@appwarden/middleware 1.0.16

package/chunk-JXIVUR6E.js

@@ -0,0 +1,186 @@
+import {
+  AppwardenConfigSchema,
+  CloudflareConfigFnOutputSchema,
+  MemoryCache,
+  NextJsConfigFnOutputSchema,
+  createResponse,
+  debug,
+  globalErrors,
+  handleResetCache,
+  handleVercelRequest,
+  isResetCacheRequest,
+  maybeQuarantine,
+  printMessage,
+  renderLockPage,
+  store,
+  syncEdgeValue,
+  useAppwarden,
+  usePipeline
+} from "./chunk-C7APN7T6.js";
+
+// src/runners/appwarden-on-cloudflare.ts
+var appwardenOnCloudflare = (inputFn) => async (request, env, ctx) => {
+  const parsedInput = CloudflareConfigFnOutputSchema.safeParse(inputFn);
+  if (!parsedInput.success) {
+    throw new Error(
+      printMessage(`Input validation failed ${parsedInput.error.message}`)
+    );
+  }
+  const context = {
+    request,
+    hostname: new URL(request.url).host,
+    response: new Response("Unhandled response"),
+    // https://developers.cloudflare.com/workers/observability/errors/#illegal-invocation-errors
+    waitUntil: (fn) => ctx.waitUntil(fn)
+  };
+  try {
+    const input = parsedInput.data({ env, ctx, cf: {} });
+    const pipeline = [...input.middleware.before, useAppwarden(input)];
+    await usePipeline(...pipeline).execute(context);
+  } catch (error) {
+    if (error instanceof Error) {
+      context.response = createResponse(error.message, 500);
+    }
+  }
+  return context.response;
+};
+
+// src/runners/appwarden-on-pages-next-js.ts
+import { getRequestContext } from "@cloudflare/next-on-pages";
+import { NextResponse } from "next/server";
+debug("Instantiating isolate");
+var appwardenOnPagesNextJs = (inputFn) => async (request, event) => {
+  const parsedInput = NextJsConfigFnOutputSchema.safeParse(inputFn);
+  if (!parsedInput.success) {
+    console.error(
+      printMessage(`Input validation failed ${parsedInput.error.message}`)
+    );
+    return null;
+  }
+  const input = parsedInput.data(getRequestContext());
+  try {
+    const requestUrl = new URL(request.url);
+    const provider = "cloudflare-cache";
+    const keyName = "appwarden-lock";
+    const edgeCache = store.json(
+      {
+        serviceOrigin: requestUrl.origin,
+        cache: await caches.open("appwarden:lock")
+      },
+      keyName
+    );
+    if (isResetCacheRequest(request)) {
+      await handleResetCache(keyName, provider, edgeCache, request);
+      return NextResponse.next();
+    }
+    const acceptHeader = request.headers.get("accept");
+    const isHTMLRequest = acceptHeader?.includes("text/html");
+    debug({
+      acceptHeader,
+      isHTMLRequest,
+      url: requestUrl.pathname
+    });
+    if (isHTMLRequest) {
+      let appwardenResponse = void 0;
+      const context = {
+        keyName,
+        request,
+        edgeCache,
+        requestUrl,
+        provider,
+        waitUntil: (fn) => event.waitUntil(fn),
+        ...input
+      };
+      await maybeQuarantine(context, {
+        onLocked: async () => {
+          appwardenResponse = renderLockPage(context);
+        }
+      });
+      if (appwardenResponse) {
+        return appwardenResponse;
+      }
+    }
+  } catch (e) {
+    const message = "Appwarden encountered an unknown error. Please contact Appwarden support at https://appwarden.io/join-community.";
+    console.error(
+      printMessage(
+        e instanceof Error ? `${message} - ${e.message}
+${e.stack}` : message
+      )
+    );
+  }
+  return NextResponse.next();
+};
+
+// src/runners/appwarden-on-vercel.ts
+import { NextResponse as NextResponse2 } from "next/server";
+debug("Instantiating isolate");
+var renderLockPage2 = (context) => {
+  context.req.nextUrl.pathname = context.lockPageSlug;
+  return NextResponse2.rewrite(context.req.nextUrl, {
+    headers: {
+      // no browser caching, otherwise we need to hard refresh to disable lock screen
+      "Cache-Control": "no-store"
+    }
+  });
+};
+var memoryCache = new MemoryCache({ maxSize: 1 });
+var appwardenOnVercel = (input) => async (req, event) => {
+  const parsedConfig = AppwardenConfigSchema.safeParse(input);
+  if (!parsedConfig.success) {
+    console.error(
+      printMessage(`Input validation failed ${parsedConfig.error.message}`)
+    );
+    return null;
+  }
+  try {
+    const requestUrl = new URL(req.url);
+    const acceptHeader = req.headers.get("accept");
+    const isHTMLRequest = acceptHeader?.includes("text/html");
+    debug({
+      acceptHeader,
+      isHTMLRequest,
+      url: requestUrl.pathname
+    });
+    if (isHTMLRequest) {
+      let appwardenResponse = void 0;
+      const context = {
+        req,
+        event,
+        requestUrl,
+        memoryCache,
+        waitUntil: (fn) => event.waitUntil(fn),
+        keyName: "appwarden-lock",
+        ...parsedConfig.data
+      };
+      const cacheValue = await handleVercelRequest(context, {
+        onLocked: () => {
+          appwardenResponse = renderLockPage2(context);
+        }
+      });
+      const shouldRecheck = MemoryCache.isExpired(cacheValue);
+      if (!cacheValue || shouldRecheck) {
+        event.waitUntil(syncEdgeValue(context));
+      }
+      if (appwardenResponse) {
+        return appwardenResponse;
+      }
+    }
+  } catch (e) {
+    const message = "Appwarden encountered an unknown error. Please contact Appwarden support at https://appwarden.io/join-community.";
+    if (e instanceof Error) {
+      if (!globalErrors.includes(e.message)) {
+        console.error(printMessage(`${message} - ${e.message}`));
+      }
+    } else {
+      console.error(printMessage(message));
+    }
+  }
+  return NextResponse2.next();
+};
+
+export {
+  appwardenOnCloudflare,
+  appwardenOnPagesNextJs,
+  appwardenOnVercel
+};

