blumenjs 0.1.7 → 0.2.1

package/dist/templates/go-server/middleware.go

@@ -0,0 +1,546 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"net/http"
+	"strings"
+	"sync"
+	"time"
+)
+
+// ─── Middleware Engine ─────────────────────────────────────────
+// Go-native middleware chain that wraps the HTTP mux.
+// Each middleware runs in the request's goroutine — zero overhead,
+// full access to Go ecosystem (databases, Redis, gRPC, etc.)
+
+// MiddlewareFunc is the signature for all Blumen middleware.
+// Call next(w, r) to pass control to the next middleware or the final handler.
+type MiddlewareFunc func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc)
+
+// middlewareEntry pairs a middleware with an optional path pattern.
+type middlewareEntry struct {
+	fn      MiddlewareFunc
+	pattern string // Empty = global, otherwise glob pattern like "/api/*"
+}
+
+// MiddlewareChain holds an ordered list of middleware functions.
+type MiddlewareChain struct {
+	entries []middlewareEntry
+}
+
+// NewMiddlewareChain creates an empty middleware chain.
+func NewMiddlewareChain() *MiddlewareChain {
+	return &MiddlewareChain{}
+}
+
+// Use adds a global middleware that runs on every request.
+func (c *MiddlewareChain) Use(fn MiddlewareFunc) {
+	c.entries = append(c.entries, middlewareEntry{fn: fn})
+}
+
+// UseOn adds a scoped middleware that only runs on matching paths.
+// Patterns support:
+//   - Exact match: "/dashboard/settings"
+//   - Prefix match: "/api/*" matches "/api/users", "/api/users/123", etc.
+//   - Wildcard: "/*" matches everything
+func (c *MiddlewareChain) UseOn(pattern string, fn MiddlewareFunc) {
+	c.entries = append(c.entries, middlewareEntry{fn: fn, pattern: pattern})
+}
+
+// Then wraps a final http.Handler with the middleware chain.
+// Returns a new http.Handler that runs middleware → handler.
+func (c *MiddlewareChain) Then(handler http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// Filter entries to only those matching this request path
+		matching := make([]MiddlewareFunc, 0, len(c.entries))
+		for _, entry := range c.entries {
+			if entry.pattern == "" || matchPattern(entry.pattern, r.URL.Path) {
+				matching = append(matching, entry.fn)
+			}
+		}
+
+		// Build the chain: last middleware calls the handler, each prior calls the next
+		final := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			handler.ServeHTTP(w, r)
+		})
+
+		chain := final
+		for i := len(matching) - 1; i >= 0; i-- {
+			fn := matching[i]
+			next := chain
+			chain = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				fn(w, r, next)
+			})
+		}
+
+		chain.ServeHTTP(w, r)
+	})
+}
+
+// matchPattern checks if a URL path matches a middleware pattern.
+func matchPattern(pattern, path string) bool {
+	// Exact match
+	if pattern == path {
+		return true
+	}
+
+	// Prefix wildcard: "/api/*" matches "/api/anything"
+	if strings.HasSuffix(pattern, "/*") {
+		prefix := strings.TrimSuffix(pattern, "/*")
+		return path == prefix || strings.HasPrefix(path, prefix+"/")
+	}
+
+	return false
+}
+
+// ─── Response Writer Wrapper ───────────────────────────────────
+// Captures the status code for logging middleware.
+
+type responseWriter struct {
+	http.ResponseWriter
+	statusCode int
+	written    bool
+}
+
+func newResponseWriter(w http.ResponseWriter) *responseWriter {
+	return &responseWriter{ResponseWriter: w, statusCode: http.StatusOK}
+}
+
+func (rw *responseWriter) WriteHeader(code int) {
+	if !rw.written {
+		rw.statusCode = code
+		rw.written = true
+	}
+	rw.ResponseWriter.WriteHeader(code)
+}
+
+func (rw *responseWriter) Write(b []byte) (int, error) {
+	if !rw.written {
+		rw.written = true
+	}
+	return rw.ResponseWriter.Write(b)
+}
+
+// ─── Built-in: Logger Middleware ───────────────────────────────
+// Logs every request with method, path, status code, and duration.
