From dc83a6c710bac6479e1d218b70d3a7e948860841 Mon Sep 17 00:00:00 2001
From: Koala Yeung <koalay@gmail.com>
Date: Thu, 19 Jul 2018 12:44:49 +0800
Subject: [PATCH] readme: add filter example

* add filter example.
* add TODO in filter code to remind future development needs.
---
 README.md  | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 session.go |  2 ++
 2 files changed, 50 insertions(+)

diff --git a/README.md b/README.md
index b8b911c..6803cdf 100644
--- a/README.md
+++ b/README.md
@@ -321,6 +321,54 @@ func main() {
 [fastcgi-authorizer]: http://www.mit.edu/~yandros/doc/specs/fcgi-spec.html#S6.3
 
 
+#### FastCGI Filter
+
+FastCGI specified a [filter role][fastcgi-filter] for filtering web server
+assets before sending out. As different from a usual FastCGI application
+(i.e. **responder**), the requested data is on the web server side. So the
+web server will pass those data to the application when requested.
+
+<details>
+<summary>Code</summary>
+<div>
+
+```go
+
+package main
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/yookoala/gofast"
+)
+
+func main() {
+	address := os.Getenv("FASTCGI_ADDR")
+	connFactory := gofast.SimpleConnFactory("tcp", address)
+	clientFactory := gofast.SimpleClientFactory(connFactory, 0)
+
+	// Note: The local file system "/var/www/html/" only need to be
+	// local to web server. No need for the FastCGI application to access
+	// it directly.
+	connFactory := gofast.SimpleConnFactory(network, address)
+	http.Handle("/", gofast.NewHandler(
+		gofast.NewFilterLocalFS("/var/www/html/")(gofast.BasicSession),
+		clientFactory,
+	))
+
+	// serve at 8080 port
+	log.Fatal(http.ListenAndServe(":8080", nil))
+}
+
+```
+
+</div>
+</details>
+
+[fastcgi-filter]: http://www.mit.edu/~yandros/doc/specs/fcgi-spec.html#S6.4
+
+
 #### Pooling Clients
 
 To have a better, more controlled, scaling property, you may
diff --git a/session.go b/session.go
index 42d1c3d..5641cac 100644
--- a/session.go
+++ b/session.go
@@ -314,6 +314,8 @@ func MapEndpoint(endpointFile string) Middleware {
 //
 // If the file do not exists or cannot be opened, the middleware
 // will return empty response pipe and the error.
+//
+// TODO: provide way to inject authorization check
 func MapFilterRequest(fs http.FileSystem) Middleware {
 	return func(inner SessionHandler) SessionHandler {
 		return func(client Client, req *Request) (*ResponsePipe, error) {