@appwarden/middleware 1.5.1 → 2.0.0

package/README.md

@@ -1,6 +1,6 @@
 # @appwarden/middleware
 
-![Test Coverage](https://img.shields.io/badge/coverage-97%25-brightgreen)
+![Test Coverage](https://img.shields.io/badge/coverage-95.82%25-brightgreen)
 [![npm version](https://img.shields.io/npm/v/@appwarden/middleware.svg)](https://www.npmjs.com/package/@appwarden/middleware)
 [![npm provenance](https://img.shields.io/badge/npm-provenance-green)](https://docs.npmjs.com/generating-provenance-statements)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
@@ -13,7 +13,7 @@
 
 - **Instant Quarantine**: Immediately redirects all visitors to a maintenance page when activated
 - **Discord Integration**: Trigger lockdowns via Discord commands (`/quarantine lock your.app.io`)
-- **Nonce-based Content Security Policy**: On Cloudflare, deploy a nonce-based Content Security Policy to supercharge your website security
+- **Nonce-based Content Security Policy (Cloudflare only)**: Deploy a nonce-based Content Security Policy to supercharge your website security
 - **Minimal Runtime Overhead**: Negligible performance impact by using `event.waitUntil` for status checks
 
 ## Installation
@@ -22,57 +22,26 @@ Compatible with websites powered by [Cloudflare](https://developers.cloudflare.c
 
 For detailed usage instructions, please refer to our [documentation](https://appwarden.io/docs).
 
-### Cloudflare
-
-We recommend using the [`@appwarden/build-cloudflare-action`](https://github.com/appwarden/build-cloudflare-action) Github Action to deploy automatically on Cloudflare.
-
-> Read the docs [to get started](https://appwarden.io/docs/guides/cloudflare-integration)
-
-```typescript
-import {
-  withAppwarden,
-  useContentSecurityPolicy,
-} from "@appwarden/middleware/cloudflare"
-
-export default {
-  fetch: withAppwarden((context) => ({
-    debug: context.env.DEBUG,
-    lockPageSlug: context.env.LOCK_PAGE_SLUG,
-    appwardenApiToken: context.env.APPWARDEN_API_TOKEN,
-    middleware: {
-      before: [
-        useContentSecurityPolicy({
-          mode: "enforced",
-          directives: {
-            "script-src": ["self", "{{nonce}}"],
-            "style-src": ["self", "{{nonce}}"],
-          },
-        }),
-      ],
-    },
-  })),
-}
-```
+## Supported Frameworks
 
-### Vercel
+### On Cloudflare
 
-> Read the docs [to get started](https://appwarden.io/docs/guides/vercel-integration)
+Cloudflare has two deployment options: [pages.dev](https://pages.dev) and [Workers static assets](https://developers.cloudflare.com/workers/static-assets/). We support both.
 
-```typescript
-import { withAppwarden } from "@appwarden/middleware/vercel"
+#### On pages.dev
 
-export default withAppwarden({
-  cacheUrl: process.env.EDGE_CONFIG_URL || process.env.UPSTASH_URL,
-  appwardenApiToken: process.env.APPWARDEN_API_TOKEN,
-  vercelApiToken: process.env.VERCEL_API_TOKEN,
-  lockPageSlug: "/maintenance",
-})
+- [All websites on pages.dev](https://appwarden.io/docs/guides/cloudflare-integration)
 
-// Configures middleware to match all routes
-export const config = {
-  matcher: ["/((?!api|_next/static|_next/image|favicon.ico).*)"],
-}
-```
+#### On Workers static assets
+
+- [Astro](https://appwarden.io/docs/guides/astro-cloudflare)
+- [React Router](https://appwarden.io/docs/guides/react-router-cloudflare)
+- [TanStack Start](https://appwarden.io/docs/guides/tanstack-start-cloudflare)
+- [Next.js](https://appwarden.io/docs/guides/nextjs-cloudflare)
+
+### On Vercel
+
+- [All websites on Vercel](https://appwarden.io/docs/guides/vercel-integration)
 
