@appwarden/middleware 3.4.0 → 3.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/{chunk-YBWFEBZC.js → chunk-AXWJZE7U.js} +1 -1
- package/{chunk-QVRWMYGL.js → chunk-EPJ4ZVO6.js} +5 -4
- package/{chunk-3MKVGKH7.js → chunk-G5FWKV2Q.js} +11 -8
- package/{chunk-G4RRFNHY.js → chunk-GK6JL5NZ.js} +4 -12
- package/{chunk-U3T4R5KZ.js → chunk-MNGMTDH3.js} +1 -1
- package/cloudflare/astro.js +7 -7
- package/cloudflare/nextjs.js +6 -6
- package/cloudflare/react-router.js +7 -7
- package/cloudflare/tanstack-start.js +7 -7
- package/{cloudflare-36BOGAYU.js → cloudflare-K5EFFMNI.js} +1 -1
- package/cloudflare.js +4 -4
- package/index.js +2 -2
- package/package.json +3 -2
- package/vercel.js +6 -4
package/README.md
CHANGED
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
[](https://github.com/appwarden/middleware)
|
|
5
5
|
[](https://www.npmjs.com/package/@appwarden/middleware)
|
|
6
6
|
[](https://docs.npmjs.com/generating-provenance-statements)
|
|
7
|
-
|
|
8
8
|
[](https://opensource.org/licenses/MIT)
|
|
9
9
|
|
|
10
10
|
## Core Features
|
|
@@ -3,7 +3,7 @@ import {
|
|
|
3
3
|
} from "./chunk-HCGLR3Z3.js";
|
|
4
4
|
import {
|
|
5
5
|
printMessage
|
|
6
|
-
} from "./chunk-
|
|
6
|
+
} from "./chunk-GK6JL5NZ.js";
|
|
7
7
|
|
|
8
8
|
// src/utils/build-lock-page-url.ts
|
|
9
9
|
function normalizeLockPageSlug(lockPageSlug) {
|
|
@@ -40,7 +40,7 @@ var createRedirect = (url) => {
|
|
|
40
40
|
// src/utils/debug.ts
|
|
41
41
|
var debug = (isDebug) => (...msg) => {
|
|
42
42
|
if (!isDebug) return;
|
|
43
|
-
const
|
|
43
|
+
const parts = msg.map((m) => {
|
|
44
44
|
let content;
|
|
45
45
|
if (m instanceof Error) {
|
|
46
46
|
content = m.stack ?? m.message;
|
|
@@ -57,9 +57,10 @@ var debug = (isDebug) => (...msg) => {
|
|
|
57
57
|
} else {
|
|
58
58
|
content = String(m);
|
|
59
59
|
}
|
|
60
|
-
return
|
|
60
|
+
return content;
|
|
61
61
|
});
|
|
62
|
-
|
|
62
|
+
const message = parts.join(" ");
|
|
63
|
+
console.log(printMessage(message));
|
|
63
64
|
};
|
|
64
65
|
|
|
65
66
|
// src/utils/memory-cache.ts
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import {
|
|
2
2
|
MemoryCache,
|
|
3
3
|
debug
|
|
4
|
-
} from "./chunk-
|
|
4
|
+
} from "./chunk-EPJ4ZVO6.js";
|
|
5
5
|
import {
|
|
6
6
|
APPWARDEN_CACHE_KEY,
|
|
7
7
|
APPWARDEN_TEST_ROUTE
|
|
@@ -11,7 +11,7 @@ import {
|
|
|
11
11
|
getLockValue,
|
|
12
12
|
store,
|
|
13
13
|
syncEdgeValue
|
|
14
|
-
} from "./chunk-
|
|
14
|
+
} from "./chunk-GK6JL5NZ.js";
|
|
15
15
|
|
|
16
16
|
// src/core/check-lock-status.ts
|
|
17
17
|
var createContext = async (config) => {
|
|
@@ -42,9 +42,6 @@ var createContext = async (config) => {
|
|
|
42
42
|
};
|
|
43
43
|
var resolveLockStatus = async (context) => {
|
|
44
44
|
const { lockValue, shouldDeleteEdgeValue } = await getLockValue(context);
|
|
45
|
-
if (lockValue) {
|
|
46
|
-
