@appwarden/middleware 3.1.0 → 3.2.0

package/README.md

@@ -1,6 +1,6 @@
 # @appwarden/middleware
 
-![Test Coverage](https://img.shields.io/badge/coverage-96.08%25-brightgreen)
+![Test Coverage](https://img.shields.io/badge/coverage-95.67%25-brightgreen)
 [![npm version](https://img.shields.io/npm/v/@appwarden/middleware.svg)](https://www.npmjs.com/package/@appwarden/middleware)
 [![npm provenance](https://img.shields.io/badge/npm-provenance-green)](https://docs.npmjs.com/generating-provenance-statements)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
@@ -26,13 +26,17 @@ For detailed usage instructions, please refer to our [documentation](https://app
 
 ### On Cloudflare
 
-Cloudflare has two deployment options: [pages.dev](https://pages.dev) and [Workers static assets](https://developers.cloudflare.com/workers/static-assets/). We support both.
+For all websites deployed on Cloudflare—including popular modern frameworks like Astro, Next.js, React Router, TanStack Start, and more—we recommend using the [build-cloudflare-action](https://github.com/appwarden/build-cloudflare-action). This action builds a worker that runs on the root of your domain (e.g., `your.app.io/*` for an `your.app.io` website), providing seamless integration with Appwarden without modifying your application code.
 
-#### On pages.dev
+Please see the [build-cloudflare-action documentation](https://github.com/appwarden/build-cloudflare-action) for more information.
 
-- [All websites on pages.dev](https://appwarden.io/docs/guides/cloudflare-integration)
+#### Recommended: build-cloudflare-action
 
-#### On Workers static assets
+- [build-cloudflare-action](https://github.com/appwarden/build-cloudflare-action) — Seamless integration with Appwarden for Cloudflare-deployed websites.
+
+#### Framework adapters (alternative)
+
+If you cannot use the `build-cloudflare-action`, you can use framework-specific adapters instead:
 
 - [Astro](https://appwarden.io/docs/guides/astro-cloudflare)
 - [React Router](https://appwarden.io/docs/guides/react-router-cloudflare)

package/chunk-COV6SHCD.js

@@ -0,0 +1,27 @@
+import {
+  getErrors
+} from "./chunk-ZX5QO4Y2.js";
+import {
+  printMessage
+} from "./chunk-L5EQIJZB.js";
+
+// src/utils/validate-config.ts
+function validateConfig(config, schema) {
+  const result = schema.safeParse(config);
+  const hasErrors = !result.success;
+  if (hasErrors) {
+    const mappedErrors = getErrors(result.error);
+    if (mappedErrors.length > 0) {
+      for (const error of mappedErrors) {
+        console.error(printMessage(error));
+      }
+    } else {
+      console.error(printMessage(result.error.message));
+    }
+  }
+  return hasErrors;
+}
+
+export {
+  validateConfig
+};

package/{chunk-MOTPEQEU.js → chunk-FGAJVKNM.js}

@@ -2,7 +2,7 @@ import {
   debug,
   isHTMLResponse,
   printMessage
-} from "./chunk-7UTT3M2S.js";
+} from "./chunk-L5EQIJZB.js";
 
 // src/schemas/use-content-security-policy.ts
 import { z as z2 } from "zod";

package/{chunk-7UTT3M2S.js → chunk-L5EQIJZB.js}

@@ -8,7 +8,24 @@ var APPWARDEN_CACHE_KEY = "appwarden-lock";
 // src/utils/debug.ts
 var debug = (...msg) => {
   if (true) {
-    console.log(...msg);
+    const formatted = msg.map((m) => {
+      if (typeof m === "object" && m !== null) {
+        if (m instanceof Error) {
+          return m.stack ?? m.message;
+        }
+        try {
+          return JSON.stringify(m);
+        } catch {
+          try {
+            return String(m);
+          } catch {
+            return "[Unserializable value]";
+          }
+        }
+      }
+      return m;
+    });
+    console.log(...formatted);
   }
 };
 

package/{chunk-5DEXVBY6.js → chunk-MDODCAA3.js}

@@ -1,13 +1,13 @@
 import {
   LockValue,
   MemoryCache
-} from "./chunk-B5IE7V77.js";
+} from "./chunk-ZX5QO4Y2.js";
 import {
   APPWARDEN_CACHE_KEY,
   APPWARDEN_TEST_ROUTE,
   debug,
   printMessage
-} from "./chunk-7UTT3M2S.js";
+} from "./chunk-L5EQIJZB.js";
 
