README
¶
bebo
bebo is a batteries-included Go framework focused on building REST APIs and server-rendered web apps with a lightweight custom router. Desktop support is available via Fyne.
Status
- v0.1 release with custom router, middleware, JSON/HTML rendering, config defaults, static assets, and examples.
- Desktop helpers live in
desktop/and depend on Fyne.
Requirements
- Go 1.25 (as requested). If you are on a released Go toolchain, downgrade the
godirective ingo.mod.
Features
- Custom router with params (
/users/:id), wildcards (/assets/*path), groups, and host-based routing - Method-not-allowed handling
- Named routes + path/query helpers
- Middleware chain (request ID, recovery, logging, CORS, body limit, timeout, auth, rate limiting)
- Rate limiting (in-memory + Redis token bucket) with per-route policies
- Security headers, IP allow/deny, CSRF protection
- Security helpers: CSP builder, secure cookies, rotating JWT keys
- Cookie-based sessions + memory/redis/postgres stores
- Redis cache adapter
- Flash messages (session-backed) + CSRF template helpers
- Method override for HTML forms (PUT/PATCH/DELETE)
- Compression (gzip) + response ETag + cache control
- JSON and HTML rendering with layouts, template funcs, partials, reload, and embedded templates
- HTML error pages with configurable templates
- Health/ready checks registry
- Static file helper with cache headers + ETag (disk or fs.FS)
- Metrics registry + JSON handler + histogram buckets + Prometheus exporter
- Tracing hooks middleware + optional OpenTelemetry adapter
- Observability: structured access logs (trace/span IDs, request/response bytes) + auth-gated pprof endpoints
- Request metadata propagation helpers (traceparent/request IDs)
- Realtime (SSE/WebSocket) helpers
- OpenAPI builder + JSON handler
- HTTP client utilities (timeouts, retries, backoff, circuit breaker)
- Background job runner (in-process queue, retries/backoff, dead-letter hooks)
- Form/multipart binding + file upload helpers
- Config defaults + env overrides + JSON config loader + layered profiles (base/env/secrets) with validation
- Validation helpers (including struct tags, non-string fields, and custom validators)
- Extensibility registry + auth/cache/validation hooks
- Optional integrations as submodules (redis/postgres/otel)
- Graceful shutdown helpers
- Minimal CLI generator + migration commands
- DB helpers + SQL migrations runner
Quick Start (API)
package main
import (
"net/http"
"github.com/devmarvs/bebo"
"github.com/devmarvs/bebo/middleware"
)
func main() {
app := bebo.New()
app.Use(middleware.RequestID(), middleware.Recover(), middleware.Logger())
app.GET("/health", func(ctx *bebo.Context) error {
return ctx.JSON(http.StatusOK, map[string]string{"status": "ok"})
})
_ = app.RunWithSignals()
}
Routing & Groups
api := app.Group("/api", middleware.RequestID())
v1 := api.Group("/v1")
v1.GET("/users/:id", handler)
// Or use version helper for /api/v1
app.Version("v1").GET("/health", handler)
Host-Based Routing
app.Route("GET", "/", handler, bebo.WithHost("example.com"))
app.Route("GET", "/", handler, bebo.WithHost("*.example.com"))
Named Routes
app.Route("GET", "/users/:id", handler, bebo.WithName("user.show"))
path, _ := app.Path("user.show", map[string]string{"id": "42"})
path, _ = app.PathWithQuery("user.show", map[string]string{"id": "42"}, map[string]string{"q": "test"})
OpenAPI
spec := openapi.New(openapi.Info{Title: "bebo app", Version: "v0.1"})
_ = app.AddOpenAPIRoutes(spec, bebo.WithOpenAPIIncludeUnnamed(false))
app.GET("/openapi.json", func(ctx *bebo.Context) error {
openapi.Handler(spec.Document()).ServeHTTP(ctx.ResponseWriter, ctx.Request)
return nil
})
Static Assets
app.Static("/static", "./public")
app.StaticFS("/static", staticFS)
Middleware Examples
app.Use(
middleware.CORS(middleware.CORSOptions{AllowedOrigins: []string{"https://example.com"}}),
middleware.BodyLimit(2<<20),
middleware.Timeout(5*time.Second),
middleware.SecurityHeaders(middleware.DefaultSecurityHeaders()),
