internal/api/middleware/cache_control.go

package middleware

import (
	"strings"

	"github.com/gin-gonic/gin"
)

const sensitiveNoStoreCacheControl = "no-store, no-cache, must-revalidate, max-age=0"

// NoStoreSensitiveResponses prevents browser or intermediary caching for auth routes.
func NoStoreSensitiveResponses() gin.HandlerFunc {
	return func(c *gin.Context) {
		if shouldDisableCaching(c.FullPath(), c.Request.URL.Path) {
			headers := c.Writer.Header()
			headers.Set("Cache-Control", sensitiveNoStoreCacheControl)
			headers.Set("Pragma", "no-cache")
			headers.Set("Expires", "0")
			headers.Set("Surrogate-Control", "no-store")
		}

		c.Next()
	}
}

func shouldDisableCaching(routePath, requestPath string) bool {
	path := strings.TrimSpace(routePath)
	if path == "" {
		path = strings.TrimSpace(requestPath)
	}
	return strings.HasPrefix(path, "/api/v1/auth")
}
feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers 2026-04-02 11:19:50 +08:00			`package middleware`

			`import (`
			`"strings"`

			`"github.com/gin-gonic/gin"`
			`)`

			`const sensitiveNoStoreCacheControl = "no-store, no-cache, must-revalidate, max-age=0"`

			`// NoStoreSensitiveResponses prevents browser or intermediary caching for auth routes.`
			`func NoStoreSensitiveResponses() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`if shouldDisableCaching(c.FullPath(), c.Request.URL.Path) {`
			`headers := c.Writer.Header()`
			`headers.Set("Cache-Control", sensitiveNoStoreCacheControl)`
			`headers.Set("Pragma", "no-cache")`
			`headers.Set("Expires", "0")`
			`headers.Set("Surrogate-Control", "no-store")`
			`}`

			`c.Next()`
			`}`
			`}`

			`func shouldDisableCaching(routePath, requestPath string) bool {`
			`path := strings.TrimSpace(routePath)`
			`if path == "" {`
			`path = strings.TrimSpace(requestPath)`
			`}`
			`return strings.HasPrefix(path, "/api/v1/auth")`
			`}`