 // src/utils/cloudflare/cloudflare-cache.ts
 var store = {

package/{chunk-B5IE7V77.js → chunk-ZX5QO4Y2.js}

@@ -1,6 +1,38 @@
 import {
   LOCKDOWN_TEST_EXPIRY_MS
-} from "./chunk-7UTT3M2S.js";
+} from "./chunk-L5EQIJZB.js";
+
+// src/utils/build-lock-page-url.ts
+function normalizeLockPageSlug(lockPageSlug) {
+  return lockPageSlug.startsWith("/") ? lockPageSlug : `/${lockPageSlug}`;
+}
+function buildLockPageUrl(lockPageSlug, requestUrl) {
+  const normalizedSlug = normalizeLockPageSlug(lockPageSlug);
+  return new URL(normalizedSlug, requestUrl);
+}
+function normalizeTrailingSlash(path) {
+  if (path === "/") return path;
+  return path.endsWith("/") ? path.slice(0, -1) : path;
+}
+function isOnLockPage(lockPageSlug, requestUrl) {
+  const normalizedSlug = normalizeTrailingSlash(
+    normalizeLockPageSlug(lockPageSlug)
+  );
+  const url = typeof requestUrl === "string" ? new URL(requestUrl) : requestUrl;
+  const normalizedPathname = normalizeTrailingSlash(url.pathname);
+  return normalizedPathname === normalizedSlug;
+}
+
+// src/utils/create-redirect.ts
+var TEMPORARY_REDIRECT_STATUS = 302;
+var createRedirect = (url) => {
+  return new Response(null, {
+    status: TEMPORARY_REDIRECT_STATUS,
+    headers: {
+      Location: url.toString()
+    }
+  });
+};
 
 // src/utils/memory-cache.ts
 var MemoryCache = class {
@@ -102,6 +134,10 @@ var LockValue = z.object({
 });
 
 export {
+  buildLockPageUrl,
+  isOnLockPage,
+  TEMPORARY_REDIRECT_STATUS,
+  createRedirect,
   getErrors,
   MemoryCache,
   BooleanSchema,

package/cloudflare/astro.js

@@ -1,23 +1,21 @@
 import {
-  TEMPORARY_REDIRECT_STATUS,
-  createRedirect
-} from "../chunk-6M7BE3AW.js";
-import {
-  buildLockPageUrl,
-  isOnLockPage,
   validateConfig
-} from "../chunk-4JGYMZTR.js";
+} from "../chunk-COV6SHCD.js";
 import {
   checkLockStatus
-} from "../chunk-5DEXVBY6.js";
+} from "../chunk-MDODCAA3.js";
 import {
   AppwardenApiTokenSchema,
-  BooleanSchema
-} from "../chunk-B5IE7V77.js";
+  BooleanSchema,
+  TEMPORARY_REDIRECT_STATUS,
+  buildLockPageUrl,
+  createRedirect,
+  isOnLockPage
+} from "../chunk-ZX5QO4Y2.js";
 import {
   isHTMLRequest,
   printMessage
-} from "../chunk-7UTT3M2S.js";
+} from "../chunk-L5EQIJZB.js";
 
