第三方中间件集成
Gin 生态中有丰富的第三方中间件,满足各种业务需求。
CORS 中间件
使用 github.com/gin-contrib/cors:
Go
import "github.com/gin-contrib/cors"
func main() {
r := gin.Default()
// 基本配置
r.Use(cors.Default())
// 详细配置
r.Use(cors.New(cors.Config{
AllowOrigins: []string{"https://example.com"},
AllowMethods: []string{"GET", "POST", "PUT", "DELETE"},
AllowHeaders: []string{"Origin", "Content-Type", "Authorization"},
ExposeHeaders: []string{"Content-Length"},
AllowCredentials: true,
MaxAge: 12 * time.Hour,
}))
r.Run(":8080")
}
Session 中间件
使用 github.com/gin-contrib/sessions:
Go
import (
"github.com/gin-contrib/sessions"
"github.com/gin-contrib/sessions/cookie"
)
func main() {
r := gin.Default()
// 使用 cookie 存储
store := cookie.NewStore([]byte("secret"))
r.Use(sessions.Sessions("mysession", store))
r.GET("/set", func(c *gin.Context) {
session := sessions.Default(c)
session.Set("user_id", 123)
session.Save()
c.String(200, "session set")
})
r.GET("/get", func(c *gin.Context) {
session := sessions.Default(c)
userID := session.Get("user_id")
c.JSON(200, gin.H{"user_id": userID})
})
r.Run(":8080")
}
JWT 中间件
使用 github.com/appleboy/gin-jwt/v2:
Go
import (
jwt "github.com/appleboy/gin-jwt/v2"
)
type login struct {
Username string `form:"username" json:"username" binding:"required"`
Password string `form:"password" json:"password" binding:"required"`
}
func main() {
r := gin.New()
// JWT 配置
authMiddleware, _ := jwt.New(&jwt.GinJWTMiddleware{
Realm: "test zone",
Key: []byte("secret key"),
Timeout: time.Hour,
MaxRefresh: time.Hour,
IdentityKey: "id",
// 认证函数
Authenticator: func(c *gin.Context) (interface{}, error) {
var loginVals login
if err := c.ShouldBind(&loginVals); err != nil {
return "", jwt.ErrMissingLoginValues
}
if loginVals.Username == "admin" && loginVals.Password == "123456" {
return "admin", nil
}
return nil, jwt.ErrFailedAuthentication
},
// 用户信息提取
IdentityHandler: func(c *gin.Context) interface{} {
claims := jwt.ExtractClaims(c)
return claims["id"]
},
})
// 登录路由
r.POST("/login", authMiddleware.LoginHandler)
// 需认证的路由
auth := r.Group("/auth")
auth.Use(authMiddleware.MiddlewareFunc())
{
auth.GET("/profile", func(c *gin.Context) {
c.JSON(200, gin.H{"message": "protected"})
})
}
r.Run(":8080")
}
请求限流中间件
使用 github.com/gin-contrib/limiter:
Go
import (
limiter "github.com/gin-contrib/limiter"
"github.com/gin-contrib/limiter/limit"
)
func main() {
r := gin.Default()
// 基于内存的限流
r.Use(limiter.New(limiter.Config{
Rate: limit.PerMinute(100),
Key: func(c *gin.Context) string { return c.ClientIP() },
OnLimitReached: func(c *gin.Context) {
c.JSON(429, gin.H{"error": "too many requests"})
},
}))
r.Run(":8080")
}
Gzip 响应压缩
使用 github.com/gin-contrib/gzip:
Go
import "github.com/gin-contrib/gzip"
func main() {
r := gin.Default()
// 全局启用 gzip
r.Use(gzip.Gzip(gzip.DefaultCompression))
// 特定路由启用
r.GET("/large", gzip.Gzip(gzip.DefaultCompression), func(c *gin.Context) {
c.JSON(200, gin.H{"data": "large content"})
})
r.Run(":8080")
}
安全中间件
使用 github.com/gin-contrib/secure:
Go
import "github.com/gin-contrib/secure"
func main() {
r := gin.Default()
r.Use(secure.New(secure.Config{
AllowedHosts: []string{"example.com"},
SSLRedirect: true,
SSLHost: "example.com",
STSSeconds: 315360000,
STSIncludeSubdomains: true,
FrameDeny: true,
ContentTypeNosniff: true,
BrowserXssFilter: true,
}))
r.Run(":8080")
}
Request ID 中间件
使用 github.com/gin-contrib/requestid:
Go
import "github.com/gin-contrib/requestid"
func main() {
r := gin.Default()
r.Use(requestid.New())
r.GET("/test", func(c *gin.Context) {
reqID := requestid.Get(c)
c.JSON(200, gin.H{"request_id": reqID})
})
r.Run(":8080")
}
中间件安装
Bash
# CORS
go get github.com/gin-contrib/cors
# Session
go get github.com/gin-contrib/sessions
# JWT
go get github.com/appleboy/gin-jwt/v2
# Gzip
go get github.com/gin-contrib/gzip
# Request ID
go get github.com/gin-contrib/requestid
第三方中间件建议先阅读文档了解配置选项,按需引入避免过度依赖。
要点总结
gin-contrib组织提供官方维护的第三方中间件- CORS 中间件解决跨域问题
- Session 中间件管理用户会话状态
- JWT 中间件实现无状态认证
- 限流中间件防止请求过载
- 按需引入,避免依赖过重
📝 发现内容有误?点击此处直接编辑