context.debug("Lock value resolved from cache");
|
|
47
|
-
}
|
|
48
45
|
if (shouldDeleteEdgeValue) {
|
|
49
46
|
context.debug("Deleting corrupted cache value");
|
|
50
47
|
await deleteEdgeValue(context);
|
|
@@ -61,15 +58,21 @@ var resolveLockStatus = async (context) => {
|
|
|
61
58
|
var checkLockStatus = async (config) => {
|
|
62
59
|
const context = await createContext(config);
|
|
63
60
|
let { isLocked, isTestLock, lockValue, wasDeleted } = await resolveLockStatus(context);
|
|
64
|
-
|
|
61
|
+
const isExpired = MemoryCache.isExpired(lockValue);
|
|
62
|
+
if (!isExpired && !wasDeleted && lockValue) {
|
|
63
|
+
context.debug("Lock value resolved from cache");
|
|
64
|
+
}
|
|
65
|
+
if (isExpired || wasDeleted) {
|
|
65
66
|
if (!lockValue || wasDeleted || lockValue.isLocked) {
|
|
66
67
|
context.debug(
|
|
67
|
-
"
|
|
68
|
+
"No fresh cached lock status available - syncing with API synchronously"
|
|
68
69
|
);
|
|
69
70
|
await syncEdgeValue(context);
|
|
70
71
|
({ isLocked, isTestLock } = await resolveLockStatus(context));
|
|
71
72
|
} else {
|
|
72
|
-
context.debug(
|
|
73
|
+
context.debug(
|
|
74
|
+
"Cached lock status expired but last known state unlocked - syncing with API in background"
|
|
75
|
+
);
|
|
73
76
|
config.waitUntil(syncEdgeValue(context));
|
|
74
77
|
}
|
|
75
78
|
}
|
|
@@ -11,12 +11,7 @@ var store = {
|
|
|
11
11
|
};
|
|
12
12
|
var getCacheValue = async (context, cacheKey) => {
|
|
13
13
|
const match = await context.cache.match(cacheKey);
|
|
14
|
-
|
|
15
|
-
context.debug(`[${cacheKey.pathname}] Cache MISS!`);
|
|
16
|
-
return void 0;
|
|
17
|
-
}
|
|
18
|
-
context.debug(`[${cacheKey.pathname}] Cache MATCH!`);
|
|
19
|
-
return match;
|
|
14
|
+
return match ?? void 0;
|
|
20
15
|
};
|
|
21
16
|
var updateCacheValue = async (context, cacheKey, value, ttl) => {
|
|
22
17
|
context.debug(
|
|
@@ -262,7 +257,7 @@ var APIError = class extends Error {
|
|
|
262
257
|
var DEFAULT_API_HOSTNAME = "https://api.appwarden.io";
|
|
263
258
|
var syncEdgeValue = async (context) => {
|
|
264
259
|
const apiHostname = context.appwardenApiHostname ?? DEFAULT_API_HOSTNAME;
|
|
265
|
-
context.debug(`
|
|
260
|
+
context.debug(`GET ${apiHostname}`);
|
|
266
261
|
try {
|
|
267
262
|
const response = await fetch(new URL("/v1/status/check", apiHostname), {
|
|
268
263
|
method: "POST",
|
|
@@ -289,10 +284,7 @@ var syncEdgeValue = async (context) => {
|
|
|
289
284
|
const parsedValue = LockValue.omit({ lastCheck: true }).parse(
|
|
290
285
|
result.content
|
|
291
286
|
);
|
|
292
|
-
context.debug(
|
|
293
|
-
`API call to ${apiHostname} succeeded`,
|
|
294
|
-
`Lock status: ${parsedValue.isLocked ? "LOCKED" : "UNLOCKED"}`
|
|
295
|
-
);
|
|
287
|
+
context.debug(`GET ${apiHostname} succeeded`);
|
|
296
288
|
await context.edgeCache.updateValue({
|
|
297
289
|
...parsedValue,
