pgweb/pkg/api/middleware.go

package api

import (
	"strings"

	"github.com/gin-gonic/gin"

	"github.com/sosedoff/pgweb/pkg/command"
)

// Middleware to check database connection status before running queries
func dbCheckMiddleware() gin.HandlerFunc {
	return func(c *gin.Context) {
		path := strings.Replace(c.Request.URL.Path, command.Opts.Prefix, "", -1)

		// Allow whitelisted paths
		if allowedPaths[path] {
			c.Next()
			return
		}

		// Check if session exists in single-session mode
		if !command.Opts.Sessions {
			if DbClient == nil {
				badRequest(c, errNotConnected)
				return
			}

			c.Next()
			return
		}

		// Determine session ID from the client request
		sid := getSessionId(c.Request)
		if sid == "" {
			badRequest(c, errSessionRequired)
			return
		}

		// Determine the database connection handle for the session
		conn := DbSessions.Get(sid)
		if conn == nil {
			badRequest(c, errNotConnected)
			return
		}

		c.Next()
	}
}

// Middleware to inject CORS headers
func corsMiddleware() gin.HandlerFunc {
	return func(c *gin.Context) {
		c.Header("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
		c.Header("Access-Control-Expose-Headers", "*")
		c.Header("Access-Control-Allow-Origin", command.Opts.CorsOrigin)
	}
}

func requireLocalQueries() gin.HandlerFunc {
	return func(c *gin.Context) {
		if QueryStore == nil {
			badRequest(c, "local queries are disabled")
			return
		}

		c.Next()
	}
}
Move api middleware into its own file 2016-01-10 15:03:33 -06:00			`package api`

			`import (`
Add ability to launch pgweb with url prefix 2016-02-19 21:14:56 -06:00			`"strings"`
Move api middleware into its own file 2016-01-10 15:03:33 -06:00
			`"github.com/gin-gonic/gin"`

			`"github.com/sosedoff/pgweb/pkg/command"`
			`)`

Refactor api package 2018-11-30 21:40:28 -06:00			`// Middleware to check database connection status before running queries`
Move api middleware into its own file 2016-01-10 15:03:33 -06:00			`func dbCheckMiddleware() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
Add ability to launch pgweb with url prefix 2016-02-19 21:14:56 -06:00			`path := strings.Replace(c.Request.URL.Path, command.Opts.Prefix, "", -1)`

Refactor api package 2018-11-30 21:40:28 -06:00			`// Allow whitelisted paths`
			`if allowedPaths[path] {`
Move api middleware into its own file 2016-01-10 15:03:33 -06:00			`c.Next()`
			`return`
			`}`

Refactor api package 2018-11-30 21:40:28 -06:00			`// Check if session exists in single-session mode`
Move api middleware into its own file 2016-01-10 15:03:33 -06:00			`if !command.Opts.Sessions {`
			`if DbClient == nil {`
Code formatting and cleanup (#442) * Formatting, extract error messages * More refactor * Move errors to a separate file * Add missing file * Misc 2019-09-29 12:16:42 -05:00			`badRequest(c, errNotConnected)`
Move api middleware into its own file 2016-01-10 15:03:33 -06:00			`return`
			`}`

			`c.Next()`
			`return`
			`}`

Refactor api package 2018-11-30 21:40:28 -06:00			`// Determine session ID from the client request`
Code formatting and cleanup (#442) * Formatting, extract error messages * More refactor * Move errors to a separate file * Add missing file * Misc 2019-09-29 12:16:42 -05:00			`sid := getSessionId(c.Request)`
			`if sid == "" {`
			`badRequest(c, errSessionRequired)`
Move api middleware into its own file 2016-01-10 15:03:33 -06:00			`return`
			`}`

Refactor api package 2018-11-30 21:40:28 -06:00			`// Determine the database connection handle for the session`
Add internal sessions manager 2022-12-02 13:36:31 -06:00			`conn := DbSessions.Get(sid)`
Move api middleware into its own file 2016-01-10 15:03:33 -06:00			`if conn == nil {`
Code formatting and cleanup (#442) * Formatting, extract error messages * More refactor * Move errors to a separate file * Add missing file * Misc 2019-09-29 12:16:42 -05:00			`badRequest(c, errNotConnected)`
Move api middleware into its own file 2016-01-10 15:03:33 -06:00			`return`
			`}`

			`c.Next()`
			`}`
			`}`

Refactor api package 2018-11-30 21:40:28 -06:00			`// Middleware to inject CORS headers`
Add support for CORS 2017-11-15 15:26:31 -06:00			`func corsMiddleware() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`c.Header("Access-Control-Allow-Methods", "GET, POST, OPTIONS")`
			`c.Header("Access-Control-Expose-Headers", "*")`
Change CORS to Cors on CLI options, specify origins as an option 2017-11-16 22:10:14 -06:00			`c.Header("Access-Control-Allow-Origin", command.Opts.CorsOrigin)`
Add support for CORS 2017-11-15 15:26:31 -06:00			`}`
			`}`
Local queries (#641) * Read local queries from pgweb home directory * Refactor local query functionality * Allow picking local query in the query tab * WIP * Disable local query dropdown during execution * Only allow local queries running in a single session mode * Add middleware to enforce local query endpoint availability * Fix query check * Add query store tests * Make query store errors portable * Skip building specific tests on windows 2023-02-02 16:13:14 -06:00
			`func requireLocalQueries() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`if QueryStore == nil {`
			`badRequest(c, "local queries are disabled")`
			`return`
			`}`

			`c.Next()`
			`}`
			`}`