@appwarden/middleware 1.5.1 → 1.6.0

package/cloudflare/nextjs.d.ts

@@ -0,0 +1,60 @@
+import { NextRequest, NextFetchEvent, NextResponse } from 'next/server';
+
+/**
+ * Cloudflare runtime context provided by @opennextjs/cloudflare.
+ * This is the shape of the context returned by getCloudflareContext().
+ */
+interface NextJsCloudflareRuntime {
+    env: CloudflareEnv;
+    ctx: ExecutionContext;
+}
+/**
+ * Configuration for the Appwarden middleware.
+ */
+interface NextJsCloudflareAppwardenConfig {
+    /** The slug/path of the lock page to redirect to when the site is locked */
+    lockPageSlug: string;
+    /** The Appwarden API token for authentication */
+    appwardenApiToken: string;
+    /** Optional custom API hostname (defaults to https://api.appwarden.io) */
+    appwardenApiHostname?: string;
+    /** Enable debug logging */
+    debug?: boolean;
+}
+/**
+ * Configuration function that receives the Cloudflare runtime and returns the config.
+ * This allows dynamic configuration based on environment variables.
+ */
+type NextJsCloudflareConfigFn = (runtime: NextJsCloudflareRuntime) => NextJsCloudflareAppwardenConfig;
+/**
+ * Next.js middleware function signature.
+ * Compatible with both middleware.ts and proxy.ts (Next.js 16+).
+ */
+type NextJsMiddlewareFunction = (request: NextRequest, event?: NextFetchEvent) => Promise<NextResponse>;
+/**
+ * Creates an Appwarden middleware function for Next.js on Cloudflare.
+ *
+ * This middleware checks if the site is locked and redirects to the lock page if so.
+ * It uses @opennextjs/cloudflare to access Cloudflare bindings and context.
+ *
+ * @example
+ * ```typescript
+ * // middleware.ts (or proxy.ts for Next.js 16+)
+ * import { createAppwardenMiddleware } from "@appwarden/middleware/opennext-cloudflare"
+ *
+ * export const config = {
+ *   matcher: ["/((?!api|_next/static|_next/image|favicon.ico).*)"],
+ * }
+ *
+ * export default createAppwardenMiddleware(({ env }) => ({
+ *   lockPageSlug: env.APPWARDEN_LOCK_PAGE_SLUG,
+ *   appwardenApiToken: env.APPWARDEN_API_TOKEN,
+ * }))
+ * ```
+ *
+ * @param configFn - A function that receives the Cloudflare runtime and returns the config
+ * @returns A Next.js middleware function
+ */
+declare function createAppwardenMiddleware(configFn: NextJsCloudflareConfigFn): NextJsMiddlewareFunction;
+
+export { type NextJsCloudflareAppwardenConfig, type NextJsCloudflareConfigFn, type NextJsCloudflareRuntime, type NextJsMiddlewareFunction, createAppwardenMiddleware };

