feat: backend core - auth, user, role, permission, device, webhook, monitoring, cache, repository, service, middleware, API handlers

internal/api/middleware/cache_control.go

@@ -0,0 +1,32 @@
+package middleware
+
+import (
+	"strings"
+
+	"github.com/gin-gonic/gin"
+)
+
+const sensitiveNoStoreCacheControl = "no-store, no-cache, must-revalidate, max-age=0"
+
+// NoStoreSensitiveResponses prevents browser or intermediary caching for auth routes.
+func NoStoreSensitiveResponses() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		if shouldDisableCaching(c.FullPath(), c.Request.URL.Path) {
+			headers := c.Writer.Header()
+			headers.Set("Cache-Control", sensitiveNoStoreCacheControl)
+			headers.Set("Pragma", "no-cache")
+			headers.Set("Expires", "0")
+			headers.Set("Surrogate-Control", "no-store")
+		}
+
+		c.Next()
+	}
+}
+
+func shouldDisableCaching(routePath, requestPath string) bool {
+	path := strings.TrimSpace(routePath)
+	if path == "" {
+		path = strings.TrimSpace(requestPath)
+	}
+	return strings.HasPrefix(path, "/api/v1/auth")
+}