with an Authorize call on the session to ensure that it is valid and populate it with data from the enrollment.
While storage in cookies is permitted, as a rule this is not recommended, and especially not for embedded applications running inside the Invopop Console where sessions stored in cookies would be shared between multiple browser tabs potentially showing different workspaces.
func Render ¶ added in v0.36.0
Render will render the provided Templ Component.
Usage example:
func (ct *controller) config(c echo.Context) error {
return echopop.Render(c, http.StatusOK, app.Configure())
}
func StoreSessionCookie ¶ added in v0.58.0
StoreSessionCookie will store the session object into a secure cookie in the response headers. Cookies can only be used for browser-based page requests as Cookie's HttpOnly flag prevents AJAX requests from accessing them. Use the `Authorization` header for API/AJAX requests which may include the session also.
Types ¶
type Option ¶ added in v0.58.0
type Option func(s *Service)
Option defines a configuration option for the Service.
func WithCookieSessionKey ¶ added in v0.58.0
WithCookieSessionKey sets the session key to be used by the service. This must be a sufficiently long random string to ensure the security of the session cookies, with a minimum length of 32 bytes recommended. See the GenerateCookieSecret function for a way to generate a suitable random string.
type Service ¶
type Service struct {
// contains filtered or unexported fields
}
Service provides a wrapper around Echo that makes it a bit easier to start up a new service that will provide an HTTP server.
func NewService ¶
NewService instantiates a new echo service using some reasonable defaults. Typical usage example:
svc := echopop.NewService(
echopop.WithCookieSessionKey("your-randomly-long-secret"),
)
svc.Serve(func(e *echo.Echo) {
e.StaticFS("/", assets.Content)
g := e.Group("/api", echopop.LoadSession(ic))
g.GET("/test", testHandler)
})
func (*Service) Render
deprecated
Render will prepare the echo templating feature using "goview" and the recommended defaults for modules.
If the source file path is not found, it'll attempt to use the provided filesystem object. Assets served from disk will have caching disabled to facilitate rapid reloading.
Usage example:
m.Render("templates", "./assets", assets.Content)
Where the name ("templates") defines the path inside the source assets folder ("./assets") to find the data, *or* if not available, use the `assets.Content` embedded filesystem.
Deprecated: use the echopop.Render method that uses templ.
func (*Service) Serve ¶
Serve provides the echo instance in a callback method which might be semantically useful, but doesn't do much.
func (*Service) StaticRootFS ¶
StaticRootFS is used to serve static file assets from the web folder root. The root is the path to the folder in the filesystem, and the fs is the filesystem object to use.
Source Files