@appwarden/middleware 3.7.0 → 3.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/README.md +8 -10
  2. package/cloudflare/astro.js +3 -3
  3. package/cloudflare/nextjs.js +3 -3
  4. package/cloudflare/react-router.d.ts +419 -34
  5. package/cloudflare/react-router.js +16 -33
  6. package/cloudflare/tanstack-start.js +3 -3
  7. package/package.json +1 -1
package/README.md CHANGED
@@ -4,7 +4,7 @@
4
4
  [![GitHub](https://img.shields.io/badge/GitHub-appwarden%2Fmiddleware-181717?logo=github&logoColor=white)](https://github.com/appwarden/middleware)
5
5
  [![npm version](https://img.shields.io/npm/v/@appwarden/middleware.svg)](https://www.npmjs.com/package/@appwarden/middleware)
6
6
  [![npm provenance](https://img.shields.io/badge/npm-provenance-green)](https://docs.npmjs.com/generating-provenance-statements)
7
- ![Test Coverage](https://img.shields.io/badge/coverage-91.5%25-brightgreen)
7
+ ![Test Coverage](https://img.shields.io/badge/coverage-92%25-brightgreen)
8
8
  [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
9
9
 
10
10
  ## Core Features
@@ -162,19 +162,17 @@ See the [Astro + Cloudflare guide](https://appwarden.io/docs/guides/astro-cloudf
162
162
  ```ts
163
163
  // app/root.tsx
164
164
  import { createAppwardenMiddleware } from "@appwarden/middleware/cloudflare/react-router"
165
- import type { CloudflareContext } from "@appwarden/middleware/cloudflare/react-router"
166
165
 
167
166
  export const unstable_middleware = [
168
- createAppwardenMiddleware((cloudflare: CloudflareContext) => ({
169
- lockPageSlug: cloudflare.env.APPWARDEN_LOCK_PAGE_SLUG,
170
- appwardenApiToken: cloudflare.env.APPWARDEN_API_TOKEN,
171
- debug: cloudflare.env.APPWARDEN_DEBUG === "true",
167
+ createAppwardenMiddleware(({ env }) => ({
168
+ lockPageSlug: env.APPWARDEN_LOCK_PAGE_SLUG,
169
+ appwardenApiToken: env.APPWARDEN_API_TOKEN,
170
+ // "debug" can be a string or boolean; the schema will normalize it
171
+ debug: env.APPWARDEN_DEBUG,
172
+ // "directives" can be a JSON string or an object; the schema will parse it
172
173
  contentSecurityPolicy: {
173
174
  mode: "enforced",
174
- directives: {
175
- "script-src": ["'self'", "{{nonce}}"],
176
- "style-src": ["'self'", "{{nonce}}"],
177
- },
175
+ directives: env.APPWARDEN_CSP_DIRECTIVES,
178
176
  },
179
177
  })),
180
178
  ]
package/cloudflare/astro.js CHANGED
@@ -4,12 +4,12 @@ import {
4
4
  import {
5
5
  useContentSecurityPolicy
6
6
  } from "../chunk-52NBQDQT.js";
7
- import {
8
- getNowMs
9
- } from "../chunk-X7WZVYQS.js";
10
7
  import {
11
8
  validateConfig
12
9
  } from "../chunk-MNGMTDH3.js";
10
+ import {
11
+ getNowMs
12
+ } from "../chunk-X7WZVYQS.js";
13
13
  import {
14
14
  checkLockStatus
15
15
  } from "../chunk-G5FWKV2Q.js";
package/cloudflare/nextjs.js CHANGED
@@ -1,9 +1,9 @@
1
- import {
2
- getNowMs
3
- } from "../chunk-X7WZVYQS.js";
4
1
  import {
5
2
  validateConfig
6
3
  } from "../chunk-MNGMTDH3.js";
4
+ import {
5
+ getNowMs
6
+ } from "../chunk-X7WZVYQS.js";
7
7
  import {
8
8
  checkLockStatus
9
9
  } from "../chunk-G5FWKV2Q.js";
package/cloudflare/react-router.d.ts CHANGED
@@ -1,51 +1,440 @@
1
- import { U as UseCSPInput } from '../use-content-security-policy-DUYpyUPy.js';
2
- import 'zod';
1
+ import { z } from 'zod';
3
2
 
4
3
  /**
5
- * Cloudflare context provided by React Router on Cloudflare Workers.