|
|
298
290
|
lastCheck: Date.now()
|
|
@@ -302,7 +294,7 @@ var syncEdgeValue = async (context) => {
|
|
|
302
294
|
}
|
|
303
295
|
}
|
|
304
296
|
} catch (e) {
|
|
305
|
-
const message = `
|
|
297
|
+
const message = `GET ${apiHostname} failed`;
|
|
306
298
|
console.error(
|
|
307
299
|
printMessage(
|
|
308
300
|
e instanceof APIError ? e.message : e instanceof Error ? `${message}: ${e.message}` : message
|
package/cloudflare/astro.js
CHANGED
|
@@ -1,19 +1,19 @@
|
|
|
1
1
|
import {
|
|
2
2
|
useContentSecurityPolicy
|
|
3
|
-
} from "../chunk-
|
|
3
|
+
} from "../chunk-AXWJZE7U.js";
|
|
4
4
|
import {
|
|
5
5
|
validateConfig
|
|
6
|
-
} from "../chunk-
|
|
6
|
+
} from "../chunk-MNGMTDH3.js";
|
|
7
7
|
import {
|
|
8
8
|
checkLockStatus
|
|
9
|
-
} from "../chunk-
|
|
9
|
+
} from "../chunk-G5FWKV2Q.js";
|
|
10
10
|
import {
|
|
11
11
|
TEMPORARY_REDIRECT_STATUS,
|
|
12
12
|
buildLockPageUrl,
|
|
13
13
|
createRedirect,
|
|
14
14
|
debug,
|
|
15
15
|
isOnLockPage
|
|
16
|
-
} from "../chunk-
|
|
16
|
+
} from "../chunk-EPJ4ZVO6.js";
|
|
17
17
|
import {
|
|
18
18
|
UseCSPInputSchema,
|
|
19
19
|
isHTMLRequest
|
|
@@ -22,7 +22,7 @@ import {
|
|
|
22
22
|
AppwardenApiTokenSchema,
|
|
23
23
|
BooleanSchema,
|
|
24
24
|
printMessage
|
|
25
|
-
} from "../chunk-
|
|
25
|
+
} from "../chunk-GK6JL5NZ.js";
|
|
26
26
|
|
|
27
27
|
// src/schemas/astro-cloudflare.ts
|
|
28
28
|
import { z } from "zod";
|
|
@@ -85,7 +85,7 @@ function createAppwardenMiddleware(configFn) {
|
|
|
85
85
|
});
|
|
86
86
|
if (result.isLocked) {
|
|
87
87
|
const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
|
|
88
|
-
debugFn(`
|
|
88
|
+
debugFn(`Website is locked - redirecting to ${lockPageUrl.pathname}`);
|
|
89
89
|
if (context.redirect) {
|
|
90
90
|
return context.redirect(
|
|
91
91
|
lockPageUrl.toString(),
|
|
@@ -94,7 +94,7 @@ function createAppwardenMiddleware(configFn) {
|
|
|
94
94
|
}
|
|
95
95
|
return createRedirect(lockPageUrl);
|
|
96
96
|
}
|
|
97
|
-
debugFn("
|
|
97
|
+
debugFn("Website is unlocked");
|
|
98
98
|
const response = await next();
|
|
99
99
|
if (config.contentSecurityPolicy) {
|
|
100
100
|
debugFn("Applying CSP middleware");
|
package/cloudflare/nextjs.js
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
import {
|
|
2
2
|
validateConfig
|
|
3
|
-
} from "../chunk-
|
|
3
|
+
} from "../chunk-MNGMTDH3.js";
|
|
4
4
|
import {
|
|
5
5
|
checkLockStatus
|
|
6
|
-
} from "../chunk-
|
|
6
|
+
} from "../chunk-G5FWKV2Q.js";
|
|
7
7
|
import {
|
|
8
8
|
TEMPORARY_REDIRECT_STATUS,
|
|
9
9
|
buildLockPageUrl,
|
|
10
10
|
debug,
|
|
11
11
|
isOnLockPage
|
|
12
|
-
} from "../chunk-
|
|
12
|
+
} from "../chunk-EPJ4ZVO6.js";
|
|
13
13
|
import {
|
|
14
14
|
UseCSPInputSchema,
|
|
15
15
|
isHTMLRequest
|
|
@@ -18,7 +18,7 @@ import {
|
|
|
18
18
|
AppwardenApiTokenSchema,
|
|
19
19
|
