Skip to content

Commit

Permalink
Add security Middleware (#129)
Browse files Browse the repository at this point in the history
  • Loading branch information
@berrydenhartog
berrydenhartog authored Aug 8, 2024
2 parents 21116e6 + b1989d4 commit ea78a3b
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 0 deletions.
16 changes: 16 additions & 0 deletions amt/middleware/security.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
import typing

from starlette.middleware.base import BaseHTTPMiddleware
from starlette.requests import Request
from starlette.responses import Response

RequestResponseEndpoint = typing.Callable[[Request], typing.Awaitable[Response]]


class SecurityMiddleware(BaseHTTPMiddleware):
async def dispatch(self, request: Request, call_next: RequestResponseEndpoint) -> Response:
response = await call_next(request)

response.headers["Strict-Transport-Security"] = "Strict-Transport-Security: max-age=31536000; includeSubDomains"

return response
2 changes: 2 additions & 0 deletions amt/server.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
from .middleware.csrf import CSRFMiddleware, CSRFMiddlewareExceptionHandler
from .middleware.htmx import HTMXMiddleware
from .middleware.route_logging import RequestLoggingMiddleware
from .middleware.security import SecurityMiddleware

configure_logging(get_settings().LOGGING_LEVEL, get_settings().LOGGING_CONFIG)

Expand Down Expand Up @@ -57,6 +58,7 @@ def create_app() -> FastAPI:
app.add_middleware(CSRFMiddleware)
app.add_middleware(CSRFMiddlewareExceptionHandler)
app.add_middleware(HTMXMiddleware)
app.add_middleware(SecurityMiddleware)

app.mount("/static", static_files, name="static")

Expand Down

0 comments on commit ea78a3b

Please sign in to comment.