middleware.Gzip(0),
)
limiter := middleware.NewLimiter(5, 10)
app.GET("/reports", reportsHandler, middleware.RateLimit(limiter))
Middleware Options
logOpts := middleware.DefaultLoggerOptions()
logOpts.SkipPaths = []string{"/health"}
logOpts.SampleRate = 0.2
app.Use(middleware.LoggerWithOptions(logOpts))
metricsOpts := middleware.DefaultMetricsOptions(registry)
metricsOpts.SkipPaths = []string{"/metrics"}
app.Use(middleware.MetricsWithOptions(metricsOpts))
traceOpts := middleware.DefaultTraceOptions(tracer)
traceOpts.SkipPaths = []string{"/metrics"}
traceOpts.SampleRate = 0.2
app.Use(middleware.TraceWithOptions(traceOpts))
Rate Limiting (Redis + Policies)
redisLimiter := middleware.NewRedisLimiter(5, 10, middleware.RedisLimiterOptions{Address: "127.0.0.1:6379"})
policies, _ := middleware.NewRateLimitPolicies([]middleware.RateLimitPolicy{
{
Method: http.MethodGet,
Path: "/reports/:id",
Allow: func(ctx *bebo.Context, key string) (bool, error) {
return redisLimiter.Allow(ctx.Request.Context(), key)
},
},
})
app.Use(policies.Middleware())
Request Metadata Propagation
app.Use(middleware.RequestID(), middleware.RequestContext())
runner := tasks.New(tasks.DefaultOptions())
runner.Start(context.Background())
app.POST("/jobs", func(ctx *bebo.Context) error {
runner.Enqueue(tasks.Job{
Context: ctx.Request.Context(),
Handler: func(jobCtx context.Context) error {
logger := bebo.LoggerFromContext(jobCtx, slog.Default())
logger.Info("job started")
return nil
},
})
return ctx.Text(http.StatusAccepted, "queued")
})
Use bebo.InjectRequestMetadata to copy headers to outgoing HTTP requests, or enable client propagation:
client := httpclient.NewClient(httpclient.ClientOptions{
Timeout: 10 * time.Second,
Retry: httpclient.DefaultRetryOptions(),
PropagateMetadata: true,
})
_ = client
CSRF
app.Use(middleware.CSRF(middleware.CSRFOptions{}))
app.POST("/submit", func(ctx *bebo.Context) error {
token := middleware.CSRFToken(ctx)
_ = token
return ctx.Text(http.StatusOK, "ok")
})
CSP Builder
policy := security.NewCSP().
DefaultSrc("'self'").
ScriptSrc("'self'", "cdn.example.com").
UpgradeInsecureRequests()
app.Use(middleware.SecurityHeaders(middleware.SecurityHeadersOptions{
ContentSecurityPolicy: policy.String(),
}))
Secure Cookies
cookie := security.NewSecureCookie("session", "value", security.CookieOptions{})
http.SetCookie(ctx.ResponseWriter, cookie)
Method Override (HTML forms)
app.UsePre(middleware.MethodOverride(middleware.MethodOverrideOptions{}))
Forms can send a hidden _method field to trigger PUT/PATCH/DELETE.
IP Allow/Deny
filter, _ := middleware.IPFilter(middleware.IPFilterOptions{Allow: []string{"127.0.0.1"}})
app.Use(filter)
Sessions
cookieStore := session.NewCookieStore("bebo_session", []byte("secret"))
memoryStore := session.NewMemoryStore("bebo_session", 30*time.Minute)
app.GET("/profile", func(ctx *bebo.Context) error {
sess, _ := cookieStore.Get(ctx.Request)
sess.Set("user_id", "123")
_ = sess.Save(ctx.ResponseWriter)
return ctx.Text(http.StatusOK, "ok")
})
Persistent Sessions (Redis/Postgres)
redisStore := session.NewRedisStore(session.RedisOptions{
Address: "127.0.0.1:6379",
TTL: 30 * time.Minute,
})
pgStore, _ := session.NewPostgresStore(session.PostgresOptions{
DB: db,
TTL: 30 * time.Minute,
Table: "bebo_sessions",
})
_ = pgStore.EnsureTable(context.Background())
Note: Postgres requires a driver (pgx/pq) in your app.
Cache (Redis)
store := cache.NewRedisStore(cache.RedisOptions{
Address: "127.0.0.1:6379",
DefaultTTL: 5 * time.Minute,
})
_ = store.Set(context.Background(), "user:1", []byte("cached"), 0)
Metrics
registry := metrics.New()
app.Use(middleware.Metrics(registry))
custom := metrics.NewWithBuckets([]time.Duration{5 * time.Millisecond, 25 * time.Millisecond, 100 * time.Millisecond, 500 * time.Millisecond, time.Second})
_ = custom
app.GET("/metrics", func(ctx *bebo.Context) error {
metrics.PrometheusHandler(registry).ServeHTTP(ctx.ResponseWriter, ctx.Request)
return nil
})
Use metrics.Handler(registry) for JSON snapshots.