BooleanSchema,
|
|
20
20
|
printMessage
|
|
21
|
-
} from "../chunk-
|
|
21
|
+
} from "../chunk-GK6JL5NZ.js";
|
|
22
22
|
|
|
23
23
|
// src/adapters/nextjs-cloudflare.ts
|
|
24
24
|
import {
|
|
@@ -88,7 +88,7 @@ function createAppwardenMiddleware(configFn) {
|
|
|
88
88
|
});
|
|
89
89
|
if (result.isLocked) {
|
|
90
90
|
const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
|
|
91
|
-
debugFn(`
|
|
91
|
+
debugFn(`Website is locked - redirecting to ${lockPageUrl.pathname}`);
|
|
92
92
|
return NextResponse.redirect(lockPageUrl, TEMPORARY_REDIRECT_STATUS);
|
|
93
93
|
}
|
|
94
94
|
debugFn("Site is unlocked");
|
|
@@ -96,7 +96,7 @@ function createAppwardenMiddleware(configFn) {
|
|
|
96
96
|
debugFn(
|
|
97
97
|
`Applying CSP headers in ${config.contentSecurityPolicy.mode} mode`
|
|
98
98
|
);
|
|
99
|
-
const { makeCSPHeader } = await import("../cloudflare-
|
|
99
|
+
const { makeCSPHeader } = await import("../cloudflare-K5EFFMNI.js");
|
|
100
100
|
const [headerName, headerValue] = makeCSPHeader(
|
|
101
101
|
"",
|
|
102
102
|
config.contentSecurityPolicy.directives,
|
|
@@ -1,18 +1,18 @@
|
|
|
1
1
|
import {
|
|
2
2
|
useContentSecurityPolicy
|
|
3
|
-
} from "../chunk-
|
|
3
|
+
} from "../chunk-AXWJZE7U.js";
|
|
4
4
|
import {
|
|
5
5
|
validateConfig
|
|
6
|
-
} from "../chunk-
|
|
6
|
+
} from "../chunk-MNGMTDH3.js";
|
|
7
7
|
import {
|
|
8
8
|
checkLockStatus
|
|
9
|
-
} from "../chunk-
|
|
9
|
+
} from "../chunk-G5FWKV2Q.js";
|
|
10
10
|
import {
|
|
11
11
|
buildLockPageUrl,
|
|
12
12
|
createRedirect,
|
|
13
13
|
debug,
|
|
14
14
|
isOnLockPage
|
|
15
|
-
} from "../chunk-
|
|
15
|
+
} from "../chunk-EPJ4ZVO6.js";
|
|
16
16
|
import {
|
|
17
17
|
UseCSPInputSchema,
|
|
18
18
|
isHTMLRequest
|
|
@@ -21,7 +21,7 @@ import {
|
|
|
21
21
|
AppwardenApiTokenSchema,
|
|
22
22
|
BooleanSchema,
|
|
23
23
|
printMessage
|
|
24
|
-
} from "../chunk-
|
|
24
|
+
} from "../chunk-GK6JL5NZ.js";
|
|
25
25
|
|
|
26
26
|
// src/schemas/react-router-cloudflare.ts
|
|
27
27
|
import { z } from "zod";
|
|
@@ -101,10 +101,10 @@ function createAppwardenMiddleware(configFn) {
|
|
|
101
101
|
});
|
|
102
102
|
if (result.isLocked) {
|
|
103
103
|
const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
|
|
104
|
-
debugFn(`
|
|
104
|
+
debugFn(`Website is locked - redirecting to ${lockPageUrl.pathname}`);
|
|
105
105
|
throw createRedirect(lockPageUrl);
|
|
106
106
|
}
|
|
107
|
-
debugFn("
|
|
107
|
+
debugFn("Website is unlocked");
|
|
108
108
|
const response = await next();
|
|
109
109
|
if (config.contentSecurityPolicy && response instanceof Response) {
|
|
110
110
|
debugFn("Applying CSP middleware");
|
|
@@ -1,18 +1,18 @@
|
|
|
1
1
|
import {
|
|
2
2
|
useContentSecurityPolicy
|
|
3
|
-
} from "../chunk-
|
|
3
|
+
} from "../chunk-AXWJZE7U.js";
|
|
4
4
|
import {
|
|
5
5
|
validateConfig
|
|
6
|
-