 ## Contributing
 

package/chunk-5DEXVBY6.js

@@ -0,0 +1,232 @@
+import {
+  LockValue,
+  MemoryCache
+} from "./chunk-B5IE7V77.js";
+import {
+  APPWARDEN_CACHE_KEY,
+  APPWARDEN_TEST_ROUTE,
+  debug,
+  printMessage
+} from "./chunk-7UTT3M2S.js";
+
+// src/utils/cloudflare/cloudflare-cache.ts
+var store = {
+  json: (context, cacheKey, options) => {
+    const cacheKeyUrl = new URL(cacheKey, context.serviceOrigin);
+    return {
+      getValue: () => getCacheValue(context, cacheKeyUrl),
+      updateValue: (json) => updateCacheValue(context, cacheKeyUrl, json, options?.ttl),
+      deleteValue: () => clearCache(context, cacheKeyUrl)
+    };
+  }
+};
+var getCacheValue = async (context, cacheKey) => {
+  const match = await context.cache.match(cacheKey);
+  if (!match) {
+    debug(`[${cacheKey.pathname}] Cache MISS!`);
+    return void 0;
+  }
+  debug(`[${cacheKey.pathname}] Cache MATCH!`);
+  return match;
+};
+var updateCacheValue = async (context, cacheKey, value, ttl) => {
+  debug(
+    "updating cache...",
+    cacheKey.href,
+    value,
+    ttl ? `expires in ${ttl}s` : ""
+  );
+  await context.cache.put(
+    cacheKey,
+    new Response(JSON.stringify(value), {
+      headers: {
+        "content-type": "application/json",
+        ...ttl && {
+          "cache-control": `max-age=${ttl}`
+        }
+      }
+    })
+  );
+};
+var clearCache = (context, cacheKey) => context.cache.delete(cacheKey);
+
+// src/utils/cloudflare/delete-edge-value.ts
+var deleteEdgeValue = async (context) => {
+  try {
+    switch (context.provider) {
+      case "cloudflare-cache": {
+        const success = await context.edgeCache.deleteValue();
+        if (!success) {
+          throw new Error();
+        }
+        break;
+      }
+      default:
+        throw new Error(`Unsupported provider: ${context.provider}`);
+    }
+  } catch (e) {
+    const message = "Failed to delete edge value";
+    console.error(
+      printMessage(e instanceof Error ? `${message} - ${e.message}` : message)
+    );
+  }
+};
+
+// src/utils/cloudflare/get-lock-value.ts
+var getLockValue = async (context) => {
+  try {
+    let shouldDeleteEdgeValue = false;
+    let cacheResponse, lockValue = {
+      isLocked: 0,
+      isLockedTest: 0,
+      lastCheck: Date.now(),
+      code: ""
+    };
+    switch (context.provider) {
+      case "cloudflare-cache": {
+        cacheResponse = await context.edgeCache.getValue();
+        break;
+      }
+      default:
+        throw new Error(`Unsupported provider: ${context.provider}`);
+    }
+    if (!cacheResponse) {
+      return { lockValue: void 0 };
+    }
+    try {
+      const clonedResponse = cacheResponse?.clone();
+      lockValue = LockValue.parse(
+        clonedResponse ? await clonedResponse.json() : void 0
+      );
+    } catch (error) {
+      console.error(
+        printMessage(
+          `Failed to parse ${context.keyName} from edge cache - ${error}`
+        )
+      );
+      shouldDeleteEdgeValue = true;
+    }
+    return { lockValue, shouldDeleteEdgeValue };
+  } catch (e) {
+    const message = "Failed to retrieve edge value";
+    console.error(
+      printMessage(e instanceof Error ? `${message} - ${e.message}` : message)
+    );
+    return { lockValue: void 0 };
+  }
+};
+
+// src/utils/cloudflare/sync-edge-value.ts
+var APIError = class extends Error {
+  constructor(message) {
+    super(message);
+    this.name = "APIError";
+  }
+};
+var DEFAULT_API_HOSTNAME = "https://api.appwarden.io";
+var syncEdgeValue = async (context) => {
+  debug(`syncing with api`);
+  try {
+    const apiHostname = context.appwardenApiHostname ?? DEFAULT_API_HOSTNAME;
+    const response = await fetch(new URL("/v1/status/check", apiHostname), {
+      method: "POST",
+      headers: { "content-type": "application/json" },
+      body: JSON.stringify({
+        service: "cloudflare",
+        provider: context.provider,
+        fqdn: context.requestUrl.hostname,
+        appwardenApiToken: context.appwardenApiToken
+      })
+    });
+    if (response.status !== 200) {
+      throw new Error(`${response.status} ${response.statusText}`);
+    }
+    if (response.headers.get("content-type")?.includes("application/json")) {
+      const result = await response.json();
+      if (result.error) {
+        throw new APIError(result.error.message);
+      }
+      if (!result.content) {
+        throw new APIError("no content from api");
+      }
+      try {
+        const parsedValue = LockValue.omit({ lastCheck: true }).parse(
+          result.content
+        );
+        debug(`syncing with api...DONE ${JSON.stringify(parsedValue, null, 2)}`);
+        await context.edgeCache.updateValue({
+          ...parsedValue,
+          lastCheck: Date.now()
+        });
+      } catch (error) {
+        throw new APIError(`Failed to parse check endpoint result - ${error}`);
+      }
+    }
+  } catch (e) {
+    const message = "Failed to fetch from check endpoint";
+    console.error(
+      printMessage(
+        e instanceof APIError ? e.message : e instanceof Error ? `${message} - ${e.message}` : message
+      )
+    );
+  }
+};
+
+// src/core/check-lock-status.ts
+var createContext = async (config) => {
+  const requestUrl = new URL(config.request.url);
+  const keyName = APPWARDEN_CACHE_KEY;
+  const provider = "cloudflare-cache";
+  const edgeCache = store.json(
+    {
+      serviceOrigin: requestUrl.origin,
+      cache: await caches.open("appwarden:lock")
+    },
+    keyName
+  );
+  return {
+    keyName,
+    request: config.request,
+    edgeCache,
+    requestUrl,
+    provider,
+    debug: config.debug ?? false,
+    lockPageSlug: config.lockPageSlug,
+    appwardenApiToken: config.appwardenApiToken,
+    appwardenApiHostname: config.appwardenApiHostname,
+    waitUntil: config.waitUntil
+  };
+};
+var resolveLockStatus = async (context) => {
+  const { lockValue, shouldDeleteEdgeValue } = await getLockValue(context);
+  if (shouldDeleteEdgeValue) {
+    await deleteEdgeValue(context);
+  }
+  const isTestRoute = context.requestUrl.pathname === APPWARDEN_TEST_ROUTE;
+  const isTestLock = isTestRoute && !MemoryCache.isTestExpired(lockValue) && !!lockValue;
+  return {
+    isLocked: !!lockValue?.isLocked || isTestLock,
+    isTestLock,
+    lockValue,
+    wasDeleted: shouldDeleteEdgeValue ?? false
+  };
+};
+var checkLockStatus = async (config) => {
+  const context = await createContext(config);
+  let { isLocked, isTestLock, lockValue, wasDeleted } = await resolveLockStatus(context);
+  if (MemoryCache.isExpired(lockValue) || wasDeleted) {
+    if (!lockValue || wasDeleted || lockValue.isLocked) {
+      await syncEdgeValue(context);
+      ({ isLocked, isTestLock } = await resolveLockStatus(context));
+    } else {
+      config.waitUntil(syncEdgeValue(context));
+    }
+  }
+  return { isLocked, isTestLock };
+};
+
+export {
+  store,
+  getLockValue,
+  checkLockStatus
+};