+
+func LoggerMiddleware() MiddlewareFunc {
+	return func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		start := time.Now()
+		rw := newResponseWriter(w)
+
+		next(rw, r)
+
+		duration := time.Since(start)
+		status := rw.statusCode
+
+		// Color-code the status
+		var statusColor string
+		switch {
+		case status >= 500:
+			statusColor = "\033[31m" // Red
+		case status >= 400:
+			statusColor = "\033[33m" // Yellow
+		case status >= 300:
+			statusColor = "\033[36m" // Cyan
+		default:
+			statusColor = "\033[32m" // Green
+		}
+		reset := "\033[0m"
+
+		log.Printf("%s %s %s%d%s %v",
+			r.Method,
+			r.URL.Path,
+			statusColor, status, reset,
+			duration,
+		)
+	}
+}
+
+// ─── Built-in: CORS Middleware ─────────────────────────────────
+// Sets Cross-Origin Resource Sharing headers.
+
+// CORSConfig configures the CORS middleware.
+type CORSConfig struct {
+	AllowOrigins     []string // Allowed origins. ["*"] = all.
+	AllowMethods     []string // Allowed HTTP methods.
+	AllowHeaders     []string // Allowed request headers.
+	ExposeHeaders    []string // Headers the browser can access.
+	AllowCredentials bool     // Whether to allow credentials (cookies).
+	MaxAge           int      // Preflight cache duration in seconds.
+}
+
+// DefaultCORSConfig returns a permissive CORS configuration for development.
+func DefaultCORSConfig() CORSConfig {
+	return CORSConfig{
+		AllowOrigins:     []string{"*"},
+		AllowMethods:     []string{"GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"},
+		AllowHeaders:     []string{"Content-Type", "Authorization", "X-Blumen-Data"},
+		ExposeHeaders:    []string{"X-Blumen-Cache"},
+		AllowCredentials: false,
+		MaxAge:           86400,
+	}
+}
+
+func CORSMiddleware(config CORSConfig) MiddlewareFunc {
+	allowOrigin := strings.Join(config.AllowOrigins, ", ")
+	allowMethods := strings.Join(config.AllowMethods, ", ")
+	allowHeaders := strings.Join(config.AllowHeaders, ", ")
+	exposeHeaders := strings.Join(config.ExposeHeaders, ", ")
+	maxAge := fmt.Sprintf("%d", config.MaxAge)
+
+	return func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		origin := r.Header.Get("Origin")
+
+		// Determine the Access-Control-Allow-Origin value
+		if allowOrigin == "*" {
+			w.Header().Set("Access-Control-Allow-Origin", "*")
+		} else if origin != "" {
+			for _, allowed := range config.AllowOrigins {
+				if allowed == origin {
+					w.Header().Set("Access-Control-Allow-Origin", origin)
+					break
+				}
+			}
+		}
+
+		w.Header().Set("Access-Control-Allow-Methods", allowMethods)
+		w.Header().Set("Access-Control-Allow-Headers", allowHeaders)
+		if exposeHeaders != "" {
+			w.Header().Set("Access-Control-Expose-Headers", exposeHeaders)
+		}
+		if config.AllowCredentials {
+			w.Header().Set("Access-Control-Allow-Credentials", "true")
+		}
+
+		// Handle preflight requests
+		if r.Method == http.MethodOptions {
+			w.Header().Set("Access-Control-Max-Age", maxAge)
+			w.WriteHeader(http.StatusNoContent)
+			return
+		}
+
+		next(w, r)
+	}
+}
+
+// ─── Built-in: Rate Limit Middleware ───────────────────────────
+// In-memory token bucket rate limiter per client IP.
+
+type rateLimitEntry struct {
+	tokens    float64
+	lastCheck time.Time
+}
+
+type rateLimiter struct {
+	mu      sync.Mutex
+	entries map[string]*rateLimitEntry
+	limit   float64        // Max tokens (requests) per window
+	window  time.Duration  // Refill window
+}
+
+func newRateLimiter(limit int, window time.Duration) *rateLimiter {
+	rl := &rateLimiter{
+		entries: make(map[string]*rateLimitEntry),
+		limit:   float64(limit),
+		window:  window,
+	}
+
+	// Cleanup expired entries every minute
+	go func() {
+		for {
+			time.Sleep(time.Minute)
+			rl.mu.Lock()
+			cutoff := time.Now().Add(-rl.window * 2)
+			for ip, entry := range rl.entries {
+				if entry.lastCheck.Before(cutoff) {
+					delete(rl.entries, ip)
+				}
+			}
+			rl.mu.Unlock()
+		}
+	}()
+
+	return rl
+}
+
+func (rl *rateLimiter) allow(ip string) bool {
+	rl.mu.Lock()
+	defer rl.mu.Unlock()
+
+	now := time.Now()
+	entry, exists := rl.entries[ip]
+	if !exists {
+		rl.entries[ip] = &rateLimitEntry{
+			tokens:    rl.limit - 1,
+			lastCheck: now,
+		}
+		return true
+	}
+
+	// Refill tokens based on elapsed time
+	elapsed := now.Sub(entry.lastCheck)
+	rate := rl.limit / rl.window.Seconds()
+	entry.tokens += elapsed.Seconds() * rate
+	if entry.tokens > rl.limit {
+		entry.tokens = rl.limit
+	}
+	entry.lastCheck = now
+
+	if entry.tokens < 1 {
+		return false
+	}
+
+	entry.tokens--
+	return true
+}
+
+// RateLimitMiddleware creates a rate limiter that allows `limit` requests
+// per `window` duration per client IP.