 // src/schemas/astro-cloudflare.ts
 import { z } from "zod";

package/cloudflare/nextjs.js

@@ -1,22 +1,20 @@
 import {
-  TEMPORARY_REDIRECT_STATUS
-} from "../chunk-6M7BE3AW.js";
-import {
-  buildLockPageUrl,
-  isOnLockPage,
   validateConfig
-} from "../chunk-4JGYMZTR.js";
+} from "../chunk-COV6SHCD.js";
 import {
   checkLockStatus
-} from "../chunk-5DEXVBY6.js";
+} from "../chunk-MDODCAA3.js";
 import {
   AppwardenApiTokenSchema,
-  BooleanSchema
-} from "../chunk-B5IE7V77.js";
+  BooleanSchema,
+  TEMPORARY_REDIRECT_STATUS,
+  buildLockPageUrl,
+  isOnLockPage
+} from "../chunk-ZX5QO4Y2.js";
 import {
   isHTMLRequest,
   printMessage
-} from "../chunk-7UTT3M2S.js";
+} from "../chunk-L5EQIJZB.js";
 
 // src/adapters/nextjs-cloudflare.ts
 import {

package/cloudflare/react-router.js

@@ -1,22 +1,20 @@
 import {
-  createRedirect
-} from "../chunk-6M7BE3AW.js";
-import {
-  buildLockPageUrl,
-  isOnLockPage,
   validateConfig
-} from "../chunk-4JGYMZTR.js";
+} from "../chunk-COV6SHCD.js";
 import {
   checkLockStatus
-} from "../chunk-5DEXVBY6.js";
+} from "../chunk-MDODCAA3.js";
 import {
   AppwardenApiTokenSchema,
-  BooleanSchema
-} from "../chunk-B5IE7V77.js";
+  BooleanSchema,
+  buildLockPageUrl,
+  createRedirect,
+  isOnLockPage
+} from "../chunk-ZX5QO4Y2.js";
 import {
   isHTMLRequest,
   printMessage
-} from "../chunk-7UTT3M2S.js";
+} from "../chunk-L5EQIJZB.js";
 
 // src/schemas/react-router-cloudflare.ts
 import { z } from "zod";

package/cloudflare/tanstack-start.js

@@ -1,22 +1,20 @@
 import {
-  createRedirect
-} from "../chunk-6M7BE3AW.js";
-import {
-  buildLockPageUrl,
-  isOnLockPage,
   validateConfig
-} from "../chunk-4JGYMZTR.js";
+} from "../chunk-COV6SHCD.js";
 import {
   checkLockStatus
-} from "../chunk-5DEXVBY6.js";
+} from "../chunk-MDODCAA3.js";
 import {
   AppwardenApiTokenSchema,
-  BooleanSchema
-} from "../chunk-B5IE7V77.js";
+  BooleanSchema,
+  buildLockPageUrl,
+  createRedirect,
+  isOnLockPage
+} from "../chunk-ZX5QO4Y2.js";
 import {
   isHTMLRequest,
   printMessage
-} from "../chunk-7UTT3M2S.js";
+} from "../chunk-L5EQIJZB.js";
 
 // src/schemas/tanstack-start-cloudflare.ts
 import { z } from "zod";

package/cloudflare.js

@@ -1,21 +1,24 @@
 import {
   useContentSecurityPolicy
-} from "./chunk-MOTPEQEU.js";
+} from "./chunk-FGAJVKNM.js";
 import {
   checkLockStatus,
   getLockValue,
   store
-} from "./chunk-5DEXVBY6.js";
+} from "./chunk-MDODCAA3.js";
 import {
   AppwardenApiTokenSchema,
   BooleanSchema,
-  getErrors
-} from "./chunk-B5IE7V77.js";
+  buildLockPageUrl,
+  createRedirect,
+  getErrors,
+  isOnLockPage
+} from "./chunk-ZX5QO4Y2.js";
 import {
   APPWARDEN_CACHE_KEY,
-  isHTMLResponse,
+  isHTMLRequest,
   printMessage
-} from "./chunk-7UTT3M2S.js";
+} from "./chunk-L5EQIJZB.js";
 
 // src/runners/appwarden-on-cloudflare.ts
 import { ZodError } from "zod";
@@ -79,14 +82,6 @@ var usePipeline = (...initMiddlewares) => {
   };
 };
 