Pprof (Authenticated)
authenticator := auth.JWTAuthenticator{Key: []byte("secret")}
_ = pprof.Register(app, authenticator)
Health & Readiness
registry := health.New(health.WithTimeout(500 * time.Millisecond))
registry.Add("db", func(ctx context.Context) error {
return db.PingContext(ctx)
})
registry.AddReady("cache", func(ctx context.Context) error {
return cache.Ping(ctx)
})
app.GET("/healthz", func(ctx *bebo.Context) error {
registry.Handler().ServeHTTP(ctx.ResponseWriter, ctx.Request)
return nil
})
app.GET("/readyz", func(ctx *bebo.Context) error {
registry.ReadyHandler().ServeHTTP(ctx.ResponseWriter, ctx.Request)
return nil
})
HTTP Client
breaker := httpclient.NewCircuitBreaker(httpclient.CircuitBreakerOptions{
MaxFailures: 5,
ResetTimeout: 30 * time.Second,
})
client := httpclient.NewClient(httpclient.ClientOptions{
Timeout: 10 * time.Second,
Retry: httpclient.DefaultRetryOptions(),
Breaker: breaker,
PropagateMetadata: true,
})
Background Jobs
runner := tasks.New(tasks.DefaultOptions())
runner.Start(context.Background())
_ = runner.Enqueue(tasks.Job{
Name: "sync-users",
Context: context.Background(),
Handler: func(ctx context.Context) error {
return nil
},
})
Realtime (SSE/WebSocket)
app.GET("/events", func(ctx *bebo.Context) error {
stream, err := realtime.StartSSE(ctx, realtime.SSEOptions{})
if err != nil {
return err
}
return stream.Send(realtime.SSEMessage{Event: "status", Data: "ok"})
})
app.GET("/ws", func(ctx *bebo.Context) error {
conn, err := realtime.Upgrade(ctx, realtime.WebSocketOptions{})
if err != nil {
return err
}
defer conn.Close()
for {
msg, err := conn.ReadText()
if err != nil {
return err
}
_ = conn.WriteText("echo: " + msg)
}
})
OpenTelemetry (optional)
OpenTelemetry support lives behind the otel build tag. Add the OpenTelemetry SDK to your project and build with -tags otel.
tracer, _ := otel.NewTracer("bebo")
app.Use(middleware.Trace(tracer))
Auth Scaffolding
type TokenAuth struct{}
func (a TokenAuth) Authenticate(ctx *bebo.Context) (*bebo.Principal, error) {
token := ctx.Request.Header.Get("Authorization")
if token == "" {
return nil, nil
}
return &bebo.Principal{ID: "user-1"}, nil
}
app.GET("/private", privateHandler, middleware.RequireAuth(TokenAuth{}))
JWT Auth
authenticator := auth.JWTAuthenticator{
Key: []byte("secret"),
Issuer: "bebo",
Audience: "api",
}
app.GET("/private", privateHandler, middleware.RequireAuth(authenticator))
Rotating keys:
keys := auth.JWTKeySet{
Primary: auth.JWTKey{ID: "v2", Secret: []byte("new")},
Fallback: []auth.JWTKey{
{ID: "v1", Secret: []byte("old")},
},
}
// Use keys.Sign to mint tokens with the primary key.
_ = keys
rotating := auth.JWTAuthenticator{KeySet: &keys}
app.GET("/private", privateHandler, middleware.RequireAuth(rotating))
Request Binding
type Signup struct {
Email string `form:"email"`
Age int `form:"age"`
}
var form Signup
if err := ctx.BindForm(&form); err != nil {
return err
}
file, _ := ctx.FormFile("avatar", bebo.DefaultMultipartMemory)
_ = ctx.SaveUploadedFile(file, "/tmp/"+file.Filename)
Web Templating
Templates live in a directory (default *.html). If LayoutTemplate is set, each page template should define "content" and the layout should template "content".
resolver := assets.NewResolver("./public")
app := bebo.New(
bebo.WithTemplateReload(true),
bebo.WithTemplateFuncs(render.FuncMap{
"asset": resolver.Func(),
}),
)
See the runnable example:
examples/web
Template Helpers (CSRF + Flash)
store := flash.New(session.NewCookieStore("bebo_session", []byte("secret")))
app := bebo.New(
bebo.WithTemplateFuncs(web.Funcs()),
)
app.Use(middleware.CSRF(middleware.CSRFOptions{}))
app.GET("/", func(ctx *bebo.Context) error {
view, err := web.TemplateDataFrom(ctx, &store, pageData)
if err != nil {
return err
}
return ctx.HTML(http.StatusOK, "home.html", view)
})
Template usage:
<form method="post">
{{ csrfField .CSRFToken }}
</form>
<ul>
{{ range .Flash }}
<li class="flash-{{ .Type }}">{{ .Text }}</li>
{{ end }}
</ul>
Template Partials
Enable nested templates and partial discovery. By default, files under partials/ or prefixed with _ are treated as partials when subdir loading is enabled.
app := bebo.New(
bebo.WithTemplateSubdirs(true),
bebo.WithTemplatePartials("partials/**/*.html", "_*.html"),
)
Embedded Templates & Assets
import (
"embed"
"io/fs"
)
//go:embed templates/* static/*
var embedded embed.FS
tmplFS, _ := fs.Sub(embedded, "templates")
staticFS, _ := fs.Sub(embedded, "static")
app := bebo.New(
bebo.WithTemplateFS(tmplFS, "."),
bebo.WithTemplateFSDevDir("templates"),
bebo.WithTemplateReload(true),
)
app.StaticFS("/static", staticFS)
HTML Error Pages
If your error templates live in nested directories, enable bebo.WithTemplateSubdirs(true). Error templates receive ErrorPageData with a nested Error envelope and RequestID.
app := bebo.New(
bebo.WithRenderer(engine),
bebo.WithErrorTemplates(map[int]string{
http.StatusNotFound: "errors/404.html",
http.StatusInternalServerError: "errors/500.html",
0: "errors/default.html",
}),
)
Desktop (Fyne)
The desktop package is optional but included:
examples/desktop
Helpers cover window icons, menus, and tray menus via desktop.WindowConfig.
