Middleware
Middleware functions process requests before they reach controllers.
Built-in Middleware
Authentication
router.Use(middleware.RequireAuth())
Permission Check
router.Use(middleware.RequirePermission("users:read"))
CORS
router.Use(middleware.CORS())
Logging
router.Use(middleware.Logging())
Recovery (Panic Handler)
router.Use(middleware.Recovery())
Custom Middleware
func RateLimiter() gin.HandlerFunc {
limiter := rate.NewLimiter(100, 200)
return func(ctx *gin.Context) {
if !limiter.Allow() {
util.RespondWithError(ctx, util.NewErrorMessage("E4291", "Rate limit exceeded"))
ctx.Abort()
return
}
ctx.Next()
}
}
// Use it
router.Use(RateLimiter())
Middleware Order
1. Recovery
2. Logging
3. CORS
4. Authentication
5. Permission Check
6. Custom Middleware
7. Controller Handler
Apply to Specific Routes
// Apply to all routes in group
products := router.Group("/products")
products.Use(middleware.RequireAuth())
// Apply to specific route
router.GET("/admin",
middleware.RequireAuth(),
middleware.RequirePermission("admin:access"),
controller.AdminDashboard,
)
Best Practices
- Order matters - apply in correct sequence
- Use built-in middleware when available
- Keep middleware focused and simple
- Always call
ctx.Next()orctx.Abort() - Handle errors appropriately