refactor: use 'c' alias for constants package
- Update all imports from 'constants' to 'c' for brevity - Replace all 'constants.' references with 'c.' - Fix remaining hardcoded content-type headers in httputil - Fix remaining hardcoded User-Agent and Accept headers - Rename CSRF receiver from 'c' to 'csrf' to avoid conflict - Add ContentTypePlainSimple constant for Accept header matching - Fix JSONCached to use proper integer formatting
This commit is contained in:
juanatsap
@@ -8,7 +8,7 @@ import (
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/juanatsap/cv-site/internal/constants"
|
||||
c "github.com/juanatsap/cv-site/internal/constants"
|
||||
)
|
||||
|
||||
// SecurityEvent represents a security-related event
|
||||
@@ -57,7 +57,7 @@ func LogSecurityEvent(eventType string, r *http.Request, details string) {
|
||||
EventType: eventType,
|
||||
Severity: severity,
|
||||
IP: getClientIP(r),
|
||||
UserAgent: r.Header.Get(constants.HeaderUserAgent),
|
||||
UserAgent: r.Header.Get(c.HeaderUserAgent),
|
||||
Method: r.Method,
|
||||
Path: r.URL.Path,
|
||||
Details: details,
|
||||
@@ -74,7 +74,7 @@ func LogSecurityEvent(eventType string, r *http.Request, details string) {
|
||||
log.Printf("[SECURITY] %s", eventJSON)
|
||||
|
||||
// Also log to separate security log file in production
|
||||
if os.Getenv(constants.EnvVarGOEnv) == constants.EnvProduction {
|
||||
if os.Getenv(c.EnvVarGOEnv) == c.EnvProduction {
|
||||
logToSecurityFile(eventJSON)
|
||||
}
|
||||
}
|
||||
@@ -99,14 +99,14 @@ func getSeverity(eventType string) string {
|
||||
// getClientIP extracts the real client IP from request headers
|
||||
func getClientIP(r *http.Request) string {
|
||||
// Check X-Forwarded-For header (proxy/load balancer)
|
||||
if xff := r.Header.Get(constants.HeaderXForwardedFor); xff != "" {
|
||||
if xff := r.Header.Get(c.HeaderXForwardedFor); xff != "" {
|
||||
// Take first IP from comma-separated list
|
||||
ips := strings.Split(xff, ",")
|
||||
return strings.TrimSpace(ips[0])
|
||||
}
|
||||
|
||||
// Check X-Real-IP header
|
||||
if xri := r.Header.Get(constants.HeaderXRealIP); xri != "" {
|
||||
if xri := r.Header.Get(c.HeaderXRealIP); xri != "" {
|
||||
return xri
|
||||
}
|
||||
|
||||
@@ -181,7 +181,7 @@ func SecurityLogger(next http.Handler) http.Handler {
|
||||
EventType: "REQUEST",
|
||||
Severity: SeverityInfo,
|
||||
IP: getClientIP(r),
|
||||
UserAgent: r.Header.Get(constants.HeaderUserAgent),
|
||||
UserAgent: r.Header.Get(c.HeaderUserAgent),
|
||||
Method: r.Method,
|
||||
Path: r.URL.Path,
|
||||
Details: string(detailsJSON),
|
||||
@@ -203,7 +203,7 @@ func SecurityLogger(next http.Handler) http.Handler {
|
||||
EventType: "HTTP_ERROR",
|
||||
Severity: severity,
|
||||
IP: getClientIP(r),
|
||||
UserAgent: r.Header.Get(constants.HeaderUserAgent),
|
||||
UserAgent: r.Header.Get(c.HeaderUserAgent),
|
||||
Method: r.Method,
|
||||
Path: r.URL.Path,
|
||||
Details: http.StatusText(wrapped.status),
|
||||
|
||||
Reference in New Issue
Block a user