To package a desktop app with an icon:
fyne package -os darwin -icon path/to/icon.png
Fyne is declared in go.mod for the desktop helpers.
Configuration
Defaults are in config.Default() or bebo.DefaultConfig(). You can apply env overrides:
cfg := bebo.ConfigFromEnv("BEBO_", bebo.DefaultConfig())
Load JSON config layered with env:
cfg, err := bebo.LoadConfig("config.json", "BEBO_")
Load layered profiles (base + env + secrets) with validation:
profile := bebo.ConfigProfile{
BasePath: "config/base.json",
EnvPath: "config/production.json",
SecretsPath: "config/secrets.json",
EnvPrefix: "BEBO_",
}
cfg, err := bebo.LoadConfigProfile(profile)
Typed loaders are available via config.Loader[T] for custom config structs.
Env keys include: ADDRESS, READ_TIMEOUT, WRITE_TIMEOUT, TEMPLATES_DIR, LAYOUT_TEMPLATE, TEMPLATE_RELOAD.
Versioning
See VERSIONING.md, DEPRECATION.md, and CHANGELOG.md.
Docs
- Security:
SECURITY.md - Hardening:
docs/hardening.md - Authentication defaults:
docs/authentication.md - Secrets checklist:
docs/secrets.md - Crypto/key rotation:
docs/crypto-keys.md - Production runbook:
docs/runbook.md - Scaling:
docs/scaling.md - Timeouts & circuit breakers:
docs/timeouts.md - Config profiles:
docs/config-profiles.md - Extensibility:
docs/extensibility.md - Integrations:
docs/integrations.md - Project structure:
docs/project-structure.md - Scaffolding upgrades:
docs/scaffolding-upgrades.md - Testing:
docs/testing.md - Migration guide:
docs/migration-guide.md - Deployment examples:
deploy/docker/Dockerfile,deploy/k8s/ - CRUD app example:
examples/crud(runbook:examples/crud/RUNBOOK.md)
CLI
bebo new ./myapp -module github.com/me/myapp -web -template -profile
bebo route add -method GET -path /users/:id -name user.show
bebo crud new users -dir handlers -package handlers -templates templates
bebo migrate new -dir ./migrations -name create_users
bebo migrate plan -dir ./migrations
Supports -api, -web, and -desktop scaffolds.
DB Helpers
helper := db.Helper{Timeout: 2 * time.Second}
_, _ = helper.Exec(context.Background(), dbConn, "SELECT 1")
repo := db.NewRepository(dbConn, 2*time.Second)
limit, offset := db.Pagination{Page: 1, Size: 25}.LimitOffset()
query, args, _ := db.Select("id", "name").From("users").Where("active = ?", true).Build()
_ = limit
_ = offset
_ = query
_ = args
logged := db.WithQueryHook(dbConn, func(ctx context.Context, q string, args []any, d time.Duration, err error) {})
_ = logged
Migrations
runner := migrate.New(db, "./migrations")
runner.Locker = migrate.AdvisoryLocker{ID: 42, Timeout: 5 * time.Second}
_, _ = runner.Up(context.Background())
Files use 0001_name.up.sql and 0001_name.down.sql.
Layout
app.go,context.go: core app and request contextrouter/: custom router implementationmiddleware/: built-in middlewarerender/: JSON and HTML renderingassets/: cache-busting asset helpercompat/: backwards-compatibility testscache/: Redis cache adapterredis/: shared Redis clientsecurity/: CSP builder + secure cookiesweb/: template helpers (csrf + flash)config/: config defaults + env overrides + JSON loader + profilesvalidate/: basic validation helpersmetrics/: request metrics + Prometheus exporterpprof/: authenticated pprof endpointshealth/: health and readiness checkssession/: cookie-backed sessions + memory storeflash/: flash messagesauth/: JWT authenticator helperopenapi/: OpenAPI builder + handlerotel/: OpenTelemetry adapter (build tag)httpclient/: HTTP client utilities (retry/backoff/breaker)tasks/: background jobs runnerrealtime/: SSE + WebSocket helpersdb/: database helpersmigrate/: SQL migration runnerdesktop/: Fyne helpersdocs/: security, runbooks, and guidesdeploy/: container and Kubernetes examplesintegrations/: optional submodules (redis/postgres/otel)examples/: API, web, desktop, and CRUD samples
Roadmap
See ROADMAP.md.
