Move middlewares to web/middleware (#14480)

Co-authored-by: 6543 <6543@obermui.de>

Author: lunny

modules/auth/sso/interface.go

@@ -8,12 +8,12 @@ import (
 	"net/http"
 
 	"code.gitea.io/gitea/models"
-	"code.gitea.io/gitea/modules/middlewares"
 	"code.gitea.io/gitea/modules/session"
+	"code.gitea.io/gitea/modules/web/middleware"
 )
 
 // DataStore represents a data store
-type DataStore middlewares.DataStore
+type DataStore middleware.DataStore
 
 // SessionStore represents a session store
 type SessionStore session.Store

modules/auth/sso/oauth2.go

@@ -12,8 +12,8 @@ import (
 
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/middlewares"
 	"code.gitea.io/gitea/modules/timeutil"
+	"code.gitea.io/gitea/modules/web/middleware"
 )
 
 // Ensure the struct implements the interface.
@@ -122,7 +122,7 @@ func (o *OAuth2) VerifyAuthData(req *http.Request, w http.ResponseWriter, store
 		return nil
 	}
 
-	if middlewares.IsInternalPath(req) || !middlewares.IsAPIPath(req) && !isAttachmentDownload(req) {
+	if middleware.IsInternalPath(req) || !middleware.IsAPIPath(req) && !isAttachmentDownload(req) {
 		return nil
 	}
 

modules/auth/sso/sso.go

@@ -13,8 +13,8 @@ import (
 
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/middlewares"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/web/middleware"
 )
 
 // ssoMethods contains the list of SSO authentication plugins in the order they are expected to be
@@ -121,16 +121,16 @@ func handleSignIn(resp http.ResponseWriter, req *http.Request, sess SessionStore
 	// Language setting of the user overwrites the one previously set
 	// If the user does not have a locale set, we save the current one.
 	if len(user.Language) == 0 {
-		lc := middlewares.Locale(resp, req)
+		lc := middleware.Locale(resp, req)
 		user.Language = lc.Language()
 		if err := models.UpdateUserCols(user, "language"); err != nil {
 			log.Error(fmt.Sprintf("Error updating user language [user: %d, locale: %s]", user.ID, user.Language))
 			return
 		}
 	}
 
-	middlewares.SetCookie(resp, "lang", user.Language, nil, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
+	middleware.SetCookie(resp, "lang", user.Language, nil, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
 
 	// Clear whatever CSRF has right now, force to generate a new one
-	middlewares.SetCookie(resp, setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
+	middleware.SetCookie(resp, setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true)
 }

modules/auth/sso/sspi_windows.go

@@ -12,9 +12,9 @@ import (
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/base"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/middlewares"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/modules/web/middleware"
 
 	gouuid "github.com/google/uuid"
 	"github.com/quasoft/websspi"
@@ -136,7 +136,7 @@ func (s *SSPI) VerifyAuthData(req *http.Request, w http.ResponseWriter, store Da
 	}
 
 	// Make sure requests to API paths and PWA resources do not create a new session
-	if !middlewares.IsAPIPath(req) && !isAttachmentDownload(req) {
+	if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) {
 		handleSignIn(w, req, sess, user)
 	}
 
@@ -167,9 +167,9 @@ func (s *SSPI) shouldAuthenticate(req *http.Request) (shouldAuth bool) {
 		} else if req.FormValue("auth_with_sspi") == "1" {
 			shouldAuth = true
 		}
-	} else if middlewares.IsInternalPath(req) {
+	} else if middleware.IsInternalPath(req) {
 		shouldAuth = false
-	} else if middlewares.IsAPIPath(req) || isAttachmentDownload(req) {
+	} else if middleware.IsAPIPath(req) || isAttachmentDownload(req) {
 		shouldAuth = true
 	}
 	return

modules/context/api.go

@@ -17,8 +17,8 @@ import (
 	"code.gitea.io/gitea/modules/auth/sso"
 	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/middlewares"
 	"code.gitea.io/gitea/modules/setting"
+	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/session"
 )
@@ -224,7 +224,7 @@ func APIContexter() func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 
 		return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
-			var locale = middlewares.Locale(w, req)
+			var locale = middleware.Locale(w, req)
 			var ctx = APIContext{
 				Context: &Context{
 					Resp:    NewResponse(w),

modules/context/context.go

@@ -26,11 +26,11 @@ import (
 	"code.gitea.io/gitea/modules/base"
 	mc "code.gitea.io/gitea/modules/cache"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/middlewares"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/templates"
 	"code.gitea.io/gitea/modules/translation"
 	"code.gitea.io/gitea/modules/util"
+	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/cache"
 	"gitea.com/go-chi/session"
@@ -56,7 +56,7 @@ type Context struct {
 	translation.Locale
 	Cache   cache.Cache
 	csrf    CSRF
-	Flash   *middlewares.Flash
+	Flash   *middleware.Flash
 	Session session.Store
 