} from "../chunk-
|
|
6
|
+
} from "../chunk-MNGMTDH3.js";
|
|
7
7
|
import {
|
|
8
8
|
checkLockStatus
|
|
9
|
-
} from "../chunk-
|
|
9
|
+
} from "../chunk-G5FWKV2Q.js";
|
|
10
10
|
import {
|
|
11
11
|
buildLockPageUrl,
|
|
12
12
|
createRedirect,
|
|
13
13
|
debug,
|
|
14
14
|
isOnLockPage
|
|
15
|
-
} from "../chunk-
|
|
15
|
+
} from "../chunk-EPJ4ZVO6.js";
|
|
16
16
|
import {
|
|
17
17
|
UseCSPInputSchema,
|
|
18
18
|
isHTMLRequest
|
|
@@ -21,7 +21,7 @@ import {
|
|
|
21
21
|
AppwardenApiTokenSchema,
|
|
22
22
|
BooleanSchema,
|
|
23
23
|
printMessage
|
|
24
|
-
} from "../chunk-
|
|
24
|
+
} from "../chunk-GK6JL5NZ.js";
|
|
25
25
|
|
|
26
26
|
// src/schemas/tanstack-start-cloudflare.ts
|
|
27
27
|
import { z } from "zod";
|
|
@@ -86,10 +86,10 @@ function createAppwardenMiddleware(configFn) {
|
|
|
86
86
|
});
|
|
87
87
|
if (result.isLocked) {
|
|
88
88
|
const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
|
|
89
|
-
debugFn(`
|
|
89
|
+
debugFn(`Website is locked - redirecting to ${lockPageUrl.pathname}`);
|
|
90
90
|
throw createRedirect(lockPageUrl);
|
|
91
91
|
}
|
|
92
|
-
debugFn("
|
|
92
|
+
debugFn("Website is unlocked");
|
|
93
93
|
const response = await next();
|
|
94
94
|
if (config.contentSecurityPolicy && response instanceof Response) {
|
|
95
95
|
debugFn("Applying CSP middleware");
|
package/cloudflare.js
CHANGED
|
@@ -1,15 +1,15 @@
|
|
|
1
1
|
import {
|
|
2
2
|
useContentSecurityPolicy
|
|
3
|
-
} from "./chunk-
|
|
3
|
+
} from "./chunk-AXWJZE7U.js";
|
|
4
4
|
import {
|
|
5
5
|
checkLockStatus
|
|
6
|
-
} from "./chunk-
|
|
6
|
+
} from "./chunk-G5FWKV2Q.js";
|
|
7
7
|
import {
|
|
8
8
|
buildLockPageUrl,
|
|
9
9
|
createRedirect,
|
|
10
10
|
debug,
|
|
11
11
|
isOnLockPage
|
|
12
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-EPJ4ZVO6.js";
|
|
13
13
|
import {
|
|
14
14
|
APPWARDEN_CACHE_KEY,
|
|
15
15
|
UseCSPInputSchema,
|
|
@@ -22,7 +22,7 @@ import {
|
|
|
22
22
|
insertErrorLogs,
|
|
23
23
|
printMessage,
|
|
24
24
|
store
|
|
25
|
-
} from "./chunk-
|
|
25
|
+
} from "./chunk-GK6JL5NZ.js";
|
|
26
26
|
|
|
27
27
|
// src/runners/appwarden-on-cloudflare.ts
|
|
28
28
|
import { ZodError } from "zod";
|
package/index.js
CHANGED
|
@@ -5,14 +5,14 @@ import {
|
|
|
5
5
|
} from "./chunk-QEFORWCW.js";
|
|
6
6
|
import {
|
|
7
7
|
useContentSecurityPolicy
|
|
8
|
-
} from "./chunk-
|
|
8
|
+
} from "./chunk-AXWJZE7U.js";
|
|
9
9
|
import {
|
|
10
10
|
APPWARDEN_CACHE_KEY,
|
|
11
11
|
CSPDirectivesSchema,
|
|
12
12
|
CSPModeSchema,
|
|
13
13
|
LOCKDOWN_TEST_EXPIRY_MS
|
|
14
14
|
} from "./chunk-HCGLR3Z3.js";
|
|
15
|
-
import "./chunk-
|
|
15
|
+
import "./chunk-GK6JL5NZ.js";
|
|
16
16
|
export {
|
|
17
17
|
APPWARDEN_CACHE_KEY,
|
|
18
18
|
CSPDirectivesSchema,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@appwarden/middleware",
|
|
3
|
-
"version": "3.4.