6
- * This is the shape of `context.cloudflare` in React Router loaders/actions.
4
+ * Zod schema for React Router Cloudflare adapter configuration.
5
+ * Validates the config object returned by the configFn.
7
6
  */
8
- interface CloudflareContext {
9
- env: CloudflareEnv;
10
- ctx: ExecutionContext;
11
- }
12
- /**
13
- * Symbol used to store Cloudflare context in RouterContextProvider.
14
- * This is used when middleware is enabled with the v8_middleware future flag.
15
- */
16
- declare const cloudflareContextSymbol: unique symbol;
17
- /**
18
- * Configuration for the Appwarden middleware.
19
- */
20
- interface ReactRouterAppwardenConfig {
7
+ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
21
8
  /** The slug/path of the lock page to redirect to when the site is locked */
22
- lockPageSlug: string;
9
+ lockPageSlug: z.ZodString;
23
10
  /** The Appwarden API token for authentication */
24
- appwardenApiToken: string;
11
+ appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
25
12
  /** Optional custom API hostname (defaults to https://api.appwarden.io) */
26
- appwardenApiHostname?: string;
13
+ appwardenApiHostname: z.ZodOptional<z.ZodString>;
27
14
  /** Enable debug logging */
28
- debug?: boolean;
15
+ debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
29
16
  /** Optional Content Security Policy configuration */
30
- contentSecurityPolicy?: UseCSPInput;
17
+ contentSecurityPolicy: z.ZodOptional<z.ZodLazy<z.ZodEffects<z.ZodObject<{
18
+ mode: z.ZodDefault<z.ZodOptional<z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>>>;
19
+ directives: z.ZodEffects<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodObject<{
20
+ "default-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
21
+ "script-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
22
+ "style-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
23
+ "img-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
24
+ "connect-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
25
+ "font-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
26
+ "object-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
27
+ "media-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
28
+ "frame-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
29
+ sandbox: z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
30
+ "report-uri": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
31
+ "child-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
32
+ "form-action": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
33
+ "frame-ancestors": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
34
+ "plugin-types": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
35
+ "base-uri": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
36
+ "report-to": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
37
+ "worker-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
38
+ "manifest-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
39
+ "prefetch-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
40
+ "navigate-to": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
41
+ "require-sri-for": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
42
+ "block-all-mixed-content": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
43
+ "upgrade-insecure-requests": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
44
+ "trusted-types": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
45
+ "require-trusted-types-for": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
46
+ }, "strip", z.ZodTypeAny, {
47
+ "default-src"?: string | boolean | string[] | undefined;
48
+ "script-src"?: string | boolean | string[] | undefined;
49
+ "style-src"?: string | boolean | string[] | undefined;
50
+ "img-src"?: string | boolean | string[] | undefined;
51
+ "connect-src"?: string | boolean | string[] | undefined;
52
+ "font-src"?: string | boolean | string[] | undefined;
53
+ "object-src"?: string | boolean | string[] | undefined;
54
+ "media-src"?: string | boolean | string[] | undefined;
55
+ "frame-src"?: string | boolean | string[] | undefined;
56
+ sandbox?: string | boolean | string[] | undefined;
57
+ "report-uri"?: string | boolean | string[] | undefined;
58