package/chunk-6PUA5YXP.js

@@ -0,0 +1,27 @@
+import {
+  getErrors
+} from "./chunk-B5IE7V77.js";
+import {
+  printMessage
+} from "./chunk-7UTT3M2S.js";
+
+// src/utils/validate-config.ts
+function validateConfig(config, schema) {
+  const result = schema.safeParse(config);
+  const hasErrors = !result.success;
+  if (hasErrors) {
+    const mappedErrors = getErrors(result.error);
+    if (mappedErrors.length > 0) {
+      for (const error of mappedErrors) {
+        console.error(printMessage(error));
+      }
+    } else {
+      console.error(printMessage(result.error.message));
+    }
+  }
+  return hasErrors;
+}
+
+export {
+  validateConfig
+};

package/{chunk-FDIKUQ3E.js → chunk-7UTT3M2S.js}

@@ -3,7 +3,6 @@ var LOCKDOWN_TEST_EXPIRY_MS = 5 * 60 * 1e3;
 var errors = { badCacheConnection: "BAD_CACHE_CONNECTION" };
 var globalErrors = [errors.badCacheConnection];
 var APPWARDEN_TEST_ROUTE = "/_appwarden/test";
-var APPWARDEN_USER_AGENT = "Appwarden-Monitor";
 var APPWARDEN_CACHE_KEY = "appwarden-lock";
 
