Middleware guides
Middleware - Session
Detailed guide to middleware.Session with signed cookies, key rotation, optional encryption, and secure session handling patterns.
middleware.Session
Provides signed cookie session management with optional encryption and key rotation.
Signature
func Session(configs ...SessionConfig) kern.MiddlewareFuncBasic example
import "github.com/mobentum/kern/middleware"
app.Use(middleware.Session(middleware.SessionConfig{
SigningKey: []byte("replace-with-strong-secret"),
}))Rotation and encryption example
app.Use(middleware.Session(middleware.SessionConfig{
SigningKey: []byte("new-signing-key"),
VerifyKeys: [][]byte{[]byte("old-signing-key")},
EncryptionKey: []byte("0123456789abcdef0123456789abcdef"),
DecryptKeys: [][]byte{[]byte("abcdef0123456789abcdef0123456789")},
}))Access in handler
session, ok := middleware.GetSession(c.Context())
if ok {
session.Set("user_id", "123")
}Best practices
- Rotate keys using
VerifyKeysandDecryptKeysbefore cutover. - Use secure cookie settings in production environments.
Middleware - ResponseLimit
Detailed guide to middleware.ResponseLimit for per-route response-size enforcement and streaming safeguards.
Recipes
Production-focused Kern recipes for Go API servers, including health checks, graceful shutdown, SPA serving, JSON errors, observability, and middleware patterns.