package/cloudflare/nextjs.js

@@ -0,0 +1,77 @@
+import {
+  TEMPORARY_REDIRECT_STATUS,
+  buildLockPageUrl
+} from "../chunk-N6AUTMZO.js";
+import {
+  validateConfig
+} from "../chunk-6PUA5YXP.js";
+import {
+  checkLockStatus
+} from "../chunk-5DEXVBY6.js";
+import {
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "../chunk-B5IE7V77.js";
+import {
+  isHTMLRequest,
+  printMessage
+} from "../chunk-7UTT3M2S.js";
+
+// src/adapters/nextjs-cloudflare.ts
+import {
+  NextResponse
+} from "next/server";
+
+// src/schemas/nextjs-cloudflare.ts
+import { z } from "zod";
+var NextJsCloudflareConfigSchema = z.object({
+  /** The slug/path of the lock page to redirect to when the site is locked */
+  lockPageSlug: z.string(),
+  /** The Appwarden API token for authentication */
+  appwardenApiToken: AppwardenApiTokenSchema,
+  /** Optional custom API hostname (defaults to https://api.appwarden.io) */
+  appwardenApiHostname: z.string().optional(),
+  /** Enable debug logging */
+  debug: BooleanSchema.default(false)
+});
+
+// src/adapters/nextjs-cloudflare.ts
+function createAppwardenMiddleware(configFn) {
+  return async (request, _event) => {
+    try {
+      const { getCloudflareContext } = await import("@opennextjs/cloudflare");
+      const { env, ctx } = await getCloudflareContext();
+      if (!isHTMLRequest(request)) {
+        return NextResponse.next();
+      }
+      const config = configFn({ env, ctx });
+      const hasError = validateConfig(config, NextJsCloudflareConfigSchema);
+      if (hasError) {
+        return NextResponse.next();
+      }
+      const result = await checkLockStatus({
+        request,
+        appwardenApiToken: config.appwardenApiToken,
+        appwardenApiHostname: config.appwardenApiHostname,
+        debug: config.debug,
+        lockPageSlug: config.lockPageSlug,
+        waitUntil: (fn) => ctx.waitUntil(fn)
+      });
+      if (result.isLocked) {
+        const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
+        return NextResponse.redirect(lockPageUrl, TEMPORARY_REDIRECT_STATUS);
+      }
+      return NextResponse.next();
+    } catch (error) {
+      console.error(
+        printMessage(
+          `Unhandled error: ${error instanceof Error ? error.message : String(error)}`
+        )
+      );
+      return NextResponse.next();
+    }
+  };
+}
+export {
+  createAppwardenMiddleware
+};

package/cloudflare/react-router.d.ts

@@ -0,0 +1,63 @@
+/**
+ * Cloudflare context provided by React Router on Cloudflare Workers.
+ * This is the shape of `context.cloudflare` in React Router loaders/actions.
+ */
+interface CloudflareContext {
+    env: CloudflareEnv;
+    ctx: ExecutionContext;
+}
+/**
+ * Configuration for the Appwarden middleware.
+ */
+interface ReactRouterAppwardenConfig {
+    /** The slug/path of the lock page to redirect to when the site is locked */
+    lockPageSlug: string;
+    /** The Appwarden API token for authentication */
+    appwardenApiToken: string;
+    /** Optional custom API hostname (defaults to https://api.appwarden.io) */
+    appwardenApiHostname?: string;
+    /** Enable debug logging */
+    debug?: boolean;
+}
+/**
+ * Configuration function that receives the Cloudflare context and returns the config.
+ * This allows dynamic configuration based on environment variables.
+ */
+type ReactRouterConfigFn = (cloudflare: CloudflareContext) => ReactRouterAppwardenConfig;
+/**
+ * React Router middleware function signature.
+ * This matches the unstable_middleware export type in React Router v7.
+ */
+interface ReactRouterMiddlewareArgs {
+    request: Request;
+    params: Record<string, string | undefined>;
+    context: {
+        cloudflare: CloudflareContext;
+    };
+}
+type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: () => Promise<unknown>) => Promise<unknown>;
+/**
+ * Creates an Appwarden middleware function for React Router.
+ *
+ * This middleware checks if the site is locked and redirects to the lock page if so.
+ * It should be exported from your root route (root.tsx) to protect all routes.
+ *
+ * @example
+ * ```typescript
+ * // app/root.tsx
+ * import { createAppwardenMiddleware } from "@appwarden/middleware/react-router"
+ *
+ * export const unstable_middleware = [
+ *   createAppwardenMiddleware(({ env }) => ({
+ *     lockPageSlug: env.APPWARDEN_LOCK_PAGE_SLUG,
+ *     appwardenApiToken: env.APPWARDEN_API_TOKEN,
+ *   })),
+ * ]
+ * ```
+ *
+ * @param configFn - A function that receives the Cloudflare context and returns the config
+ * @returns A React Router middleware function
+ */
+declare function createAppwardenMiddleware(configFn: ReactRouterConfigFn): ReactRouterMiddlewareFunction;
+
+export { type CloudflareContext, type ReactRouterAppwardenConfig, type ReactRouterConfigFn, type ReactRouterMiddlewareArgs, type ReactRouterMiddlewareFunction, createAppwardenMiddleware };