|
|
3
|
+
"version": "3.4.1",
|
|
4
4
|
"description": "Instantly shut off access your app deployed on Cloudflare or Vercel",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"license": "MIT",
|
|
@@ -108,7 +108,8 @@
|
|
|
108
108
|
"devalue@<=5.6.2": ">=5.6.3",
|
|
109
109
|
"minimatch@<10.2.1": ">=10.2.1",
|
|
110
110
|
"tar@<7.5.8": ">=7.5.8",
|
|
111
|
-
"ajv@>=7.0.0-alpha.0 <8.18.0": ">=8.18.0"
|
|
111
|
+
"ajv@>=7.0.0-alpha.0 <8.18.0": ">=8.18.0",
|
|
112
|
+
"rollup@>=4.0.0 <4.59.0": ">=4.59.0"
|
|
112
113
|
}
|
|
113
114
|
}
|
|
114
115
|
}
|
package/vercel.js
CHANGED
|
@@ -4,14 +4,14 @@ import {
|
|
|
4
4
|
} from "./chunk-QEFORWCW.js";
|
|
5
5
|
import {
|
|
6
6
|
validateConfig
|
|
7
|
-
} from "./chunk-
|
|
7
|
+
} from "./chunk-MNGMTDH3.js";
|
|
8
8
|
import {
|
|
9
9
|
MemoryCache,
|
|
10
10
|
TEMPORARY_REDIRECT_STATUS,
|
|
11
11
|
buildLockPageUrl,
|
|
12
12
|
debug,
|
|
13
13
|
isOnLockPage
|
|
14
|
-
} from "./chunk-
|
|
14
|
+
} from "./chunk-EPJ4ZVO6.js";
|
|
15
15
|
import {
|
|
16
16
|
APPWARDEN_CACHE_KEY,
|
|
17
17
|
CSPDirectivesSchema,
|
|
@@ -24,7 +24,7 @@ import {
|
|
|
24
24
|
LockValue,
|
|
25
25
|
makeCSPHeader,
|
|
26
26
|
printMessage
|
|
27
|
-
} from "./chunk-
|
|
27
|
+
} from "./chunk-GK6JL5NZ.js";
|
|
28
28
|
|
|
29
29
|
// src/runners/appwarden-on-vercel.ts
|
|
30
30
|
import { waitUntil } from "@vercel/functions";
|
|
@@ -296,7 +296,9 @@ function createAppwardenMiddleware(config) {
|
|
|
296
296
|
provider
|
|
297
297
|
})).lockValue;
|
|
298
298
|
if (lockValue?.isLocked) {
|
|
299
|
-
debugFn(
|
|
299
|
+
debugFn(
|
|
300
|
+
`Website is locked - redirecting to ${parsedConfig.lockPageSlug}`
|
|
301
|
+
);
|
|
300
302
|
const lockPageUrl = buildLockPageUrl(
|
|
301
303
|
parsedConfig.lockPageSlug,
|
|
302
304
|
request.url
|