Documentation
¶
Index ¶
- Constants
- Variables
- func ConfigFromEnv(prefix string, base config.Config) config.Config
- func ConfigFromFile(path string, base config.Config) (config.Config, error)
- func DefaultConfig() config.Config
- func InjectRequestMetadata(r *http.Request, metadata RequestMetadata)
- func InjectRequestMetadataIfMissing(r *http.Request, metadata RequestMetadata)
- func LoadConfig(path, envPrefix string) (config.Config, error)
- func LoadConfigProfile(profile config.Profile) (config.Config, error)
- func NewRequestID() string
- func RequestIDFromHeader(r *http.Request) string
- func SetPrincipal(ctx *Context, principal *Principal)
- func TraceIDs(traceparent string) (string, string, bool)
- func ValidateConfig(cfg config.Config) error
- func WithRequestMetadata(ctx context.Context, metadata RequestMetadata) context.Context
- type App
- func (a *App) AddOpenAPIRoutes(builder *openapi.Builder, options ...OpenAPIOption) error
- func (a *App) AuthHooks() AuthHooks
- func (a *App) DELETE(path string, handler Handler, middleware ...Middleware)
- func (a *App) GET(path string, handler Handler, middleware ...Middleware)
- func (a *App) Group(prefix string, middleware ...Middleware) *Group
- func (a *App) HEAD(path string, handler Handler, middleware ...Middleware)
- func (a *App) Handle(method, path string, handler Handler, middleware ...Middleware)
- func (a *App) ListenAndServe() error
- func (a *App) ListenAndServeTLS(certFile, keyFile string) error
- func (a *App) PATCH(path string, handler Handler, middleware ...Middleware)
- func (a *App) POST(path string, handler Handler, middleware ...Middleware)
- func (a *App) PUT(path string, handler Handler, middleware ...Middleware)
- func (a *App) Path(name string, params map[string]string) (string, bool)
- func (a *App) PathWithQuery(name string, params map[string]string, query map[string]string) (string, bool)
- func (a *App) Registry() *Registry
- func (a *App) Route(method, path string, handler Handler, options ...RouteOption)
- func (a *App) RouteInfo(name string) (RouteInfo, bool)
- func (a *App) Routes() []RouteInfo
- func (a *App) RoutesAll() []RouteInfo
- func (a *App) Run(ctx context.Context) error
- func (a *App) RunWithSignals() error
- func (a *App) ServeHTTP(w http.ResponseWriter, r *http.Request)
- func (a *App) SetAuthHooks(hooks AuthHooks)
- func (a *App) ShutdownTimeout() time.Duration
- func (a *App) Static(prefix, dir string, options ...StaticOption)
- func (a *App) StaticFS(prefix string, fsys fs.FS, options ...StaticOption)
- func (a *App) Use(middleware ...Middleware)
- func (a *App) UsePre(middleware ...PreMiddleware)
- func (a *App) Version(version string, middleware ...Middleware) *Group
- type AuthHooks
- type Authenticator
- type AuthenticatorFactory
- type Authorizer
- type CacheFactory
- type Config
- type ConfigProfile
- type Context
- func (c *Context) App() *App
- func (c *Context) AuthHooks() AuthHooks
- func (c *Context) BindForm(dst any) error
- func (c *Context) BindJSON(dst any) error
- func (c *Context) BindMultipart(dst any, maxMemory int64) error
- func (c *Context) FormFile(name string, maxMemory int64) (*multipart.FileHeader, error)
- func (c *Context) Get(key string) (any, bool)
- func (c *Context) HTML(status int, name string, data any) error
- func (c *Context) JSON(status int, payload any) error
- func (c *Context) Logger() Logger
- func (c *Context) Param(name string) string
- func (c *Context) ParamBool(name string) (bool, error)
- func (c *Context) ParamInt(name string) (int, error)
- func (c *Context) ParamInt64(name string) (int64, error)
- func (c *Context) Query(name string) string
- func (c *Context) QueryBool(name string) (bool, error)
- func (c *Context) QueryInt(name string) (int, error)
- func (c *Context) QueryInt64(name string) (int64, error)
- func (c *Context) Render(status int, fn render.RenderFunc) error
- func (c *Context) RequestID() string
- func (c *Context) SaveUploadedFile(file *multipart.FileHeader, dst string) error
- func (c *Context) Set(key string, value any)
- func (c *Context) Text(status int, message string) error
- type ErrorEnvelope
- type ErrorHandler
- type ErrorPageData
- type Group
- func (g *Group) DELETE(path string, handler Handler, middleware ...Middleware)
- func (g *Group) GET(path string, handler Handler, middleware ...Middleware)
- func (g *Group) Group(prefix string, middleware ...Middleware) *Group
- func (g *Group) HEAD(path string, handler Handler, middleware ...Middleware)
- func (g *Group) Handle(method, path string, handler Handler, middleware ...Middleware)
- func (g *Group) PATCH(path string, handler Handler, middleware ...Middleware)
- func (g *Group) POST(path string, handler Handler, middleware ...Middleware)
- func (g *Group) PUT(path string, handler Handler, middleware ...Middleware)