package/cloudflare-hVS30fDq.d.ts

@@ -0,0 +1,99 @@
+import { z } from 'zod';
+
+declare const ContentSecurityPolicySchema: z.ZodObject<{
+    "default-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "script-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "style-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "img-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "connect-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "font-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "object-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "media-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "frame-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    sandbox: z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "report-uri": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "child-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "form-action": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "frame-ancestors": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "plugin-types": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "base-uri": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "report-to": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "worker-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "manifest-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "prefetch-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "navigate-to": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "require-sri-for": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "block-all-mixed-content": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "upgrade-insecure-requests": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "trusted-types": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+    "require-trusted-types-for": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+}, "strip", z.ZodTypeAny, {
+    "default-src"?: string | boolean | string[] | undefined;
+    "script-src"?: string | boolean | string[] | undefined;
+    "style-src"?: string | boolean | string[] | undefined;
+    "img-src"?: string | boolean | string[] | undefined;
+    "connect-src"?: string | boolean | string[] | undefined;
+    "font-src"?: string | boolean | string[] | undefined;
+    "object-src"?: string | boolean | string[] | undefined;
+    "media-src"?: string | boolean | string[] | undefined;
+    "frame-src"?: string | boolean | string[] | undefined;
+    sandbox?: string | boolean | string[] | undefined;
+    "report-uri"?: string | boolean | string[] | undefined;
+    "child-src"?: string | boolean | string[] | undefined;
+    "form-action"?: string | boolean | string[] | undefined;
+    "frame-ancestors"?: string | boolean | string[] | undefined;
+    "plugin-types"?: string | boolean | string[] | undefined;
+    "base-uri"?: string | boolean | string[] | undefined;
+    "report-to"?: string | boolean | string[] | undefined;
+    "worker-src"?: string | boolean | string[] | undefined;
+    "manifest-src"?: string | boolean | string[] | undefined;
+    "prefetch-src"?: string | boolean | string[] | undefined;
+    "navigate-to"?: string | boolean | string[] | undefined;
+    "require-sri-for"?: string | boolean | string[] | undefined;
+    "block-all-mixed-content"?: string | boolean | string[] | undefined;
+    "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+    "trusted-types"?: string | boolean | string[] | undefined;
+    "require-trusted-types-for"?: string | boolean | string[] | undefined;
+}, {
+    "default-src"?: string | boolean | string[] | undefined;
+    "script-src"?: string | boolean | string[] | undefined;
+    "style-src"?: string | boolean | string[] | undefined;
+    "img-src"?: string | boolean | string[] | undefined;
+    "connect-src"?: string | boolean | string[] | undefined;
+    "font-src"?: string | boolean | string[] | undefined;
+    "object-src"?: string | boolean | string[] | undefined;
+    "media-src"?: string | boolean | string[] | undefined;
+    "frame-src"?: string | boolean | string[] | undefined;
+    sandbox?: string | boolean | string[] | undefined;
+    "report-uri"?: string | boolean | string[] | undefined;
+    "child-src"?: string | boolean | string[] | undefined;
+    "form-action"?: string | boolean | string[] | undefined;
+    "frame-ancestors"?: string | boolean | string[] | undefined;
+    "plugin-types"?: string | boolean | string[] | undefined;
+    "base-uri"?: string | boolean | string[] | undefined;
+    "report-to"?: string | boolean | string[] | undefined;
+    "worker-src"?: string | boolean | string[] | undefined;
+    "manifest-src"?: string | boolean | string[] | undefined;
+    "prefetch-src"?: string | boolean | string[] | undefined;
+    "navigate-to"?: string | boolean | string[] | undefined;
+    "require-sri-for"?: string | boolean | string[] | undefined;
+    "block-all-mixed-content"?: string | boolean | string[] | undefined;
+    "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+    "trusted-types"?: string | boolean | string[] | undefined;
+    "require-trusted-types-for"?: string | boolean | string[] | undefined;
+}>;
+type ContentSecurityPolicyType = z.infer<typeof ContentSecurityPolicySchema>;
+
+declare global {
+    interface CloudflareEnv extends Bindings {
+    }
+}
+type Bindings = {
+    DEBUG: string | boolean;
+    LOCK_PAGE_SLUG: string;
+    CSP_ENFORCED: string | boolean;
+    CSP_DIRECTIVES: string | ContentSecurityPolicyType;
+    APPWARDEN_API_TOKEN: string;
+};
+
+export type { Bindings as B };