 	Link        string // current request URL
@@ -206,7 +206,7 @@ func (ctx *Context) HTMLString(name string, data interface{}) (string, error) {
 // RenderWithErr used for page has form validation but need to prompt error to users.
 func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {
 	if form != nil {
-		middlewares.AssignForm(form, ctx.Data)
+		middleware.AssignForm(form, ctx.Data)
 	}
 	ctx.Flash.ErrorMsg = msg
 	ctx.Data["Flash"] = ctx.Flash
@@ -384,12 +384,12 @@ func (ctx *Context) Redirect(location string, status ...int) {
 
 // SetCookie set cookies to web browser
 func (ctx *Context) SetCookie(name string, value string, others ...interface{}) {
-	middlewares.SetCookie(ctx.Resp, name, value, others...)
+	middleware.SetCookie(ctx.Resp, name, value, others...)
 }
 
 // GetCookie returns given cookie value from request header.
 func (ctx *Context) GetCookie(name string) string {
-	return middlewares.GetCookie(ctx.Req, name)
+	return middleware.GetCookie(ctx.Req, name)
 }
 
 // GetSuperSecureCookie returns given cookie value from request header with secret string.
@@ -496,10 +496,10 @@ func GetContext(req *http.Request) *Context {
 
 // SignedUserName returns signed user's name via context
 func SignedUserName(req *http.Request) string {
-	if middlewares.IsInternalPath(req) {
+	if middleware.IsInternalPath(req) {
 		return ""
 	}
-	if middlewares.IsAPIPath(req) {
+	if middleware.IsAPIPath(req) {
 		ctx, ok := req.Context().Value(apiContextKey).(*APIContext)
 		if ok {
 			v := ctx.Data["SignedUserName"]
@@ -539,7 +539,7 @@ func Contexter() func(next http.Handler) http.Handler {
 
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {
-			var locale = middlewares.Locale(resp, req)
+			var locale = middleware.Locale(resp, req)
 			var startTime = time.Now()
 			var link = setting.AppSubURL + strings.TrimSuffix(req.URL.EscapedPath(), "/")
 			var ctx = Context{
@@ -567,7 +567,7 @@ func Contexter() func(next http.Handler) http.Handler {
 			flashCookie := ctx.GetCookie("macaron_flash")
 			vals, _ := url.ParseQuery(flashCookie)
 			if len(vals) > 0 {
-				f := &middlewares.Flash{
+				f := &middleware.Flash{
 					DataStore:  &ctx,
 					Values:     vals,
 					ErrorMsg:   vals.Get("error"),
@@ -578,7 +578,7 @@ func Contexter() func(next http.Handler) http.Handler {
 				ctx.Data["Flash"] = f
 			}
 
-			f := &middlewares.Flash{
+			f := &middleware.Flash{
 				DataStore:  &ctx,
 				Values:     url.Values{},
 				ErrorMsg:   "",
@@ -588,22 +588,22 @@ func Contexter() func(next http.Handler) http.Handler {
 			}
 			ctx.Resp.Before(func(resp ResponseWriter) {
 				if flash := f.Encode(); len(flash) > 0 {
-					middlewares.SetCookie(resp, "macaron_flash", flash, 0,
+					middleware.SetCookie(resp, "macaron_flash", flash, 0,
 						setting.SessionConfig.CookiePath,
-						middlewares.Domain(setting.SessionConfig.Domain),
-						middlewares.HTTPOnly(true),
-						middlewares.Secure(setting.SessionConfig.Secure),
+						middleware.Domain(setting.SessionConfig.Domain),
+						middleware.HTTPOnly(true),
+						middleware.Secure(setting.SessionConfig.Secure),
 						//middlewares.SameSite(opt.SameSite), FIXME: we need a samesite config
 					)
 					return
 				}
 