- func (g *Group) Route(method, path string, handler Handler, options ...RouteOption)
- type Handler
- type Logger
- type Middleware
- type MiddlewareFactory
- type OpenAPIOption
- type OpenAPIOptions
- type Option
- func WithAuthHooks(hooks AuthHooks) Option
- func WithConfig(cfg config.Config) Option
- func WithErrorHandler(handler ErrorHandler) Option
- func WithErrorTemplates(templates map[int]string) Option
- func WithLogger(logger *slog.Logger) Option
- func WithRegistry(registry *Registry) Option
- func WithRenderer(engine *render.Engine) Option
- func WithTemplateFS(fsys fs.FS, dir string) Option
- func WithTemplateFSDevDir(dir string) Option
- func WithTemplateFuncs(funcs render.FuncMap) Option
- func WithTemplatePartials(patterns ...string) Option
- func WithTemplateReload(enabled bool) Option
- func WithTemplateSubdirs(enabled bool) Option
- type Params
- type Plugin
- type PreMiddleware
- type Principal
- type Registry
- func (r *Registry) Authenticator(name string, config map[string]any) (Authenticator, error)
- func (r *Registry) Cache(name string, config map[string]any) (cache.Store, error)
- func (r *Registry) Middleware(name string, config map[string]any) (Middleware, error)
- func (r *Registry) RegisterAuthenticator(name string, factory AuthenticatorFactory) error
- func (r *Registry) RegisterCache(name string, factory CacheFactory) error
- func (r *Registry) RegisterMiddleware(name string, factory MiddlewareFactory) error
- func (r *Registry) RegisterValidator(name string, fn validate.ValidatorFunc) error
- func (r *Registry) Use(plugin Plugin) error
- func (r *Registry) Validator(name string) (validate.ValidatorFunc, error)
- type RequestMetadata
- type RouteInfo
- type RouteOption
- type StaticOption
Constants ¶
View Source
const ( TraceparentHeader = "traceparent" TracestateHeader = "tracestate" )
View Source
const DefaultMultipartMemory int64 = 32 << 20
View Source
const RequestIDHeader = "X-Request-ID"
Variables ¶
View Source
var ( // ErrRegistryNil indicates the registry is nil. ErrRegistryNil = errors.New("registry is nil") // ErrRegistryNameRequired indicates a missing registry name. ErrRegistryNameRequired = errors.New("registry name is required") // ErrRegistryExists indicates a registry entry already exists. ErrRegistryExists = errors.New("registry entry already exists") // ErrRegistryNotFound indicates a registry entry was not found. ErrRegistryNotFound = errors.New("registry entry not found") )
Functions ¶
func ConfigFromEnv ¶
ConfigFromEnv applies environment overrides using the given prefix.
func ConfigFromFile ¶
ConfigFromFile loads config from a JSON file onto the base config.
func DefaultConfig ¶
DefaultConfig returns default config values.
func InjectRequestMetadata ¶
func InjectRequestMetadata(r *http.Request, metadata RequestMetadata)
InjectRequestMetadata sets request metadata headers.
func InjectRequestMetadataIfMissing ¶
func InjectRequestMetadataIfMissing(r *http.Request, metadata RequestMetadata)
InjectRequestMetadataIfMissing sets request metadata headers only when missing.
func LoadConfig ¶
LoadConfig loads config from file and applies env overrides.
func LoadConfigProfile ¶
LoadConfigProfile loads config from base/env/secrets profiles with validation.
func RequestIDFromHeader ¶
RequestIDFromHeader returns the request id from headers.
func SetPrincipal ¶
SetPrincipal stores the principal in context storage.
func ValidateConfig ¶
ValidateConfig validates configuration values.
func WithRequestMetadata ¶
func WithRequestMetadata(ctx context.Context, metadata RequestMetadata) context.Context
WithRequestMetadata stores metadata in a context.
Types ¶
type App ¶
type App struct {
// contains filtered or unexported fields
}
App is the main framework entrypoint.
func (*App) AddOpenAPIRoutes ¶
func (a *App) AddOpenAPIRoutes(builder *openapi.Builder, options ...OpenAPIOption) error
AddOpenAPIRoutes derives OpenAPI operations from registered routes.
func (*App) DELETE ¶
func (a *App) DELETE(path string, handler Handler, middleware ...Middleware)
DELETE registers a DELETE route.
func (*App) GET ¶
func (a *App) GET(path string, handler Handler, middleware ...Middleware)
GET registers a GET route.
func (*App) Group ¶
func (a *App) Group(prefix string, middleware ...Middleware) *Group
Group creates a new route group.
func (*App) Handle ¶
func (a *App) Handle(method, path string, handler Handler, middleware ...Middleware)
Handle registers a route for an arbitrary method.
func (*App) ListenAndServe ¶
ListenAndServe starts the HTTP server using config values.
func (*App) ListenAndServeTLS ¶
ListenAndServeTLS starts the HTTPS server using config values.
func (*App) PATCH ¶
func (a *App) PATCH(path string, handler Handler, middleware ...Middleware)
PATCH registers a PATCH route.
