Middleware
Apply middleware globally or per-route for auth, CORS, CSRF, rate limiting, and more.
Middleware intercepts requests before they reach your controllers. RapidGo includes built-in middleware and a registry for organizing them.
Built-in Middleware
| Middleware | Package | Purpose |
|---|---|---|
Auth |
middleware |
JWT authentication guard |
CORS |
middleware |
Cross-Origin Resource Sharing headers |
CSRF |
middleware |
CSRF token validation for forms |
RateLimit |
middleware |
Per-IP rate limiting |
Recovery |
middleware |
Panic recovery with structured logging |
RequestID |
middleware |
Adds X-Request-ID header |
Session |
middleware |
Session loading and saving |
ErrorHandler |
middleware |
Structured error responses |
Admin |
middleware |
Admin role authorization |
Global Middleware
Apply middleware to all routes:
r.Use(middleware.Recovery())
r.Use(middleware.RequestID())
r.Use(middleware.CORS())
Group Middleware
Apply middleware to a route group:
api := r.Group("/api")
api.Use(middleware.Auth())
api.Use(middleware.RateLimit("100-H")) // 100 requests per hour
admin := r.Group("/admin")
admin.Use(middleware.Auth(), middleware.Admin())
Middleware Registry
Register named middleware for string-based resolution:
// Register aliases
middleware.RegisterAlias("auth", middleware.Auth())
middleware.RegisterAlias("admin", middleware.Admin())
// Register groups
middleware.RegisterGroup("web", middleware.Session(), middleware.CSRF())
middleware.RegisterGroup("api", middleware.Auth(), middleware.RateLimit("60-M"))
// Resolve by name
handler := middleware.Resolve("auth")
group := middleware.ResolveGroup("web")
Writing Custom Middleware
Middleware is a standard Gin handler function:
func Logger() gin.HandlerFunc {
return func(c *gin.Context) {
start := time.Now()
c.Next()
duration := time.Since(start)
slog.Info("request",
"method", c.Request.Method,
"path", c.Request.URL.Path,
"status", c.Writer.Status(),
"duration", duration,
)
}
}