+ "child-src"?: string | boolean | string[] | undefined;
59
+ "form-action"?: string | boolean | string[] | undefined;
60
+ "frame-ancestors"?: string | boolean | string[] | undefined;
61
+ "plugin-types"?: string | boolean | string[] | undefined;
62
+ "base-uri"?: string | boolean | string[] | undefined;
63
+ "report-to"?: string | boolean | string[] | undefined;
64
+ "worker-src"?: string | boolean | string[] | undefined;
65
+ "manifest-src"?: string | boolean | string[] | undefined;
66
+ "prefetch-src"?: string | boolean | string[] | undefined;
67
+ "navigate-to"?: string | boolean | string[] | undefined;
68
+ "require-sri-for"?: string | boolean | string[] | undefined;
69
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
70
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
71
+ "trusted-types"?: string | boolean | string[] | undefined;
72
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
73
+ }, {
74
+ "default-src"?: string | boolean | string[] | undefined;
75
+ "script-src"?: string | boolean | string[] | undefined;
76
+ "style-src"?: string | boolean | string[] | undefined;
77
+ "img-src"?: string | boolean | string[] | undefined;
78
+ "connect-src"?: string | boolean | string[] | undefined;
79
+ "font-src"?: string | boolean | string[] | undefined;
80
+ "object-src"?: string | boolean | string[] | undefined;
81
+ "media-src"?: string | boolean | string[] | undefined;
82
+ "frame-src"?: string | boolean | string[] | undefined;
83
+ sandbox?: string | boolean | string[] | undefined;
84
+ "report-uri"?: string | boolean | string[] | undefined;
85
+ "child-src"?: string | boolean | string[] | undefined;
86
+ "form-action"?: string | boolean | string[] | undefined;
87
+ "frame-ancestors"?: string | boolean | string[] | undefined;
88
+ "plugin-types"?: string | boolean | string[] | undefined;
89
+ "base-uri"?: string | boolean | string[] | undefined;
90
+ "report-to"?: string | boolean | string[] | undefined;
91
+ "worker-src"?: string | boolean | string[] | undefined;
92
+ "manifest-src"?: string | boolean | string[] | undefined;
93
+ "prefetch-src"?: string | boolean | string[] | undefined;
94
+ "navigate-to"?: string | boolean | string[] | undefined;
95
+ "require-sri-for"?: string | boolean | string[] | undefined;
96
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
97
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
98
+ "trusted-types"?: string | boolean | string[] | undefined;
99
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
100
+ }>]>>, string | {
101
+ "default-src"?: string | boolean | string[] | undefined;
102
+ "script-src"?: string | boolean | string[] | undefined;
103
+ "style-src"?: string | boolean | string[] | undefined;
104
+ "img-src"?: string | boolean | string[] | undefined;
105
+ "connect-src"?: string | boolean | string[] | undefined;
106
+ "font-src"?: string | boolean | string[] | undefined;
107
+ "object-src"?: string | boolean | string[] | undefined;
108
+ "media-src"?: string | boolean | string[] | undefined;
109
+ "frame-src"?: string | boolean | string[] | undefined;
110
+ sandbox?: string | boolean | string[] | undefined;
111
+ "report-uri"?: string | boolean | string[] | undefined;
112
+ "child-src"?: string | boolean | string[] | undefined;
113
+ "form-action"?: string | boolean | string[] | undefined;
114
+ "frame-ancestors"?: string | boolean | string[] | undefined;
115
+ "plugin-types"?: string | boolean | string[] | undefined;
116
+ "base-uri"?: string | boolean | string[] | undefined;
117
+ "report-to"?: string | boolean | string[] | undefined;
118
+ "worker-src"?: string | boolean | string[] | undefined;
119
+ "manifest-src"?: string | boolean | string[] | undefined;
120
+ "prefetch-src"?: string | boolean | string[] | undefined;
121
+ "navigate-to"?: string | boolean | string[] | undefined;
122
+ "require-sri-for"?: string | boolean | string[] | undefined;
123
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
124
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
125
+ "trusted-types"?: string | boolean | string[] | undefined;
126
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
127
+ } | undefined, string | {
128
+ "default-src"?: string | boolean | string[] | undefined;
129
