diff --git a/go.mod b/go.mod index 6d1e469..213bdb0 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,10 @@ go 1.19 require ( github.com/go-chi/chi/v5 v5.0.8 + github.com/go-chi/cors v1.2.1 + github.com/go-chi/httprate v0.7.0 github.com/go-chi/jwtauth/v5 v5.1.0 + github.com/lestrrat-go/jwx/v2 v2.0.6 github.com/rs/xid v1.4.0 golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f gorm.io/driver/sqlite v1.4.3 @@ -12,6 +15,7 @@ require ( ) require ( + github.com/cespare/xxhash/v2 v2.1.2 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 // indirect github.com/goccy/go-json v0.9.11 // indirect github.com/jinzhu/inflection v1.0.0 // indirect @@ -20,7 +24,6 @@ require ( github.com/lestrrat-go/httpcc v1.0.1 // indirect github.com/lestrrat-go/httprc v1.0.4 // indirect github.com/lestrrat-go/iter v1.0.2 // indirect - github.com/lestrrat-go/jwx/v2 v2.0.6 // indirect github.com/lestrrat-go/option v1.0.0 // indirect github.com/mattn/go-sqlite3 v1.14.15 // indirect ) diff --git a/go.sum b/go.sum index 7f54fac..b59458e 100644 --- a/go.sum +++ b/go.sum @@ -1,3 +1,5 @@ +github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= +github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -6,6 +8,10 @@ github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 h1:HbphB4TFFXpv7MNrT52FGrrgVXF1 github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0/go.mod h1:DZGJHZMqrU4JJqFAWUS2UO1+lbSKsdiOoYi9Zzey7Fc= github.com/go-chi/chi/v5 v5.0.8 h1:lD+NLqFcAi1ovnVZpsnObHGW4xb4J8lNmoYVfECH1Y0= github.com/go-chi/chi/v5 v5.0.8/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= +github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4= +github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58= +github.com/go-chi/httprate v0.7.0 h1:8W0dF7Xa2Duz2p8ncGaehIphrxQGNlOtoGY0+NRRfjQ= +github.com/go-chi/httprate v0.7.0/go.mod h1:6GOYBSwnpra4CQfAKXu8sQZg+nZ0M1g9QnyFvxrAB8A= github.com/go-chi/jwtauth/v5 v5.1.0 h1:wJyf2YZ/ohPvNJBwPOzZaQbyzwgMZZceE1m8FOzXLeA= github.com/go-chi/jwtauth/v5 v5.1.0/go.mod h1:MA93hc1au3tAQwCKry+fI4LqJ5MIVN4XSsglOo+lSc8= github.com/goccy/go-json v0.9.11 h1:/pAaQDLHEoCq/5FFmSKBswWmK6H0e8g4159Kc/X/nqk= diff --git a/main.go b/main.go index 8c23778..f69205d 100644 --- a/main.go +++ b/main.go @@ -3,20 +3,58 @@ package main import ( "github.com/go-chi/chi/v5" "github.com/go-chi/chi/v5/middleware" + "github.com/go-chi/cors" + "github.com/go-chi/httprate" "hupeh.vip/pricing/app" "log" "net/http" + "time" ) + func main() { app.ConfigLogger("debug.log", app.LogWhenMinute) app.ConfigGormDB() r := chi.NewRouter() + r.Use(middleware.Logger) - r.Get("/goods", app.Handler(app.GetGoodsList)) - r.Post("/goods", app.Handler(app.CreateGoods)) - r.Get("/goods/:id/prices", app.Handler(app.GetGoodsPrices)) - r.Post("/goods/:id", app.Handler(app.UpdateGoods)) + r.Use(middleware.Recoverer) + r.Use(middleware.NoCache) + r.Use(middleware.Throttle(15)) + r.Use(middleware.Heartbeat("/")) + + //r.Use(middleware.RouteHeaders(). + // Route("Host", "example.com", middleware.New(r)). + // Route("Host", "*.example.com", middleware.New(rSubdomain)). + // Handler) + + // Enable httprate request limiter of 100 requests per minute. + // + // In the code example below, rate-limiting is bound to the request IP address + // via the LimitByIP middleware handler. + // + // To have a single rate-limiter for all requests, use httprate.LimitAll(..). + // + // Please see _example/main.go for other more, or read the library code. + r.Use(httprate.LimitByIP(100, 1*time.Minute)) + + // mounting net/http/pprof + r.Mount("/debug", middleware.Profiler()) + + // 允许跨域 + // see: https://developer.github.com/v3/#cross-origin-resource-sharing + r.Use(cors.Handler(cors.Options{ + //AllowedOrigins: []string{"https://foo.com"}, // Use this to allow specific origin hosts + //AllowedOrigins: []string{"https://*", "http://*"}, + AllowOriginFunc: func(r *http.Request, origin string) bool { return true }, + AllowedMethods: []string{"GET", "HEAD", "PATCH", "POST", "PUT", "DELETE", "OPTIONS"}, + AllowedHeaders: []string{"Accept", "Authorization", "Content-Type", "X-CSRF-Token"}, + ExposedHeaders: []string{"Link"}, + AllowCredentials: false, + MaxAge: 300, // Maximum value not ignored by any of major browsers + })) + + app.RegisterRoutes(r) if err := http.ListenAndServe(":3000", r); err != nil { log.Fatalln(err)