+func RateLimitMiddleware(limit int, window time.Duration) MiddlewareFunc {
+	limiter := newRateLimiter(limit, window)
+
+	return func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		ip := r.RemoteAddr
+		// Strip port from IP
+		if idx := strings.LastIndex(ip, ":"); idx != -1 {
+			ip = ip[:idx]
+		}
+		// Check X-Forwarded-For for proxied requests
+		if forwarded := r.Header.Get("X-Forwarded-For"); forwarded != "" {
+			ip = strings.TrimSpace(strings.Split(forwarded, ",")[0])
+		}
+
+		if !limiter.allow(ip) {
+			w.Header().Set("Retry-After", fmt.Sprintf("%.0f", window.Seconds()))
+			w.Header().Set("X-RateLimit-Limit", fmt.Sprintf("%d", limit))
+			http.Error(w, "Too Many Requests", http.StatusTooManyRequests)
+			return
+		}
+
+		next(w, r)
+	}
+}
+
+// ─── Built-in: Auth Middleware ─────────────────────────────────
+// Checks for an auth token in cookies or the Authorization header.
+// Rejects requests without a valid token.
+
+// AuthConfig configures the auth middleware.
+type AuthConfig struct {
+	CookieName   string                                     // Cookie name to check (e.g. "session")
+	HeaderName   string                                     // Header name to check (e.g. "Authorization")
+	RedirectURL  string                                     // Redirect URL for unauthorized HTML requests (empty = 401 JSON)
+	ValidateFunc func(token string) bool                    // Custom token validation function
+}
+
+func AuthMiddleware(config AuthConfig) MiddlewareFunc {
+	return func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		var token string
+
+		// Check cookie first
+		if config.CookieName != "" {
+			if cookie, err := r.Cookie(config.CookieName); err == nil {
+				token = cookie.Value
+			}
+		}
+
+		// Fall back to header
+		if token == "" && config.HeaderName != "" {
+			header := r.Header.Get(config.HeaderName)
+			// Strip "Bearer " prefix if present
+			if strings.HasPrefix(header, "Bearer ") {
+				token = strings.TrimPrefix(header, "Bearer ")
+			} else {
+				token = header
+			}
+		}
+
+		// No token found
+		if token == "" {
+			handleUnauthorized(w, r, config.RedirectURL)
+			return
+		}
+
+		// Validate the token
+		if config.ValidateFunc != nil && !config.ValidateFunc(token) {
+			handleUnauthorized(w, r, config.RedirectURL)
+			return
+		}
+
+		next(w, r)
+	}
+}
+
+func handleUnauthorized(w http.ResponseWriter, r *http.Request, redirectURL string) {
+	// For API requests, return 401 JSON
+	if strings.HasPrefix(r.URL.Path, "/api/") ||
+		r.Header.Get("Accept") == "application/json" ||
+		r.Header.Get("X-Blumen-Data") == "1" {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusUnauthorized)
+		w.Write([]byte(`{"error":"Unauthorized","message":"Authentication required"}`))
+		return
+	}
+
+	// For page requests, redirect to login page
+	if redirectURL != "" {
+		http.Redirect(w, r, redirectURL, http.StatusTemporaryRedirect)
+		return
+	}
+
+	// Default: 401
+	http.Error(w, "Unauthorized", http.StatusUnauthorized)
+}
+
+// ─── Built-in: Security Headers Middleware ─────────────────────
+// Injects secure HTTP headers on every response.
+// Prevents clickjacking, MIME sniffing, XSS, and enforces HTTPS.
+
+// SecurityConfig configures security headers.
+type SecurityConfig struct {
+	// Content-Security-Policy header value.
+	// Empty string = use default policy.
+	CSP string
+
+	// Strict-Transport-Security max-age in seconds. 0 = disabled.
+	HSTSMaxAge int
+
+	// Whether to include subdomains in HSTS.
