9 个仓库
Request interceptors used to verify authentication state before executing business logic.
Distinct from Session-Based Access Controls: Specifically targets the use of controller-level filters for access control in web frameworks.
Explore 9 awesome GitHub repositories matching security & cryptography · Controller Filters. Refine with filters or upvote what's useful.
Devise is a flexible authentication framework for Ruby on Rails applications. It serves as a user identity management system that handles registration, sign-in, password recovery, and account confirmation. The system integrates with the Warden middleware to manage user sessions and security across various request types. The framework functions as a multi-model authentication engine, allowing for the configuration of multiple distinct user models with independent routes and access controls. It also provides a standardized interface to connect with external identity providers and third-party lo
Uses controller-level callbacks to intercept requests and verify authentication status before executing the target action.
Devise is a comprehensive identity management system and authentication framework for Ruby on Rails applications. It provides a complete set of tools for managing user registration, secure sign-in, and session handling using a modular strategy pattern. The framework distinguishes itself by offering a suite of security hardening features, including brute force protection through account locking and secure password recovery workflows. It also functions as an integrator for external identity providers and third-party authentication via standardized protocols. Broad capabilities cover the full u
Uses controller filters to check authentication state and redirect unauthorized requests.
Gost is a Go-based network tunnel and multi-protocol proxy server. It functions as a gateway for routing TCP and UDP traffic, creating secure network tunnels between remote endpoints, and acting as a DNS proxy server to resolve domain name queries. The project is distinguished by its ability to implement multi-hop proxy chaining, which links multiple network nodes in a sequence to route traffic through specific paths. It also provides transparent proxying by integrating with virtual network interfaces to intercept system-level traffic without requiring manual client configuration. The system
Implements traffic validation against IP whitelists and credentials before allowing requests into the tunnel.
NLog is an open-source logging framework for .NET that functions as a structured logging library and log routing engine. It captures log events with named parameters as searchable data rather than plain text and directs these messages to various output destinations based on severity and source. The framework is designed as an extensible platform, supporting custom targets, layout renderers, and filters that can be loaded from external assemblies or defined in code. It features a dynamic configuration system that allows logging targets, rules, and layouts to be updated via XML or programmatic
Modifies log filtering logic in code at runtime using custom predicates.
CodeIgniter is a PHP web framework built on the Model-View-Controller pattern, designed for building full-stack web applications. It provides a lightweight toolkit with minimal configuration, organizing application logic into controllers, models, and views for clean separation of concerns. The framework includes a fluent query builder for constructing SQL statements programmatically, PSR-4 autoloading with namespace mapping, and a service-based dependency injection container for managing shared class instances. The framework distinguishes itself through its comprehensive set of built-in tools
Runs one or more before/after filters on a specific route for authentication, logging, or other middleware tasks.
Hono 是一个极简的 JavaScript HTTP 框架,旨在跨多个运行时(包括 Node.js、边缘运行时和无服务器平台)构建 Web 服务器。它作为一个跨运行时 Web 服务器和 Web 标准 API 包装器,将各种运行时的请求和响应对象标准化为标准的 Web API 签名。 该项目作为 HTTP 中间件编排器和请求处理器,利用基于中间件的请求管道和分层路由挂载来创建模块化服务器结构。它通过一个运行时无关的事件包装器脱颖而出,确保无论部署环境如何,行为都保持一致。 该框架涵盖了广泛的功能,包括带有动态参数捕获的 HTTP 请求路由、实时 WebSocket 通信,以及 CORS 管理和基本身份验证等全面的安全措施。它还提供了通过 Cookie 进行会话管理、静态资产服务以及通过请求代理和 URL 重定向进行流量管理的实用程序。 该项目使用 TypeScript 实现。
Enforces expected HTTP methods for endpoints and returns 405 errors for unsupported methods.
This project is a Java-based e-commerce management system and educational project suite. It serves as a backend framework for building online shopping platforms, utilizing a model-view-controller architecture to decouple user interfaces from business logic and data models. The system implements a structured web application framework that integrates relational databases to track product inventories, user accounts, and customer purchase transactions. It features a layered architecture that separates presentation, business logic, and data access. The codebase covers several core capability area
Implements request interceptors to verify authentication state before executing business logic in the web framework.
Searchkit 是一个搜索 UI 框架,专为使用 React 和 Vue 构建连接到 Elasticsearch 和 OpenSearch 后端的搜索界面而设计。它提供了一个搜索查询翻译层,将前端搜索状态转换为引擎特定的查询语言,并提供一个结果渲染引擎来显示命中结果、分面菜单和分页。 该框架包括一个语义搜索界面,支持基于向量的最近邻搜索和自然语言处理。它通过基于适配器的翻译系统和基于组件的 UI 映射脱颖而出,通过标准化接口将搜索逻辑连接到可互换的视图。 该项目涵盖了广泛的功能,包括用于同步过滤器和分页的状态管理、用于分层和数值过滤的复杂分面生成,以及通过字段优先级加权实现的自定义排序逻辑。它还提供了用于结果置顶、查询规则修改和通过地图界面进行地理可视化的工具。 为了安全和可扩展性,该项目利用 API 访问层在浏览器和搜索集群之间代理请求,并支持基于中间件的请求拦截,以修改查询和响应。
Runs global filter classes on every request to enforce site-wide restrictions based on user sessions or roles.
pg-boss is a background task scheduler and distributed task queue that uses PostgreSQL as a reliable message broker for asynchronous job processing. It provides a system for distributing work across multiple application instances, ensuring exactly-once delivery through atomic database transactions. The project includes a cron job scheduler for automating recurring tasks and a PostgreSQL pub-sub system for fan-out event distribution. It also features a web-based management dashboard for monitoring queue statistics and controlling job lifecycles, including manual retries and cancellations. Cap
Controls network exposure of queue operations by allowlisting or denylisting specific request methods.