 // src/utils/debug.ts
@@ -17,13 +16,22 @@ var debug = (...msg) => {
 var addSlashes = (str) => str.replace(/\\/g, "\\\\").replace(/`/g, "\\`").replace(/\$/g, "\\$").replace(/"/g, '\\"').replace(/'/g, "\\'").replace(/\u0000/g, "\\0").replace(/<\/script>/gi, "<\\/script>");
 var printMessage = (message) => `[@appwarden/middleware] ${addSlashes(message)}`;
 
+// src/utils/request-checks.ts
+function isHTMLResponse(response) {
+  return response.headers.get("Content-Type")?.includes("text/html") ?? false;
+}
+function isHTMLRequest(request) {
+  return request.headers.get("accept")?.includes("text/html") ?? false;
+}
+
 export {
   LOCKDOWN_TEST_EXPIRY_MS,
   errors,
   globalErrors,
   APPWARDEN_TEST_ROUTE,
-  APPWARDEN_USER_AGENT,
   APPWARDEN_CACHE_KEY,
   debug,
-  printMessage
+  printMessage,
+  isHTMLResponse,
+  isHTMLRequest
 };

package/{chunk-L6RSRHOF.js → chunk-B5IE7V77.js}

@@ -1,39 +1,6 @@
 import {
   LOCKDOWN_TEST_EXPIRY_MS
-} from "./chunk-FDIKUQ3E.js";
-
-// src/utils/errors.ts
-var errorsMap = {
-  mode: '`CSP_MODE` must be one of "disabled", "report-only", or "enforced"',
-  directives: {
-    ["DirectivesRequired" /* DirectivesRequired */]: '`CSP_DIRECTIVES` must be provided when `CSP_MODE` is "report-only" or "enforced"',
-    ["DirectivesBadParse" /* DirectivesBadParse */]: "Failed to parse `CSP_DIRECTIVES`. Is it a valid JSON string?"
-  },
-  appwardenApiToken: "Please provide a valid `appwardenApiToken`. Learn more at https://appwarden.com/docs/guides/api-token-management."
-};
-var getErrors = (error) => {
-  const matches = [];
-  const errors = [...Object.entries(error.flatten().fieldErrors)];
-  for (const issue of error.issues) {
-    errors.push(
-      ...Object.entries(
-        "returnTypeError" in issue ? issue.returnTypeError.flatten().fieldErrors : {}
-      )
-    );
-  }
-  for (const [field, maybeSchemaErrorKey] of errors) {
-    let match = errorsMap[field];
-    if (match) {
-      if (match instanceof Object) {
-        if (maybeSchemaErrorKey) {
-          match = match[maybeSchemaErrorKey[0]];
-        }
-      }
-      matches.push(match);
-    }
-  }
-  return matches;
-};
+} from "./chunk-7UTT3M2S.js";
 
 // src/utils/memory-cache.ts
 var MemoryCache = class {
@@ -82,6 +49,39 @@ var MemoryCache = class {
   };
 };
 