-// src/utils/render-lock-page.ts
-var renderLockPage = (context) => fetch(new URL(context.lockPageSlug, context.requestUrl.origin), {
-  headers: {
-    // no browser caching, otherwise we need to hard refresh to disable lock screen
-    "Cache-Control": "no-store"
-  }
-});
-
 // src/utils/cloudflare/insert-errors-logs.ts
 var insertErrorLogs = async (context, error) => {
   const errors = getErrors(error);
@@ -124,42 +119,46 @@ var handleResetCache = async (keyName, provider, edgeCache, request) => {
 
 // src/middlewares/use-appwarden.ts
 var useAppwarden = (input) => async (context, next) => {
-  await next();
-  const { request, response } = context;
+  const { request } = context;
+  let shouldCallNext = true;
   try {
     const requestUrl = new URL(request.url);
-    const provider = "cloudflare-cache";
-    const keyName = APPWARDEN_CACHE_KEY;
-    const edgeCache = store.json(
-      {
-        serviceOrigin: requestUrl.origin,
-        cache: await caches.open("appwarden:lock")
-      },
-      keyName
-    );
     if (isResetCacheRequest(request)) {
+      const provider = "cloudflare-cache";
+      const keyName = APPWARDEN_CACHE_KEY;
+      const edgeCache = store.json(
+        {
+          serviceOrigin: requestUrl.origin,
+          cache: await caches.open("appwarden:lock")
+        },
+        keyName
+      );
       await handleResetCache(keyName, provider, edgeCache, request);
       return;
     }
-    if (isHTMLResponse(response)) {
-      const lockPageSlug = input.multidomainConfig?.[requestUrl.hostname]?.lockPageSlug ?? input.lockPageSlug;
-      if (!lockPageSlug) {
-        return;
-      }
-      const result = await checkLockStatus({
-        request,
-        appwardenApiToken: input.appwardenApiToken,
-        appwardenApiHostname: input.appwardenApiHostname,
-        debug: input.debug,
-        lockPageSlug,
-        waitUntil: (fn) => context.waitUntil(fn)
-      });
-      if (result.isLocked) {
-        context.response = await renderLockPage({
-          lockPageSlug,
-          requestUrl
-        });
-      }
+    if (!isHTMLRequest(request)) {
+      return;
+    }
+    const lockPageSlug = input.multidomainConfig?.[requestUrl.hostname]?.lockPageSlug ?? input.lockPageSlug;
+    if (!lockPageSlug) {
+      return;
+    }
+    if (isOnLockPage(lockPageSlug, request.url)) {
+      return;
+    }
+    const result = await checkLockStatus({
+      request,
+      appwardenApiToken: input.appwardenApiToken,
+      appwardenApiHostname: input.appwardenApiHostname,
+      debug: input.debug,
+      lockPageSlug,
+      waitUntil: (fn) => context.waitUntil(fn)
+    });
+    if (result.isLocked) {
+      const lockPageUrl = buildLockPageUrl(lockPageSlug, request.url);
+      context.response = createRedirect(lockPageUrl);
+      shouldCallNext = false;
+      return;
     }
   } catch (e) {
     const message = "Appwarden encountered an unknown error. Please contact Appwarden support at https://appwarden.io/join-community.";
@@ -168,6 +167,10 @@ var useAppwarden = (input) => async (context, next) => {
         e instanceof Error ? `${message} - ${e.message}` : message
       )
     );
+  } finally {
+    if (shouldCallNext) {
+      await next();
+    }
   }
 };
 

package/index.js

@@ -7,11 +7,11 @@ import {
   CSPDirectivesSchema,
   CSPModeSchema,
   useContentSecurityPolicy
-} from "./chunk-MOTPEQEU.js";
+} from "./chunk-FGAJVKNM.js";
 import {
   APPWARDEN_CACHE_KEY,
   LOCKDOWN_TEST_EXPIRY_MS
-} from "./chunk-7UTT3M2S.js";
+} from "./chunk-L5EQIJZB.js";
 export {
   APPWARDEN_CACHE_KEY,
   CSPDirectivesSchema,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@appwarden/middleware",
-  "version": "3.1.0",
+  "version": "3.2.0",
   "description": "Instantly shut off access your app deployed on Cloudflare or Vercel",
   "type": "module",
   "license": "MIT",