+ "script-src"?: string | boolean | string[] | undefined;
130
+ "style-src"?: string | boolean | string[] | undefined;
131
+ "img-src"?: string | boolean | string[] | undefined;
132
+ "connect-src"?: string | boolean | string[] | undefined;
133
+ "font-src"?: string | boolean | string[] | undefined;
134
+ "object-src"?: string | boolean | string[] | undefined;
135
+ "media-src"?: string | boolean | string[] | undefined;
136
+ "frame-src"?: string | boolean | string[] | undefined;
137
+ sandbox?: string | boolean | string[] | undefined;
138
+ "report-uri"?: string | boolean | string[] | undefined;
139
+ "child-src"?: string | boolean | string[] | undefined;
140
+ "form-action"?: string | boolean | string[] | undefined;
141
+ "frame-ancestors"?: string | boolean | string[] | undefined;
142
+ "plugin-types"?: string | boolean | string[] | undefined;
143
+ "base-uri"?: string | boolean | string[] | undefined;
144
+ "report-to"?: string | boolean | string[] | undefined;
145
+ "worker-src"?: string | boolean | string[] | undefined;
146
+ "manifest-src"?: string | boolean | string[] | undefined;
147
+ "prefetch-src"?: string | boolean | string[] | undefined;
148
+ "navigate-to"?: string | boolean | string[] | undefined;
149
+ "require-sri-for"?: string | boolean | string[] | undefined;
150
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
151
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
152
+ "trusted-types"?: string | boolean | string[] | undefined;
153
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
154
+ } | undefined>, {
155
+ "default-src"?: string | boolean | string[] | undefined;
156
+ "script-src"?: string | boolean | string[] | undefined;
157
+ "style-src"?: string | boolean | string[] | undefined;
158
+ "img-src"?: string | boolean | string[] | undefined;
159
+ "connect-src"?: string | boolean | string[] | undefined;
160
+ "font-src"?: string | boolean | string[] | undefined;
161
+ "object-src"?: string | boolean | string[] | undefined;
162
+ "media-src"?: string | boolean | string[] | undefined;
163
+ "frame-src"?: string | boolean | string[] | undefined;
164
+ sandbox?: string | boolean | string[] | undefined;
165
+ "report-uri"?: string | boolean | string[] | undefined;
166
+ "child-src"?: string | boolean | string[] | undefined;
167
+ "form-action"?: string | boolean | string[] | undefined;
168
+ "frame-ancestors"?: string | boolean | string[] | undefined;
169
+ "plugin-types"?: string | boolean | string[] | undefined;
170
+ "base-uri"?: string | boolean | string[] | undefined;
171
+ "report-to"?: string | boolean | string[] | undefined;
172
+ "worker-src"?: string | boolean | string[] | undefined;
173
+ "manifest-src"?: string | boolean | string[] | undefined;
174
+ "prefetch-src"?: string | boolean | string[] | undefined;
175
+ "navigate-to"?: string | boolean | string[] | undefined;
176
+ "require-sri-for"?: string | boolean | string[] | undefined;
177
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
178
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
179
+ "trusted-types"?: string | boolean | string[] | undefined;
180
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
181
+ } | undefined, string | {
182
+ "default-src"?: string | boolean | string[] | undefined;
183
+ "script-src"?: string | boolean | string[] | undefined;
184
+ "style-src"?: string | boolean | string[] | undefined;
185
+ "img-src"?: string | boolean | string[] | undefined;
186
+ "connect-src"?: string | boolean | string[] | undefined;
187
+ "font-src"?: string | boolean | string[] | undefined;
188
+ "object-src"?: string | boolean | string[] | undefined;
189
+ "media-src"?: string | boolean | string[] | undefined;
190
+ "frame-src"?: string | boolean | string[] | undefined;
191
+ sandbox?: string | boolean | string[] | undefined;
192
+ "report-uri"?: string | boolean | string[] | undefined;
193
+ "child-src"?: string | boolean | string[] | undefined;
194
+ "form-action"?: string | boolean | string[] | undefined;
195
+ "frame-ancestors"?: string | boolean | string[] | undefined;
196
+ "plugin-types"?: string | boolean | string[] | undefined;
197
+ "base-uri"?: string | boolean | string[] | undefined;
198
+ "report-to"?: string | boolean | string[] | undefined;
