/
router.go
60 lines (50 loc) · 1.23 KB
/
router.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package route
import (
"time"
"github.com/hearb/hearb/controller"
"github.com/labstack/echo"
"github.com/labstack/echo/engine/standard"
"github.com/labstack/echo/middleware"
)
type (
application struct {
engine *echo.Echo
}
)
func calcAgeInSecond(years, months, days int) int {
now := time.Now()
dur := now.AddDate(years, months, days).Sub(now)
return int(dur.Seconds())
}
// Init server handling
func Init() *application {
e := echo.New()
e.Use(middleware.Logger())
e.Use(middleware.Recover())
e.Use(middleware.CORS())
e.Use(middleware.CSRFWithConfig(middleware.CSRFConfig{
TokenLength: 24,
TokenLookup: "header:X-CSRF-Token",
ContextKey: "csrf",
CookieName: "csrf",
CookiePath: "/",
CookieMaxAge: 5 * 60, // 5分
CookieSecure: true,
}))
e.Use(middleware.SecureWithConfig(middleware.SecureConfig{
XSSProtection: "1; mode=block",
ContentTypeNosniff: "nosniff",
XFrameOptions: "DENY",
HSTSMaxAge: calcAgeInSecond(0, 6, 0), // 6ヶ月
ContentSecurityPolicy: "default-src: 'self'",
}))
controller.AddAuthRoutes(e)
controller.AddAPIRoutes(e)
return &application{
engine: e,
}
}
// Run server
func (app *application) Run() {
app.engine.Run(standard.New(":5556"))
}