starred/godoxy-yusing
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2026-04-20 23:41:23 +02:00
Code Issues 18 Packages Projects Releases 10 Wiki Activity

feat: add event emission for blocked requests and provider changes

Browse Source 
- Emit ACL blocked events with matched rule information
- Emit HTTP blocked events from CIDR whitelist, ForwardAuth, and OIDC middlewares
- Emit global events for provider file/docker changes
- Add MatchedIndex method to ACL matchers for rule identification
- Update goutils submodule for events package update
This commit is contained in:
yusing
2026-02-15 16:48:39 +08:00
parent 1244af0e38
commit 0acedb034a
8 changed files with 69 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/net/gphttp/middleware/cidr_whitelist.go
View File

@@ -8,6 +8,7 @@ import (
"github.com/puzpuzpuz/xsync/v4"
nettypes "github.com/yusing/godoxy/internal/net/types"
"github.com/yusing/godoxy/internal/serialization"
httpevents "github.com/yusing/goutils/events/http"
httputils "github.com/yusing/goutils/http"
)
@@ -71,6 +72,7 @@ func (wl *cidrWhitelist) checkIP(w http.ResponseWriter, r *http.Request) bool {
}
}
if !allow {
defer httpevents.Blocked(r, "CIDRWhitelist", "IP not allowed")
http.Error(w, wl.Message, wl.StatusCode)
return false
}

5
internal/net/gphttp/middleware/forwardauth.go
View File

@@ -3,12 +3,14 @@ package middleware
import (
"context"
"errors"
"fmt"
"net"
"net/http"
"strings"
"time"
entrypoint "github.com/yusing/godoxy/internal/entrypoint/types"
httpevents "github.com/yusing/goutils/events/http"
httputils "github.com/yusing/goutils/http"
"github.com/yusing/goutils/http/httpheaders"
)
@@ -92,6 +94,8 @@ func (m *forwardAuthMiddleware) before(w http.ResponseWriter, r *http.Request) (
defer resp.Body.Close()
if resp.StatusCode < http.StatusOK || resp.StatusCode >= http.StatusMultipleChoices {
defer httpevents.Blocked(r, "ForwardAuth", fmt.Sprintf("HTTP %d", resp.StatusCode))
body, release, err := httputils.ReadAllBody(resp)
defer release(body)
@@ -100,7 +104,6 @@ func (m *forwardAuthMiddleware) before(w http.ResponseWriter, r *http.Request) (
w.WriteHeader(http.StatusInternalServerError)
return false
}
httpheaders.CopyHeader(w.Header(), resp.Header)
httpheaders.RemoveHopByHopHeaders(w.Header())

5
internal/net/gphttp/middleware/oidc.go
View File

@@ -9,6 +9,7 @@ import (
"github.com/rs/zerolog/log"
"github.com/yusing/godoxy/internal/auth"
httpevents "github.com/yusing/goutils/events/http"
"github.com/yusing/goutils/http/httpheaders"
)
@@ -118,6 +119,10 @@ func (amw *oidcMiddleware) before(w http.ResponseWriter, r *http.Request) (proce
return true
}
if r.Method != http.MethodHead {
defer httpevents.Blocked(r, "OIDC", err.Error())
}
isGet := r.Method == http.MethodGet
isWS := httpheaders.IsWebsocket(r.Header)
switch {