package/cloudflare/react-router.js

@@ -0,0 +1,83 @@
+import {
+  buildLockPageUrl,
+  createRedirect
+} from "../chunk-N6AUTMZO.js";
+import {
+  validateConfig
+} from "../chunk-6PUA5YXP.js";
+import {
+  checkLockStatus
+} from "../chunk-5DEXVBY6.js";
+import {
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "../chunk-B5IE7V77.js";
+import {
+  isHTMLRequest,
+  printMessage
+} from "../chunk-7UTT3M2S.js";
+
+// src/schemas/react-router-cloudflare.ts
+import { z } from "zod";
+var ReactRouterCloudflareConfigSchema = z.object({
+  /** The slug/path of the lock page to redirect to when the site is locked */
+  lockPageSlug: z.string(),
+  /** The Appwarden API token for authentication */
+  appwardenApiToken: AppwardenApiTokenSchema,
+  /** Optional custom API hostname (defaults to https://api.appwarden.io) */
+  appwardenApiHostname: z.string().optional(),
+  /** Enable debug logging */
+  debug: BooleanSchema.default(false)
+});
+
+// src/adapters/react-router-cloudflare.ts
+function createAppwardenMiddleware(configFn) {
+  return async (args, next) => {
+    const { request, context } = args;
+    try {
+      const cloudflare = context.cloudflare;
+      if (!cloudflare) {
+        console.error(
+          printMessage(
+            "Cloudflare context not found. Make sure you're running on Cloudflare Workers."
+          )
+        );
+        return next();
+      }
+      if (!isHTMLRequest(request)) {
+        return next();
+      }
+      const config = configFn(cloudflare);
+      const hasError = validateConfig(config, ReactRouterCloudflareConfigSchema);
+      if (hasError) {
+        return next();
+      }
+      const result = await checkLockStatus({
+        request,
+        appwardenApiToken: config.appwardenApiToken,
+        appwardenApiHostname: config.appwardenApiHostname,
+        debug: config.debug,
+        lockPageSlug: config.lockPageSlug,
+        waitUntil: (fn) => cloudflare.ctx.waitUntil(fn)
+      });
+      if (result.isLocked) {
+        const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
+        throw createRedirect(lockPageUrl);
+      }
+      return next();
+    } catch (error) {
+      if (error instanceof Response) {
+        throw error;
+      }
+      console.error(
+        printMessage(
+          `Unhandled error: ${error instanceof Error ? error.message : String(error)}`
+        )
+      );
+      return next();
+    }
+  };
+}
+export {
+  createAppwardenMiddleware
+};