package/cloudflare.d.ts

@@ -0,0 +1,47 @@
+import { B as Bindings } from './cloudflare-hVS30fDq.js';
+import { z } from 'zod';
+import { M as Middleware } from './use-content-security-policy-BtEGGIeu.js';
+export { u as useContentSecurityPolicy } from './use-content-security-policy-BtEGGIeu.js';
+
+declare const ConfigFnInputSchema: z.ZodFunction<z.ZodTuple<[z.ZodType<{
+    env: CloudflareEnv;
+    cf: Record<string, unknown>;
+    ctx: unknown;
+}, z.ZodTypeDef, {
+    env: CloudflareEnv;
+    cf: Record<string, unknown>;
+    ctx: unknown;
+}>], z.ZodUnknown>, z.ZodObject<z.objectUtil.extendShape<z.objectUtil.extendShape<{
+    debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
+    appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
+    lockPageSlug: z.ZodString;
+}, {
+    middleware: z.ZodDefault<z.ZodObject<{
+        before: z.ZodDefault<z.ZodArray<z.ZodType<Middleware, z.ZodTypeDef, Middleware>, "many">>;
+    }, "strip", z.ZodTypeAny, {
+        before: Middleware[];
+    }, {
+        before?: Middleware[] | undefined;
+    }>>;
+}>, {
+    debug: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>;
+}>, "strip", z.ZodTypeAny, {
+    lockPageSlug: string;
+    appwardenApiToken: string;
+    middleware: {
+        before: Middleware[];
+    };
+    debug?: string | boolean | undefined;
+}, {
+    lockPageSlug: string;
+    appwardenApiToken: string;
+    debug?: string | boolean | undefined;
+    middleware?: {
+        before?: Middleware[] | undefined;
+    } | undefined;
+}>>;
+type CloudflareConfigInputFnType = z.infer<typeof ConfigFnInputSchema>;
+
+declare const withAppwardenOnCloudflare: (inputFn: CloudflareConfigInputFnType) => ExportedHandlerFetchHandler<Bindings>;
+
+export { withAppwardenOnCloudflare };

package/cloudflare.js

@@ -0,0 +1,13 @@
+import {
+  appwardenOnCloudflare
+} from "./chunk-JXIVUR6E.js";
+import {
+  useContentSecurityPolicy
+} from "./chunk-C7APN7T6.js";
+
+// src/bundles/cloudflare.ts
+var withAppwardenOnCloudflare = appwardenOnCloudflare;
+export {
+  useContentSecurityPolicy,
+  withAppwardenOnCloudflare
+};