func (*App) POST ¶
func (a *App) POST(path string, handler Handler, middleware ...Middleware)
POST registers a POST route.
func (*App) PUT ¶
func (a *App) PUT(path string, handler Handler, middleware ...Middleware)
PUT registers a PUT route.
func (*App) PathWithQuery ¶
func (a *App) PathWithQuery(name string, params map[string]string, query map[string]string) (string, bool)
PathWithQuery builds a URL path from a named route and attaches query params.
func (*App) Route ¶
func (a *App) Route(method, path string, handler Handler, options ...RouteOption)
Route registers a route with options.
func (*App) RunWithSignals ¶
RunWithSignals starts the server and handles SIGINT/SIGTERM for shutdown.
func (*App) ServeHTTP ¶
func (a *App) ServeHTTP(w http.ResponseWriter, r *http.Request)
ServeHTTP implements http.Handler.
func (*App) SetAuthHooks ¶
SetAuthHooks updates the auth hooks.
func (*App) ShutdownTimeout ¶
ShutdownTimeout returns the configured graceful shutdown timeout.
func (*App) Static ¶
func (a *App) Static(prefix, dir string, options ...StaticOption)
Static registers a static file route.
func (*App) StaticFS ¶
func (a *App) StaticFS(prefix string, fsys fs.FS, options ...StaticOption)
StaticFS registers a static file route from an fs.FS.
func (*App) UsePre ¶
func (a *App) UsePre(middleware ...PreMiddleware)
UsePre registers pre-routing middleware.
type AuthHooks ¶
type AuthHooks struct {
BeforeAuthenticate func(ctx *Context)
AfterAuthenticate func(ctx *Context, principal *Principal, err error)
}
AuthHooks provides hook points around authentication.
type Authenticator ¶
Authenticator validates a request and returns a principal.
type AuthenticatorFactory ¶
type AuthenticatorFactory func(config map[string]any) (Authenticator, error)
AuthenticatorFactory builds an authenticator using a config map.
type Authorizer ¶
Authorizer checks if a principal can access a resource.
type CacheFactory ¶
CacheFactory builds a cache store using a config map.
type ConfigProfile ¶
ConfigProfile describes layered config sources.
type Context ¶
type Context struct {
ResponseWriter http.ResponseWriter
Request *http.Request
Params router.Params
// contains filtered or unexported fields
}
Context holds request-specific data.
func NewContext ¶
NewContext constructs a Context.
func (*Context) BindMultipart ¶
BindMultipart binds multipart form values into dst.
func (*Context) ParamInt64 ¶
ParamInt64 returns a route param as an int64.
func (*Context) QueryInt64 ¶
QueryInt64 returns a query param as an int64.
func (*Context) Render ¶
func (c *Context) Render(status int, fn render.RenderFunc) error
Render uses a custom render function.
func (*Context) SaveUploadedFile ¶
func (c *Context) SaveUploadedFile(file *multipart.FileHeader, dst string) error
SaveUploadedFile writes a multipart file to disk.
type ErrorEnvelope ¶
type ErrorEnvelope struct {
Code string
Message string
Fields []validate.FieldError
RequestID string
}
ErrorEnvelope describes a standardized error payload.
type ErrorHandler ¶
ErrorHandler processes errors returned by handlers.
type ErrorPageData ¶
type ErrorPageData struct {
Status int
Code string
Message string
Fields []validate.FieldError
RequestID string
Error ErrorEnvelope
}
ErrorPageData is passed to error templates.
type Group ¶
type Group struct {
// contains filtered or unexported fields
}
Group defines a route group with a common prefix and middleware.
func (*Group) DELETE ¶
func (g *Group) DELETE(path string, handler Handler, middleware ...Middleware)
DELETE registers a DELETE route in the group.
func (*Group) GET ¶
func (g *Group) GET(path string, handler Handler, middleware ...Middleware)
GET registers a GET route in the group.
func (*Group) Group ¶
func (g *Group) Group(prefix string, middleware ...Middleware) *Group
Group creates a nested group.
func (*Group) Handle ¶
func (g *Group) Handle(method, path string, handler Handler, middleware ...Middleware)
Handle registers a route in the group for an arbitrary method.
func (*Group) PATCH ¶
func (g *Group) PATCH(path string, handler Handler, middleware ...Middleware)
PATCH registers a PATCH route in the group.
func (*Group) POST ¶
func (g *Group) POST(path string, handler Handler, middleware ...Middleware)
POST registers a POST route in the group.
type Logger ¶
type Logger struct {
// contains filtered or unexported fields
}
Logger wraps slog.Logger with request context.
func LoggerFromContext ¶
LoggerFromContext builds a logger that includes request metadata.
func LoggerFromRequest ¶
LoggerFromRequest builds a logger using request metadata.
type Middleware ¶
Middleware wraps a handler with additional behavior.
type MiddlewareFactory ¶
type MiddlewareFactory func(config map[string]any) (Middleware, error)
MiddlewareFactory builds middleware using a config map.