package/cloudflare/tanstack-start.d.ts

@@ -0,0 +1,71 @@
+/**
+ * Cloudflare context provided by TanStack Start on Cloudflare Workers.
+ * This is the shape of the cloudflare context available in middleware.
+ */
+interface TanStackStartCloudflareContext {
+    env: CloudflareEnv;
+    ctx: ExecutionContext;
+}
+/**
+ * Configuration for the Appwarden middleware.
+ */
+interface TanStackStartAppwardenConfig {
+    /** The slug/path of the lock page to redirect to when the site is locked */
+    lockPageSlug: string;
+    /** The Appwarden API token for authentication */
+    appwardenApiToken: string;
+    /** Optional custom API hostname (defaults to https://api.appwarden.io) */
+    appwardenApiHostname?: string;
+    /** Enable debug logging */
+    debug?: boolean;
+}
+/**
+ * Configuration function that receives the Cloudflare context and returns the config.
+ * This allows dynamic configuration based on environment variables.
+ */
+type TanStackStartConfigFn = (cloudflare: TanStackStartCloudflareContext) => TanStackStartAppwardenConfig;
+/**
+ * TanStack Start middleware server callback arguments.
+ * This matches the shape of arguments passed to createMiddleware().server().
+ */
+interface TanStackStartMiddlewareArgs {
+    request: Request;
+    next: () => Promise<unknown>;
+    context: {
+        cloudflare?: TanStackStartCloudflareContext;
+        [key: string]: unknown;
+    };
+}
+/**
+ * TanStack Start middleware function signature.
+ * This matches the return type of createMiddleware().server().
+ */
+type TanStackStartMiddlewareFunction = (args: TanStackStartMiddlewareArgs) => Promise<unknown>;
+/**
+ * Creates an Appwarden middleware function for TanStack Start.
+ *
+ * This middleware checks if the site is locked and throws a redirect to the lock page if so.
+ * It should be added to the `requestMiddleware` array in your `src/start.ts` file.
+ *
+ * @example
+ * ```typescript
+ * // src/start.ts
+ * import { createStart } from "@tanstack/react-start"
+ * import { createAppwardenMiddleware } from "@appwarden/middleware/tanstack-start"
+ *
+ * const appwardenMiddleware = createAppwardenMiddleware(({ env }) => ({
+ *   lockPageSlug: env.APPWARDEN_LOCK_PAGE_SLUG,
+ *   appwardenApiToken: env.APPWARDEN_API_TOKEN,
+ * }))
+ *
+ * export const startInstance = createStart(() => ({
+ *   requestMiddleware: [appwardenMiddleware],
+ * }))
+ * ```
+ *
+ * @param configFn - A function that receives the Cloudflare context and returns the config
+ * @returns A TanStack Start middleware function
+ */
+declare function createAppwardenMiddleware(configFn: TanStackStartConfigFn): TanStackStartMiddlewareFunction;
+
+export { type TanStackStartAppwardenConfig, type TanStackStartCloudflareContext, type TanStackStartConfigFn, type TanStackStartMiddlewareArgs, type TanStackStartMiddlewareFunction, createAppwardenMiddleware };

package/cloudflare/tanstack-start.js

@@ -0,0 +1,86 @@
+import {
+  buildLockPageUrl,
+  createRedirect
+} from "../chunk-N6AUTMZO.js";
+import {
+  validateConfig
+} from "../chunk-6PUA5YXP.js";
+import {
+  checkLockStatus
+} from "../chunk-5DEXVBY6.js";
+import {
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "../chunk-B5IE7V77.js";
+import {
+  isHTMLRequest,
+  printMessage
+} from "../chunk-7UTT3M2S.js";
+
+// src/schemas/tanstack-start-cloudflare.ts
+import { z } from "zod";
+var TanStackStartCloudflareConfigSchema = z.object({
+  /** The slug/path of the lock page to redirect to when the site is locked */
+  lockPageSlug: z.string(),
+  /** The Appwarden API token for authentication */
+  appwardenApiToken: AppwardenApiTokenSchema,
+  /** Optional custom API hostname (defaults to https://api.appwarden.io) */
+  appwardenApiHostname: z.string().optional(),
+  /** Enable debug logging */
+  debug: BooleanSchema.default(false)
+});
+
+// src/adapters/tanstack-start-cloudflare.ts
+function createAppwardenMiddleware(configFn) {
+  return async (args) => {
+    const { request, next, context } = args;
+    try {
+      const cloudflare = context.cloudflare;
+      if (!cloudflare) {
+        console.error(
+          printMessage(
+            "Cloudflare context not found. Ensure running on Cloudflare Workers with proper context setup."
+          )
+        );
+        return next();
+      }
+      if (!isHTMLRequest(request)) {
+        return next();
+      }
+      const config = configFn(cloudflare);
+      const hasError = validateConfig(
+        config,
+        TanStackStartCloudflareConfigSchema
+      );
+      if (hasError) {
+        return next();
+      }
+      const result = await checkLockStatus({
+        request,
+        appwardenApiToken: config.appwardenApiToken,
+        appwardenApiHostname: config.appwardenApiHostname,
+        debug: config.debug,
+        lockPageSlug: config.lockPageSlug,
+        waitUntil: (fn) => cloudflare.ctx.waitUntil(fn)
+      });
+      if (result.isLocked) {
+        const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
+        throw createRedirect(lockPageUrl);
+      }
+      return next();
+    } catch (error) {
+      if (error instanceof Response) {
+        throw error;
+      }
+      console.error(
+        printMessage(
+          `Unhandled error: ${error instanceof Error ? error.message : String(error)}`
+        )
+      );
+      return next();
+    }
+  };
+}
+export {
+  createAppwardenMiddleware
+};