package/index.d.ts

@@ -0,0 +1,25 @@
+export { B as Bindings } from './cloudflare-hVS30fDq.js';
+export { C as CSPDirectivesSchema, a as CSPEnforcedSchema, M as Middleware, u as useContentSecurityPolicy } from './use-content-security-policy-BtEGGIeu.js';
+import { z } from 'zod';
+
+declare const LOCKDOWN_TEST_EXPIRY_MS: number;
+
+declare const LockValue: z.ZodObject<{
+    isLocked: z.ZodNumber;
+    isLockedTest: z.ZodNumber;
+    lastCheck: z.ZodNumber;
+    code: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    isLocked: number;
+    isLockedTest: number;
+    lastCheck: number;
+    code: string;
+}, {
+    isLocked: number;
+    isLockedTest: number;
+    lastCheck: number;
+    code: string;
+}>;
+type LockValueType = z.infer<typeof LockValue>;
+
+export { LOCKDOWN_TEST_EXPIRY_MS, type LockValueType };

package/index.js

@@ -0,0 +1,12 @@
+import {
+  CSPDirectivesSchema,
+  CSPEnforcedSchema,
+  LOCKDOWN_TEST_EXPIRY_MS,
+  useContentSecurityPolicy
+} from "./chunk-C7APN7T6.js";
+export {
+  CSPDirectivesSchema,
+  CSPEnforcedSchema,
+  LOCKDOWN_TEST_EXPIRY_MS,
+  useContentSecurityPolicy
+};

package/nextjs-on-pages.d.ts

@@ -0,0 +1,30 @@
+import * as next_server from 'next/server';
+import './cloudflare-hVS30fDq.js';
+import { z } from 'zod';
+
+declare const NextJsConfigFnOutputSchema: z.ZodFunction<z.ZodTuple<[z.ZodType<{
+    env: CloudflareEnv;
+    cf: Record<string, unknown>;
+    ctx: unknown;
+}, z.ZodTypeDef, {
+    env: CloudflareEnv;
+    cf: Record<string, unknown>;
+    ctx: unknown;
+}>], z.ZodUnknown>, z.ZodObject<{
+    debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
+    appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
+    lockPageSlug: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    lockPageSlug: string;
+    appwardenApiToken: string;
+    debug: boolean;
+}, {
+    lockPageSlug: string;
+    appwardenApiToken: string;
+    debug?: string | boolean | undefined;
+}>>;
+type NextJsConfigFnType = z.infer<typeof NextJsConfigFnOutputSchema>;
+
+declare const withAppwardenOnPagesNextJs: (inputFn: NextJsConfigFnType) => next_server.NextMiddleware;
+
+export { withAppwardenOnPagesNextJs };

package/nextjs-on-pages.js

@@ -0,0 +1,10 @@
+import {
+  appwardenOnPagesNextJs
+} from "./chunk-JXIVUR6E.js";
+import "./chunk-C7APN7T6.js";
+
+// src/bundles/pages-nextjs.ts
+var withAppwardenOnPagesNextJs = appwardenOnPagesNextJs;
+export {
+  withAppwardenOnPagesNextJs
+};

package/package.json

@@ -0,0 +1,36 @@
+{
+  "name": "@appwarden/middleware",
+  "version": "1.0.16",
+  "description": "Instantly shut off access your app deployed on Cloudflare or Vercel",
+  "type": "module",
+  "license": "MIT",
+  "author": "Appwarden <support@appwarden.io>",
+  "main": "./index.js",
+  "types": "./index.d.ts",
+  "keywords": [
+    "appwarden",
+    "nextjs",
+    "remixjs",
+    "cloudflare",
+    "web3",
+    "monitoring"
+  ],
+  "dependencies": {
+    "@cloudflare/next-on-pages": "1.13.2",
+    "@upstash/redis": "^1.30.0",
+    "@vercel/edge-config": "^1.1.0",
+    "zod": "^3"
+  },
+  "peerDependencies": {
+    "next": ">=13"
+  },
+  "peerDependenciesMeta": {
+    "next": {
+      "optional": true
+    }
+  },
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org",
+    "access": "public"
+  }
+}