+	HSTSIncludeSubdomains bool
+
+	// X-Frame-Options: DENY, SAMEORIGIN, or empty to skip.
+	FrameOptions string
+
+	// Referrer-Policy value.
+	ReferrerPolicy string
+
+	// Permissions-Policy value.
+	PermissionsPolicy string
+}
+
+// DefaultSecurityConfig returns production-ready security header defaults.
+func DefaultSecurityConfig() SecurityConfig {
+	return SecurityConfig{
+		CSP:                   "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https:; font-src 'self' https://fonts.gstatic.com; connect-src 'self' ws: wss:;",
+		HSTSMaxAge:            31536000, // 1 year
+		HSTSIncludeSubdomains: true,
+		FrameOptions:          "DENY",
+		ReferrerPolicy:        "strict-origin-when-cross-origin",
+		PermissionsPolicy:     "camera=(), microphone=(), geolocation=()",
+	}
+}
+
+func SecurityHeadersMiddleware(config SecurityConfig) MiddlewareFunc {
+	return func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		// Prevent MIME type sniffing
+		w.Header().Set("X-Content-Type-Options", "nosniff")
+
+		// XSS protection (legacy, but still useful for older browsers)
+		w.Header().Set("X-XSS-Protection", "1; mode=block")
+
+		// Clickjacking protection
+		if config.FrameOptions != "" {
+			w.Header().Set("X-Frame-Options", config.FrameOptions)
+		}
+
+		// Content Security Policy
+		if config.CSP != "" {
+			w.Header().Set("Content-Security-Policy", config.CSP)
+		}
+
+		// HSTS (only on HTTPS or behind a proxy)
+		if config.HSTSMaxAge > 0 {
+			hsts := fmt.Sprintf("max-age=%d", config.HSTSMaxAge)
+			if config.HSTSIncludeSubdomains {
+				hsts += "; includeSubDomains"
+			}
+			w.Header().Set("Strict-Transport-Security", hsts)
+		}
+
+		// Referrer policy
+		if config.ReferrerPolicy != "" {
+			w.Header().Set("Referrer-Policy", config.ReferrerPolicy)
+		}
+
+		// Permissions policy
+		if config.PermissionsPolicy != "" {
+			w.Header().Set("Permissions-Policy", config.PermissionsPolicy)
+		}
+
+		next(w, r)
+	}
+}
+
+// ─── Built-in: Locale Detection Middleware ─────────────────────
+// Detects the user's preferred locale and injects it as a header
+// for downstream handlers (SSR, static pages, etc.)
+
+// LocaleConfig configures locale detection.
+type LocaleConfig struct {
+	Locales       []string // Supported locale codes (e.g. ["en", "fr", "de"])
+	DefaultLocale string   // Default locale
+}
+
+func LocaleMiddleware(config LocaleConfig) MiddlewareFunc {
+	localeSet := make(map[string]bool)
+	for _, l := range config.Locales {
+		localeSet[l] = true
+	}
+
+	return func(w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
+		locale := config.DefaultLocale
+
+		// 1. Check cookie first
+		if cookie, err := r.Cookie("blumen_locale"); err == nil {
+			if localeSet[cookie.Value] {
+				locale = cookie.Value
+			}
+		}
+
+		// 2. Check Accept-Language header
+		if locale == config.DefaultLocale {
+			if accept := r.Header.Get("Accept-Language"); accept != "" {
+				detected := parseAcceptLanguage(accept, config.Locales)
+				if detected != "" {
+					locale = detected
+				}
+			}
+		}
+
+		// Inject locale into request headers for SSR
+		r.Header.Set("X-Blumen-Locale", locale)
+		w.Header().Set("Content-Language", locale)
+
+		next(w, r)
+	}
+}
+
+// parseAcceptLanguage extracts the best matching locale from the header.
+func parseAcceptLanguage(header string, supported []string) string {
+	supportedSet := make(map[string]bool)
+	for _, l := range supported {
+		supportedSet[l] = true
+	}
+
+	// Parse quality values and sort
+	for _, part := range strings.Split(header, ",") {
+		part = strings.TrimSpace(part)
+		lang := strings.Split(part, ";")[0]
+		lang = strings.TrimSpace(lang)
+
+		// Exact match
+		if supportedSet[lang] {
+			return lang
+		}
+
+		// Prefix match (en-US → en)
+		prefix := strings.Split(lang, "-")[0]
+		if supportedSet[prefix] {
+			return prefix
+		}
+	}
+
+	return ""
+}