package/cloudflare.d.ts

@@ -1,17 +1,8 @@
-import { B as Bindings } from './cloudflare-0sboFQGC.js';
+import { M as Middleware, B as Bindings } from './use-content-security-policy-Bh2qDCKv.js';
+export { u as useContentSecurityPolicy } from './use-content-security-policy-Bh2qDCKv.js';
 import { z } from 'zod';
-import { M as Middleware } from './use-content-security-policy-D4ccKJVd.js';
-export { u as useContentSecurityPolicy } from './use-content-security-policy-D4ccKJVd.js';
 
-declare const ConfigFnInputSchema: z.ZodFunction<z.ZodTuple<[z.ZodType<{
-    env: CloudflareEnv;
-    cf: Record<string, unknown>;
-    ctx: unknown;
-}, z.ZodTypeDef, {
-    env: CloudflareEnv;
-    cf: Record<string, unknown>;
-    ctx: unknown;
-}>], z.ZodUnknown>, z.ZodEffects<z.ZodObject<{
+declare const UseAppwardenInputSchema: z.ZodObject<{
     debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
     lockPageSlug: z.ZodOptional<z.ZodString>;
     multidomainConfig: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
@@ -23,20 +14,9 @@ declare const ConfigFnInputSchema: z.ZodFunction<z.ZodTuple<[z.ZodType<{
     }>>>;
     appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
     appwardenApiHostname: z.ZodOptional<z.ZodString>;
-} & {
-    middleware: z.ZodDefault<z.ZodObject<{
-        before: z.ZodDefault<z.ZodArray<z.ZodType<Middleware, z.ZodTypeDef, Middleware>, "many">>;
-    }, "strip", z.ZodTypeAny, {
-        before: Middleware[];
-    }, {
-        before?: Middleware[] | undefined;
-    }>>;
 }, "strip", z.ZodTypeAny, {
     debug: boolean;
     appwardenApiToken: string;
-    middleware: {
-        before: Middleware[];
-    };
     lockPageSlug?: string | undefined;
     multidomainConfig?: Record<string, {
         lockPageSlug: string;
@@ -44,18 +24,21 @@ declare const ConfigFnInputSchema: z.ZodFunction<z.ZodTuple<[z.ZodType<{
     appwardenApiHostname?: string | undefined;
 }, {
     appwardenApiToken: string;
-    lockPageSlug?: string | undefined;
     debug?: string | boolean | undefined;
+    lockPageSlug?: string | undefined;
     multidomainConfig?: Record<string, {
         lockPageSlug: string;
     }> | undefined;
     appwardenApiHostname?: string | undefined;
-    middleware?: {
-        before?: Middleware[] | undefined;
-    } | undefined;
-}>, any, any>>;
-type CloudflareConfigType = ReturnType<z.infer<typeof ConfigFnInputSchema>>;
+}>;
+
+type CloudflareConfigType = z.infer<typeof UseAppwardenInputSchema> & {
+    middleware: {
+        before: Middleware[];
+        after: Middleware[];
+    };
+};
 
-declare const withAppwarden: (inputFn: CloudflareConfigType) => ExportedHandlerFetchHandler<Bindings>;
+declare const createAppwardenMiddleware: (inputFn: CloudflareConfigType) => ExportedHandlerFetchHandler<Bindings>;
 
-export { withAppwarden };
+export { createAppwardenMiddleware };