199
+ "worker-src"?: string | boolean | string[] | undefined;
200
+ "manifest-src"?: string | boolean | string[] | undefined;
201
+ "prefetch-src"?: string | boolean | string[] | undefined;
202
+ "navigate-to"?: string | boolean | string[] | undefined;
203
+ "require-sri-for"?: string | boolean | string[] | undefined;
204
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
205
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
206
+ "trusted-types"?: string | boolean | string[] | undefined;
207
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
208
+ } | undefined>;
209
+ }, "strip", z.ZodTypeAny, {
210
+ mode: "disabled" | "report-only" | "enforced";
211
+ directives?: {
212
+ "default-src"?: string | boolean | string[] | undefined;
213
+ "script-src"?: string | boolean | string[] | undefined;
214
+ "style-src"?: string | boolean | string[] | undefined;
215
+ "img-src"?: string | boolean | string[] | undefined;
216
+ "connect-src"?: string | boolean | string[] | undefined;
217
+ "font-src"?: string | boolean | string[] | undefined;
218
+ "object-src"?: string | boolean | string[] | undefined;
219
+ "media-src"?: string | boolean | string[] | undefined;
220
+ "frame-src"?: string | boolean | string[] | undefined;
221
+ sandbox?: string | boolean | string[] | undefined;
222
+ "report-uri"?: string | boolean | string[] | undefined;
223
+ "child-src"?: string | boolean | string[] | undefined;
224
+ "form-action"?: string | boolean | string[] | undefined;
225
+ "frame-ancestors"?: string | boolean | string[] | undefined;
226
+ "plugin-types"?: string | boolean | string[] | undefined;
227
+ "base-uri"?: string | boolean | string[] | undefined;
228
+ "report-to"?: string | boolean | string[] | undefined;
229
+ "worker-src"?: string | boolean | string[] | undefined;
230
+ "manifest-src"?: string | boolean | string[] | undefined;
231
+ "prefetch-src"?: string | boolean | string[] | undefined;
232
+ "navigate-to"?: string | boolean | string[] | undefined;
233
+ "require-sri-for"?: string | boolean | string[] | undefined;
234
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
235
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
236
+ "trusted-types"?: string | boolean | string[] | undefined;
237
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
238
+ } | undefined;
239
+ }, {
240
+ mode?: "disabled" | "report-only" | "enforced" | undefined;
241
+ directives?: string | {
242
+ "default-src"?: string | boolean | string[] | undefined;
243
+ "script-src"?: string | boolean | string[] | undefined;
244
+ "style-src"?: string | boolean | string[] | undefined;
245
+ "img-src"?: string | boolean | string[] | undefined;
246
+ "connect-src"?: string | boolean | string[] | undefined;
247
+ "font-src"?: string | boolean | string[] | undefined;
248
+ "object-src"?: string | boolean | string[] | undefined;
249
+ "media-src"?: string | boolean | string[] | undefined;
250
+ "frame-src"?: string | boolean | string[] | undefined;
251
+ sandbox?: string | boolean | string[] | undefined;
252
+ "report-uri"?: string | boolean | string[] | undefined;
253
+ "child-src"?: string | boolean | string[] | undefined;
254
+ "form-action"?: string | boolean | string[] | undefined;
255
+ "frame-ancestors"?: string | boolean | string[] | undefined;
256
+ "plugin-types"?: string | boolean | string[] | undefined;
257
+ "base-uri"?: string | boolean | string[] | undefined;
258
+ "report-to"?: string | boolean | string[] | undefined;
259
+ "worker-src"?: string | boolean | string[] | undefined;
260
+ "manifest-src"?: string | boolean | string[] | undefined;
261
+ "prefetch-src"?: string | boolean | string[] | undefined;
262
+ "navigate-to"?: string | boolean | string[] | undefined;
263
+ "require-sri-for"?: string | boolean | string[] | undefined;
264
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
265
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
266
+ "trusted-types"?: string | boolean | string[] | undefined;
267
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
268
+ } | undefined;
269
+ }>, {
270
+ mode: "disabled" | "report-only" | "enforced";
271
+ directives?: {
272
+ "default-src"?: string | boolean | string[] | undefined;
273