package/vercel.js

@@ -3,13 +3,15 @@ import {
   isValidCacheUrl
 } from "./chunk-QEFORWCW.js";
 import {
-  isOnLockPage,
   validateConfig
-} from "./chunk-4JGYMZTR.js";
+} from "./chunk-COV6SHCD.js";
 import {
   LockValue,
-  MemoryCache
-} from "./chunk-B5IE7V77.js";
+  MemoryCache,
+  TEMPORARY_REDIRECT_STATUS,
+  buildLockPageUrl,
+  isOnLockPage
+} from "./chunk-ZX5QO4Y2.js";
 import {
   APPWARDEN_CACHE_KEY,
   debug,
@@ -17,7 +19,7 @@ import {
   globalErrors,
   isHTMLRequest,
   printMessage
-} from "./chunk-7UTT3M2S.js";
+} from "./chunk-L5EQIJZB.js";
 
 // src/runners/appwarden-on-vercel.ts
 import { waitUntil } from "@vercel/functions";
@@ -233,8 +235,14 @@ function createAppwardenMiddleware(config) {
         provider
       })).lockValue;
       if (lockValue?.isLocked) {
-        const lockPageUrl = new URL(parsedConfig.lockPageSlug, request.url);
-        return Response.redirect(lockPageUrl.toString(), 302);
+        const lockPageUrl = buildLockPageUrl(
+          parsedConfig.lockPageSlug,
+          request.url
+        );
+        return Response.redirect(
+          lockPageUrl.toString(),
+          TEMPORARY_REDIRECT_STATUS
+        );
       }
       return NextResponse.next();
     } catch (e) {

package/chunk-4JGYMZTR.js

@@ -1,50 +0,0 @@
-import {
-  getErrors
-} from "./chunk-B5IE7V77.js";
-import {
-  printMessage
-} from "./chunk-7UTT3M2S.js";
-
-// src/utils/build-lock-page-url.ts
-function normalizeLockPageSlug(lockPageSlug) {
-  return lockPageSlug.startsWith("/") ? lockPageSlug : `/${lockPageSlug}`;
-}
-function buildLockPageUrl(lockPageSlug, requestUrl) {
-  const normalizedSlug = normalizeLockPageSlug(lockPageSlug);
-  return new URL(normalizedSlug, requestUrl);
-}
-function normalizeTrailingSlash(path) {
-  if (path === "/") return path;
-  return path.endsWith("/") ? path.slice(0, -1) : path;
-}
-function isOnLockPage(lockPageSlug, requestUrl) {
-  const normalizedSlug = normalizeTrailingSlash(
-    normalizeLockPageSlug(lockPageSlug)
-  );
-  const url = typeof requestUrl === "string" ? new URL(requestUrl) : requestUrl;
-  const normalizedPathname = normalizeTrailingSlash(url.pathname);
-  return normalizedPathname === normalizedSlug;
-}
-
-// src/utils/validate-config.ts
-function validateConfig(config, schema) {
-  const result = schema.safeParse(config);
-  const hasErrors = !result.success;
-  if (hasErrors) {
-    const mappedErrors = getErrors(result.error);
-    if (mappedErrors.length > 0) {
-      for (const error of mappedErrors) {
-        console.error(printMessage(error));
-      }
-    } else {
-      console.error(printMessage(result.error.message));
-    }
-  }
-  return hasErrors;
-}
-
-export {
-  buildLockPageUrl,
-  isOnLockPage,
-  validateConfig
-};

package/chunk-6M7BE3AW.js

@@ -1,15 +0,0 @@
-// src/utils/create-redirect.ts
-var TEMPORARY_REDIRECT_STATUS = 302;
-var createRedirect = (url) => {
-  return new Response(null, {
-    status: TEMPORARY_REDIRECT_STATUS,
-    headers: {
-      Location: url.toString()
-    }
-  });
-};
-
-export {
-  TEMPORARY_REDIRECT_STATUS,
-  createRedirect
-};