 				ctx.SetCookie("macaron_flash", "", -1,
 					setting.SessionConfig.CookiePath,
-					middlewares.Domain(setting.SessionConfig.Domain),
-					middlewares.HTTPOnly(true),
-					middlewares.Secure(setting.SessionConfig.Secure),
-					//middlewares.SameSite(), FIXME: we need a samesite config
+					middleware.Domain(setting.SessionConfig.Domain),
+					middleware.HTTPOnly(true),
+					middleware.Secure(setting.SessionConfig.Secure),
+					//middleware.SameSite(), FIXME: we need a samesite config
 				)
 			})
 

modules/forms/admin.go

@@ -8,7 +8,7 @@ import (
 	"net/http"
 
 	"code.gitea.io/gitea/modules/context"
-	"code.gitea.io/gitea/modules/middlewares"
+	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/binding"
 )
@@ -27,7 +27,7 @@ type AdminCreateUserForm struct {
 // Validate validates form fields
 func (f *AdminCreateUserForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	ctx := context.GetContext(req)
-	return middlewares.Validate(errs, ctx.Data, f, ctx.Locale)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }
 
 // AdminEditUserForm form for admin to create user
@@ -54,7 +54,7 @@ type AdminEditUserForm struct {
 // Validate validates form fields
 func (f *AdminEditUserForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	ctx := context.GetContext(req)
-	return middlewares.Validate(errs, ctx.Data, f, ctx.Locale)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }
 
 // AdminDashboardForm form for admin dashboard operations
@@ -66,5 +66,5 @@ type AdminDashboardForm struct {
 // Validate validates form fields
 func (f *AdminDashboardForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	ctx := context.GetContext(req)
-	return middlewares.Validate(errs, ctx.Data, f, ctx.Locale)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }

modules/forms/auth_form.go

@@ -8,7 +8,7 @@ import (
 	"net/http"
 
 	"code.gitea.io/gitea/modules/context"
-	"code.gitea.io/gitea/modules/middlewares"
+	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/binding"
 )
@@ -71,5 +71,5 @@ type AuthenticationForm struct {
 // Validate validates fields
 func (f *AuthenticationForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	ctx := context.GetContext(req)
-	return middlewares.Validate(errs, ctx.Data, f, ctx.Locale)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }

modules/forms/org.go

@@ -10,8 +10,8 @@ import (
 
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/context"
-	"code.gitea.io/gitea/modules/middlewares"
 	"code.gitea.io/gitea/modules/structs"
+	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/binding"
 )
@@ -33,7 +33,7 @@ type CreateOrgForm struct {
 // Validate validates the fields
 func (f *CreateOrgForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	ctx := context.GetContext(req)
-	return middlewares.Validate(errs, ctx.Data, f, ctx.Locale)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }
 
 // UpdateOrgSettingForm form for updating organization settings
@@ -51,7 +51,7 @@ type UpdateOrgSettingForm struct {
 // Validate validates the fields
 func (f *UpdateOrgSettingForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	ctx := context.GetContext(req)
-	return middlewares.Validate(errs, ctx.Data, f, ctx.Locale)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }
 
 // ___________
@@ -74,5 +74,5 @@ type CreateTeamForm struct {
 // Validate validates the fields
 func (f *CreateTeamForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	ctx := context.GetContext(req)
-	return middlewares.Validate(errs, ctx.Data, f, ctx.Locale)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }

modules/forms/repo_branch_form.go

@@ -8,7 +8,7 @@ import (
 	"net/http"
 
 	"code.gitea.io/gitea/modules/context"
-	"code.gitea.io/gitea/modules/middlewares"
+	"code.gitea.io/gitea/modules/web/middleware"
 
 	"gitea.com/go-chi/binding"
 )
@@ -21,5 +21,5 @@ type NewBranchForm struct {
 // Validate validates the fields
 func (f *NewBranchForm) Validate(req *http.Request, errs binding.Errors) binding.Errors {
 	ctx := context.GetContext(req)
-	return middlewares.Validate(errs, ctx.Data, f, ctx.Locale)
+	return middleware.Validate(errs, ctx.Data, f, ctx.Locale)
 }