+ "script-src"?: string | boolean | string[] | undefined;
274
+ "style-src"?: string | boolean | string[] | undefined;
275
+ "img-src"?: string | boolean | string[] | undefined;
276
+ "connect-src"?: string | boolean | string[] | undefined;
277
+ "font-src"?: string | boolean | string[] | undefined;
278
+ "object-src"?: string | boolean | string[] | undefined;
279
+ "media-src"?: string | boolean | string[] | undefined;
280
+ "frame-src"?: string | boolean | string[] | undefined;
281
+ sandbox?: string | boolean | string[] | undefined;
282
+ "report-uri"?: string | boolean | string[] | undefined;
283
+ "child-src"?: string | boolean | string[] | undefined;
284
+ "form-action"?: string | boolean | string[] | undefined;
285
+ "frame-ancestors"?: string | boolean | string[] | undefined;
286
+ "plugin-types"?: string | boolean | string[] | undefined;
287
+ "base-uri"?: string | boolean | string[] | undefined;
288
+ "report-to"?: string | boolean | string[] | undefined;
289
+ "worker-src"?: string | boolean | string[] | undefined;
290
+ "manifest-src"?: string | boolean | string[] | undefined;
291
+ "prefetch-src"?: string | boolean | string[] | undefined;
292
+ "navigate-to"?: string | boolean | string[] | undefined;
293
+ "require-sri-for"?: string | boolean | string[] | undefined;
294
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
295
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
296
+ "trusted-types"?: string | boolean | string[] | undefined;
297
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
298
+ } | undefined;
299
+ }, {
300
+ mode?: "disabled" | "report-only" | "enforced" | undefined;
301
+ directives?: string | {
302
+ "default-src"?: string | boolean | string[] | undefined;
303
+ "script-src"?: string | boolean | string[] | undefined;
304
+ "style-src"?: string | boolean | string[] | undefined;
305
+ "img-src"?: string | boolean | string[] | undefined;
306
+ "connect-src"?: string | boolean | string[] | undefined;
307
+ "font-src"?: string | boolean | string[] | undefined;
308
+ "object-src"?: string | boolean | string[] | undefined;
309
+ "media-src"?: string | boolean | string[] | undefined;
310
+ "frame-src"?: string | boolean | string[] | undefined;
311
+ sandbox?: string | boolean | string[] | undefined;
312
+ "report-uri"?: string | boolean | string[] | undefined;
313
+ "child-src"?: string | boolean | string[] | undefined;
314
+ "form-action"?: string | boolean | string[] | undefined;
315
+ "frame-ancestors"?: string | boolean | string[] | undefined;
316
+ "plugin-types"?: string | boolean | string[] | undefined;
317
+ "base-uri"?: string | boolean | string[] | undefined;
318
+ "report-to"?: string | boolean | string[] | undefined;
319
+ "worker-src"?: string | boolean | string[] | undefined;
320
+ "manifest-src"?: string | boolean | string[] | undefined;
321
+ "prefetch-src"?: string | boolean | string[] | undefined;
322
+ "navigate-to"?: string | boolean | string[] | undefined;
323
+ "require-sri-for"?: string | boolean | string[] | undefined;
324
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
325
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
326
+ "trusted-types"?: string | boolean | string[] | undefined;
327
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
328
+ } | undefined;
329
+ }>>>;
330
+ }, "strip", z.ZodTypeAny, {
331
+ debug: boolean;
332
+ lockPageSlug: string;
333
+ appwardenApiToken: string;
334
+ contentSecurityPolicy?: {
335
+ mode: "disabled" | "report-only" | "enforced";
336
+ directives?: {
337
+ "default-src"?: string | boolean | string[] | undefined;
338
+ "script-src"?: string | boolean | string[] | undefined;
339
+ "style-src"?: string | boolean | string[] | undefined;
340
+ "img-src"?: string | boolean | string[] | undefined;
341
+ "connect-src"?: string | boolean | string[] | undefined;
342
+ "font-src"?: string | boolean | string[] | undefined;
343
+ "object-src"?: string | boolean | string[] | undefined;
344
+ "media-src"?: string | boolean | string[] | undefined;
345
+ "frame-src"?: string | boolean | string[] | undefined;
346
+ sandbox?: string | boolean | string[] | undefined;
347
+ "report-uri"?: string | boolean | string[] | undefined;
348
+ "child-src"?: string | boolean | string[] | undefined;
