diff options
Diffstat (limited to 'vendor/github.com/ulule/limiter/v3/options.go')
| -rw-r--r-- | vendor/github.com/ulule/limiter/v3/options.go | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/vendor/github.com/ulule/limiter/v3/options.go b/vendor/github.com/ulule/limiter/v3/options.go new file mode 100644 index 000000000..d8a44eab3 --- /dev/null +++ b/vendor/github.com/ulule/limiter/v3/options.go @@ -0,0 +1,61 @@ +package limiter + +import ( + "net" +) + +// Option is a functional option. +type Option func(*Options) + +// Options are limiter options. +type Options struct { + // IPv4Mask defines the mask used to obtain a IPv4 address. + IPv4Mask net.IPMask + // IPv6Mask defines the mask used to obtain a IPv6 address. + IPv6Mask net.IPMask + // TrustForwardHeader enable parsing of X-Real-IP and X-Forwarded-For headers to obtain user IP. + // Please be advised that using this option could be insecure (ie: spoofed) if your reverse + // proxy is not configured properly to forward a trustworthy client IP. + // Please read the section "Limiter behind a reverse proxy" in the README for further information. + TrustForwardHeader bool + // ClientIPHeader defines a custom header (likely defined by your CDN or Cloud provider) to obtain user IP. + // If configured, this option will override "TrustForwardHeader" option. + // Please be advised that using this option could be insecure (ie: spoofed) if your reverse + // proxy is not configured properly to forward a trustworthy client IP. + // Please read the section "Limiter behind a reverse proxy" in the README for further information. + ClientIPHeader string +} + +// WithIPv4Mask will configure the limiter to use given mask for IPv4 address. +func WithIPv4Mask(mask net.IPMask) Option { + return func(o *Options) { + o.IPv4Mask = mask + } +} + +// WithIPv6Mask will configure the limiter to use given mask for IPv6 address. +func WithIPv6Mask(mask net.IPMask) Option { + return func(o *Options) { + o.IPv6Mask = mask + } +} + +// WithTrustForwardHeader will configure the limiter to trust X-Real-IP and X-Forwarded-For headers. +// Please be advised that using this option could be insecure (ie: spoofed) if your reverse +// proxy is not configured properly to forward a trustworthy client IP. +// Please read the section "Limiter behind a reverse proxy" in the README for further information. +func WithTrustForwardHeader(enable bool) Option { + return func(o *Options) { + o.TrustForwardHeader = enable + } +} + +// WithClientIPHeader will configure the limiter to use a custom header to obtain user IP. +// Please be advised that using this option could be insecure (ie: spoofed) if your reverse +// proxy is not configured properly to forward a trustworthy client IP. +// Please read the section "Limiter behind a reverse proxy" in the README for further information. +func WithClientIPHeader(header string) Option { + return func(o *Options) { + o.ClientIPHeader = header + } +} |