txeo/cv-site
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: consolidate lang into constants, rename services to email

Browse Source 
- Merge lang package into constants (add IsValidLang, ValidateLang, AllLangs)
- Rename internal/services to internal/email for consistency with pdf package
- Rename types to avoid redundancy: EmailService→Service, EmailConfig→Config
- Update all imports and references across codebase
- Delete internal/lang directory (functions moved to constants)
This commit is contained in:
juanatsap
2025-12-06 17:05:17 +00:00
parent 30ed21ff7a
commit c89b67a06d
28 changed files with 241 additions and 290 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/middleware/browser_only.go
+2 -7
View File
@@ -8,11 +8,6 @@ import (
c "github.com/juanatsap/cv-site/internal/constants"
)
const (
// Custom header that browser JavaScript must set
browserHeaderName = "X-Requested-With"
browserHeaderValue = "XMLHttpRequest"
)
// BrowserOnly restricts endpoint access to browser requests only
// Blocks curl, Postman, and other HTTP clients
@@ -44,8 +39,8 @@ func BrowserOnly(next http.Handler) http.Handler {
// For HTMX requests, check HX-Request header
// For fetch/XMLHttpRequest, check X-Requested-With header
hasHTMXHeader := r.Header.Get(c.HeaderHXRequest) == "true"
hasXMLHTTPHeader := r.Header.Get(browserHeaderName) == browserHeaderValue
hasCustomBrowserHeader := r.Header.Get("X-Browser-Request") == "true"
hasXMLHTTPHeader := r.Header.Get(c.HeaderXRequestedWith) == c.HeaderValueXMLHTTPRequest
hasCustomBrowserHeader := r.Header.Get(c.HeaderXBrowserReq) == "true"
if !hasHTMXHeader && !hasXMLHTTPHeader && !hasCustomBrowserHeader {
log.Printf("SECURITY: Blocked request without browser headers from IP %s", getRequestIP(r))