+// src/utils/errors.ts
+var errorsMap = {
+  mode: '`CSP_MODE` must be one of "disabled", "report-only", or "enforced"',
+  directives: {
+    ["DirectivesRequired" /* DirectivesRequired */]: '`CSP_DIRECTIVES` must be provided when `CSP_MODE` is "report-only" or "enforced"',
+    ["DirectivesBadParse" /* DirectivesBadParse */]: "Failed to parse `CSP_DIRECTIVES`. Is it a valid JSON string?"
+  },
+  appwardenApiToken: "Please provide a valid `appwardenApiToken`. Learn more at https://appwarden.com/docs/guides/api-token-management."
+};
+var getErrors = (error) => {
+  const matches = [];
+  const errors = [...Object.entries(error.flatten().fieldErrors)];
+  for (const issue of error.issues) {
+    errors.push(
+      ...Object.entries(
+        "returnTypeError" in issue ? issue.returnTypeError.flatten().fieldErrors : {}
+      )
+    );
+  }
+  for (const [field, maybeSchemaErrorKey] of errors) {
+    let match = errorsMap[field];
+    if (match) {
+      if (match instanceof Object) {
+        if (maybeSchemaErrorKey) {
+          match = match[maybeSchemaErrorKey[0]];
+        }
+      }
+      matches.push(match);
+    }
+  }
+  return matches;
+};
+
 // src/schemas/helpers.ts
 import { z } from "zod";
 var BoolOrStringSchema = z.union([z.string(), z.boolean()]).optional();
@@ -93,6 +93,7 @@ var BooleanSchema = BoolOrStringSchema.transform((val) => {
   }
   throw new Error("Invalid value");
 });
+var AppwardenApiTokenSchema = z.string().refine((val) => !!val, { message: "appwardenApiToken is required" });
 var LockValue = z.object({
   isLocked: z.number(),
   isLockedTest: z.number(),
@@ -104,5 +105,6 @@ export {
   getErrors,
   MemoryCache,
   BooleanSchema,
+  AppwardenApiTokenSchema,
   LockValue
 };

package/{chunk-TP5CHUTK.js → chunk-MOTPEQEU.js}

@@ -1,7 +1,8 @@
 import {
   debug,
+  isHTMLResponse,
   printMessage
-} from "./chunk-FDIKUQ3E.js";
+} from "./chunk-7UTT3M2S.js";
 
 // src/schemas/use-content-security-policy.ts
 import { z as z2 } from "zod";
@@ -126,7 +127,7 @@ var useContentSecurityPolicy = (input) => {
       debug(printMessage("csp is disabled"));
       return;
     }
-    if (response.headers.has("Content-Type") && !response.headers.get("Content-Type")?.includes("text/html")) {
+    if (response.headers.has("Content-Type") && !isHTMLResponse(response)) {
       return;
     }
     const cspNonce = crypto.randomUUID();

package/chunk-N6AUTMZO.js

@@ -0,0 +1,22 @@
+// src/utils/build-lock-page-url.ts
+function buildLockPageUrl(lockPageSlug, requestUrl) {
+  const normalizedSlug = lockPageSlug.startsWith("/") ? lockPageSlug : `/${lockPageSlug}`;
+  return new URL(normalizedSlug, requestUrl);
+}
+
+// src/utils/create-redirect.ts
+var TEMPORARY_REDIRECT_STATUS = 302;
+var createRedirect = (url) => {
+  return new Response(null, {
+    status: TEMPORARY_REDIRECT_STATUS,
+    headers: {
+      Location: url.toString()
+    }
+  });
+};
+
+export {
+  buildLockPageUrl,
+  TEMPORARY_REDIRECT_STATUS,
+  createRedirect
+};