type OpenAPIOption ¶
type OpenAPIOption func(*OpenAPIOptions)
OpenAPIOption customizes OpenAPI route derivation.
func WithOpenAPIIncludeUnnamed ¶
func WithOpenAPIIncludeUnnamed(enabled bool) OpenAPIOption
WithOpenAPIIncludeUnnamed toggles inclusion of unnamed routes.
func WithOpenAPISkipMethods ¶
func WithOpenAPISkipMethods(methods ...string) OpenAPIOption
WithOpenAPISkipMethods skips specific HTTP methods.
func WithOpenAPISkipPaths ¶
func WithOpenAPISkipPaths(paths ...string) OpenAPIOption
WithOpenAPISkipPaths skips paths that match the provided patterns.
func WithOpenAPITagFromHost ¶
func WithOpenAPITagFromHost(enabled bool) OpenAPIOption
WithOpenAPITagFromHost applies host values as OpenAPI tags.
type OpenAPIOptions ¶
type OpenAPIOptions struct {
IncludeUnnamed bool
SkipPaths []string
SkipMethods []string
TagFromHost bool
}
OpenAPIOptions configures automatic OpenAPI route derivation.
func DefaultOpenAPIOptions ¶
func DefaultOpenAPIOptions() OpenAPIOptions
DefaultOpenAPIOptions returns the default OpenAPI options.
type Option ¶
type Option func(*App)
Option customizes the app instance.
func WithAuthHooks ¶
WithAuthHooks configures authentication hooks.
func WithConfig ¶
WithConfig overrides the default config.
func WithErrorHandler ¶
func WithErrorHandler(handler ErrorHandler) Option
WithErrorHandler overrides the default error handler.
func WithErrorTemplates ¶
WithErrorTemplates configures template names for HTML error pages. Use status code keys, or 0 for a default template.
func WithRegistry ¶
WithRegistry sets a custom registry for extensibility.
func WithRenderer ¶
WithRenderer sets a custom template engine.
func WithTemplateFS ¶
WithTemplateFS configures embedded templates from an fs.FS.
func WithTemplateFSDevDir ¶
WithTemplateFSDevDir sets a disk path for template reloads when using embedded templates.
func WithTemplateFuncs ¶
WithTemplateFuncs registers template functions for the built-in renderer.
func WithTemplatePartials ¶
WithTemplatePartials configures glob patterns for partial templates.
func WithTemplateReload ¶
WithTemplateReload enables template reloading for development.
func WithTemplateSubdirs ¶
WithTemplateSubdirs enables nested template directories.
type Principal ¶
Principal represents an authenticated actor.
func PrincipalFromContext ¶
PrincipalFromContext extracts the principal from context storage.
type Registry ¶
type Registry struct {
// contains filtered or unexported fields
}
Registry stores registered middleware, auth, cache, and validators.
func (*Registry) Authenticator ¶
Authenticator builds a named authenticator.
func (*Registry) Middleware ¶
Middleware builds a named middleware.
func (*Registry) RegisterAuthenticator ¶
func (r *Registry) RegisterAuthenticator(name string, factory AuthenticatorFactory) error
RegisterAuthenticator registers a named authenticator factory.
func (*Registry) RegisterCache ¶
func (r *Registry) RegisterCache(name string, factory CacheFactory) error
RegisterCache registers a named cache store factory.
func (*Registry) RegisterMiddleware ¶
func (r *Registry) RegisterMiddleware(name string, factory MiddlewareFactory) error
RegisterMiddleware registers a named middleware factory.
func (*Registry) RegisterValidator ¶
func (r *Registry) RegisterValidator(name string, fn validate.ValidatorFunc) error
RegisterValidator registers a named validator and exposes it via validate.Register.
type RequestMetadata ¶
RequestMetadata holds request-scoped identifiers.
func RequestMetadataFromContext ¶
func RequestMetadataFromContext(ctx context.Context) RequestMetadata
RequestMetadataFromContext returns metadata stored in a context.
func RequestMetadataFromRequest ¶
func RequestMetadataFromRequest(r *http.Request) RequestMetadata
RequestMetadataFromRequest returns metadata from the request and context.
type RouteOption ¶
type RouteOption func(*routeConfig)
RouteOption customizes route registration.
func WithHost ¶
func WithHost(host string) RouteOption
WithHost scopes a route to a host or wildcard (e.g. "api.example.com", "*.example.com").
func WithMiddleware ¶
func WithMiddleware(middleware ...Middleware) RouteOption
WithMiddleware attaches middleware to a route.
func WithTimeout ¶
func WithTimeout(timeout time.Duration) RouteOption
WithTimeout sets a per-route timeout.
type StaticOption ¶
type StaticOption func(*staticConfig)
StaticOption configures static file handling.
func StaticCacheControl ¶
func StaticCacheControl(value string) StaticOption
StaticCacheControl sets the Cache-Control header value.
func StaticIndex ¶
func StaticIndex(name string) StaticOption
StaticIndex sets the index file name to serve for directories.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.