349
+ "form-action"?: string | boolean | string[] | undefined;
350
+ "frame-ancestors"?: string | boolean | string[] | undefined;
351
+ "plugin-types"?: string | boolean | string[] | undefined;
352
+ "base-uri"?: string | boolean | string[] | undefined;
353
+ "report-to"?: string | boolean | string[] | undefined;
354
+ "worker-src"?: string | boolean | string[] | undefined;
355
+ "manifest-src"?: string | boolean | string[] | undefined;
356
+ "prefetch-src"?: string | boolean | string[] | undefined;
357
+ "navigate-to"?: string | boolean | string[] | undefined;
358
+ "require-sri-for"?: string | boolean | string[] | undefined;
359
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
360
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
361
+ "trusted-types"?: string | boolean | string[] | undefined;
362
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
363
+ } | undefined;
364
+ } | undefined;
365
+ appwardenApiHostname?: string | undefined;
366
+ }, {
367
+ lockPageSlug: string;
368
+ appwardenApiToken: string;
369
+ debug?: string | boolean | undefined;
370
+ contentSecurityPolicy?: {
371
+ mode?: "disabled" | "report-only" | "enforced" | undefined;
372
+ directives?: string | {
373
+ "default-src"?: string | boolean | string[] | undefined;
374
+ "script-src"?: string | boolean | string[] | undefined;
375
+ "style-src"?: string | boolean | string[] | undefined;
376
+ "img-src"?: string | boolean | string[] | undefined;
377
+ "connect-src"?: string | boolean | string[] | undefined;
378
+ "font-src"?: string | boolean | string[] | undefined;
379
+ "object-src"?: string | boolean | string[] | undefined;
380
+ "media-src"?: string | boolean | string[] | undefined;
381
+ "frame-src"?: string | boolean | string[] | undefined;
382
+ sandbox?: string | boolean | string[] | undefined;
383
+ "report-uri"?: string | boolean | string[] | undefined;
384
+ "child-src"?: string | boolean | string[] | undefined;
385
+ "form-action"?: string | boolean | string[] | undefined;
386
+ "frame-ancestors"?: string | boolean | string[] | undefined;
387
+ "plugin-types"?: string | boolean | string[] | undefined;
388
+ "base-uri"?: string | boolean | string[] | undefined;
389
+ "report-to"?: string | boolean | string[] | undefined;
390
+ "worker-src"?: string | boolean | string[] | undefined;
391
+ "manifest-src"?: string | boolean | string[] | undefined;
392
+ "prefetch-src"?: string | boolean | string[] | undefined;
393
+ "navigate-to"?: string | boolean | string[] | undefined;
394
+ "require-sri-for"?: string | boolean | string[] | undefined;
395
+ "block-all-mixed-content"?: string | boolean | string[] | undefined;
396
+ "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
397
+ "trusted-types"?: string | boolean | string[] | undefined;
398
+ "require-trusted-types-for"?: string | boolean | string[] | undefined;
399
+ } | undefined;
400
+ } | undefined;
401
+ appwardenApiHostname?: string | undefined;
402
+ }>;
403
+ /**
404
+ * Input type for React Router Cloudflare adapter configuration.
405
+ * This is the pre-transformation type that accepts string | boolean for debug
406
+ * and string | object for CSP directives, allowing users to pass environment
407
+ * variables directly without manual transformation.
408
+ */
409
+ type ReactRouterAppwardenConfigInput = z.input<typeof ReactRouterCloudflareConfigSchema>;
410
+
411
+ /**
412
+ * Minimal runtime context required by the React Router adapter.
413
+ * Contains only the essential properties needed by the middleware.
414
+ */
415
+ interface ReactRouterRuntimeContext {
416
+ /** Cloudflare environment bindings */
417
+ env: CloudflareEnv;
418
+ /** Function to extend the lifetime of the request for background tasks */
419
+ waitUntil(promise: Promise<unknown>): void;
31
420
  }
32
421
  /**
33
- * Configuration function that receives the Cloudflare context and returns the config.
422
+ * Configuration function that receives the runtime context and returns the config.
34
423
  * This allows dynamic configuration based on environment variables.
424
+ * The config can use the relaxed input types (string | boolean for debug,
425
+ * string | object for CSP directives) which will be transformed by Zod.