package/cloudflare/astro.d.ts

@@ -0,0 +1,72 @@
+/**
+ * Cloudflare runtime context provided by Astro on Cloudflare Workers.
+ * This is the shape of `context.locals.runtime` when using @astrojs/cloudflare adapter.
+ */
+interface AstroCloudflareRuntime {
+    env: CloudflareEnv;
+    ctx: ExecutionContext;
+}
+/**
+ * Configuration for the Appwarden middleware.
+ */
+interface AstroAppwardenConfig {
+    /** The slug/path of the lock page to redirect to when the site is locked */
+    lockPageSlug: string;
+    /** The Appwarden API token for authentication */
+    appwardenApiToken: string;
+    /** Optional custom API hostname (defaults to https://api.appwarden.io) */
+    appwardenApiHostname?: string;
+    /** Enable debug logging */
+    debug?: boolean;
+}
+/**
+ * Configuration function that receives the Cloudflare runtime and returns the config.
+ * This allows dynamic configuration based on environment variables.
+ */
+type AstroConfigFn = (runtime: AstroCloudflareRuntime) => AstroAppwardenConfig;
+/**
+ * Astro middleware context type.
+ * This matches Astro's APIContext shape for middleware.
+ */
+interface AstroMiddlewareContext {
+    /** The incoming request */
+    request: Request;
+    /** Object for storing request-specific data */
+    locals: {
+        runtime?: AstroCloudflareRuntime;
+        [key: string]: unknown;
+    };
+    /** Helper to create redirect responses */
+    redirect: (path: string, status?: number) => Response;
+}
+/**
+ * Astro middleware function signature.
+ * This matches the onRequest export type in Astro's middleware system.
+ */
+type AstroMiddlewareFunction = (context: AstroMiddlewareContext, next: () => Promise<Response>) => Promise<Response>;
+/**
+ * Creates an Appwarden middleware function for Astro.
+ *
+ * This middleware checks if the site is locked and redirects to the lock page if so.
+ * It should be used with Astro's `sequence()` function or exported directly as `onRequest`.
+ *
+ * @example
+ * ```typescript
+ * // src/middleware.ts
+ * import { sequence } from "astro:middleware"
+ * import { createAppwardenMiddleware } from "@appwarden/middleware/astro"
+ *
+ * const appwarden = createAppwardenMiddleware(({ env }) => ({
+ *   lockPageSlug: env.APPWARDEN_LOCK_PAGE_SLUG,
+ *   appwardenApiToken: env.APPWARDEN_API_TOKEN,
+ * }))
+ *
+ * export const onRequest = sequence(appwarden)
+ * ```
+ *
+ * @param configFn - A function that receives the Cloudflare runtime and returns the config
+ * @returns An Astro middleware function
+ */
+declare function createAppwardenMiddleware(configFn: AstroConfigFn): AstroMiddlewareFunction;
+
+export { type AstroAppwardenConfig, type AstroCloudflareRuntime, type AstroConfigFn, type AstroMiddlewareContext, type AstroMiddlewareFunction, createAppwardenMiddleware };

package/cloudflare/astro.js

@@ -0,0 +1,90 @@
+import {
+  TEMPORARY_REDIRECT_STATUS,
+  buildLockPageUrl,
+  createRedirect
+} from "../chunk-N6AUTMZO.js";
+import {
+  validateConfig
+} from "../chunk-6PUA5YXP.js";
+import {
+  checkLockStatus
+} from "../chunk-5DEXVBY6.js";
+import {
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "../chunk-B5IE7V77.js";
+import {
+  isHTMLRequest,
+  printMessage
+} from "../chunk-7UTT3M2S.js";
+
+// src/schemas/astro-cloudflare.ts
+import { z } from "zod";
+var AstroCloudflareConfigSchema = z.object({
+  /** The slug/path of the lock page to redirect to when the site is locked */
+  lockPageSlug: z.string(),
+  /** The Appwarden API token for authentication */
+  appwardenApiToken: AppwardenApiTokenSchema,
+  /** Optional custom API hostname (defaults to https://api.appwarden.io) */
+  appwardenApiHostname: z.string().optional(),
+  /** Enable debug logging */
+  debug: BooleanSchema.default(false)
+});
+
+// src/adapters/astro-cloudflare.ts
+function createAppwardenMiddleware(configFn) {
+  return async (context, next) => {
+    const { request, locals } = context;
+    try {
+      const runtime = locals.runtime;
+      if (!runtime) {
+        console.error(
+          printMessage(
+            "Cloudflare runtime not found. Ensure @astrojs/cloudflare adapter is configured."
+          )
+        );
+        return next();
+      }
+      if (!isHTMLRequest(request)) {
+        return next();
+      }
+      const config = configFn(runtime);
+      const hasError = validateConfig(config, AstroCloudflareConfigSchema);
+      if (hasError) {
+        return next();
+      }
+      const result = await checkLockStatus({
+        request,
+        appwardenApiToken: config.appwardenApiToken,
+        appwardenApiHostname: config.appwardenApiHostname,
+        debug: config.debug,
+        lockPageSlug: config.lockPageSlug,
+        waitUntil: (fn) => runtime.ctx.waitUntil(fn)
+      });
+      if (result.isLocked) {
+        const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
+        if (context.redirect) {
+          return context.redirect(
+            lockPageUrl.toString(),
+            TEMPORARY_REDIRECT_STATUS
+          );
+        }
+        return createRedirect(lockPageUrl);
+      }
+      return next();
+    } catch (error) {
+      if (error instanceof Response) {
+        throw error;
+      }
+      console.error(
+        printMessage(
+          `Unhandled error: ${error instanceof Error ? error.message : String(error)}`
+        )
+      );
+      return next();
+    }
+  };
+}
+export {
+  createAppwardenMiddleware
+};