35
426
  */
36
- type ReactRouterConfigFn = (cloudflare: CloudflareContext) => ReactRouterAppwardenConfig;
427
+ type ReactRouterConfigFn = (runtime: ReactRouterRuntimeContext) => ReactRouterAppwardenConfigInput;
37
428
  /**
38
429
  * React Router middleware function signature.
39
430
  * This matches the unstable_middleware export type in React Router v7.
40
431
  *
41
- * Supports both old and new context APIs:
42
- * - Old API: context is a plain object with `cloudflare` property
43
- * - New API (v8_middleware): context is a RouterContextProvider instance
432
+ * The context should contain the runtime context with env and waitUntil.
44
433
  */
45
434
  interface ReactRouterMiddlewareArgs {
46
435
  request: Request;
47
436
  params: Record<string, string | undefined>;
48
- context: any;
437
+ context: ReactRouterRuntimeContext;
49
438
  }
50
439
  type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: () => Promise<unknown>) => Promise<unknown>;
51
440
  /**
@@ -54,10 +443,6 @@ type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: ()
54
443
  * This middleware checks if the site is locked and redirects to the lock page if so.
55
444
  * It should be exported from your root route (root.tsx) to protect all routes.
56
445
  *
57
- * Supports both old and new React Router context APIs:
58
- * - Old API: Pass context as plain object with `cloudflare` property
59
- * - New API (v8_middleware): Use RouterContextProvider with cloudflareContextSymbol
60
- *
61
446
  * @example
62
447
  * ```typescript
63
448
  * // app/root.tsx
@@ -71,9 +456,9 @@ type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: ()
71
456
  * ]
72
457
  * ```
73
458
  *
74
- * @param configFn - A function that receives the Cloudflare context and returns the config
459
+ * @param configFn - A function that receives the runtime context and returns the config
75
460
  * @returns A React Router middleware function
76
461
  */
77
462
  declare function createAppwardenMiddleware(configFn: ReactRouterConfigFn): ReactRouterMiddlewareFunction;
78
463
 
79
- export { type CloudflareContext, cloudflareContextSymbol, createAppwardenMiddleware };
464
+ export { type ReactRouterRuntimeContext, createAppwardenMiddleware };
package/cloudflare/react-router.js CHANGED
@@ -7,9 +7,6 @@ import {
7
7
  import {
8
8
  getNowMs
9
9
  } from "../chunk-X7WZVYQS.js";
10
- import {
11
- validateConfig
12
- } from "../chunk-MNGMTDH3.js";
13
10
  import {
14
11
  checkLockStatus
15
12
  } from "../chunk-G5FWKV2Q.js";
@@ -45,40 +42,31 @@ var ReactRouterCloudflareConfigSchema = z.object({
45
42
  });
46
43
 
47
44
  // src/adapters/react-router-cloudflare.ts
48
- var cloudflareContextSymbol = /* @__PURE__ */ Symbol.for(
49
- "@appwarden/middleware:cloudflare"
50
- );
51
- function getCloudflareContext(context) {
52
- if (context?.cloudflare) {
53
- return context.cloudflare;
54
- }
55
- if (context?.get && typeof context.get === "function") {
56
- try {
57
- const cloudflare = context.get(cloudflareContextSymbol);
58
- if (cloudflare) {
59
- return cloudflare;
60
- }
61
- } catch {
62
- }
63
- }
64
- return null;
65
- }
66
45
  function createAppwardenMiddleware(configFn) {
67
46
  return async (args, next) => {
68
47
  const startTime = getNowMs();
69
48
  const { request, context } = args;
70
49
  try {
71
- const cloudflare = getCloudflareContext(context);
72
- if (!cloudflare) {
50
+ if (!context?.env || !context?.waitUntil) {
73
51
  console.error(
74
52
  printMessage(
75
- "Cloudflare context not found. Make sure you're running on Cloudflare Workers and have set up the context correctly."
53
+ "Runtime context missing required properties (env, waitUntil). Make sure you're passing the correct context to the middleware."
76
54
  )
77
55
  );
78
56
  return next();
79
57
  }
80
- const config = configFn(cloudflare);
81
- const debugFn = debug(config.debug ?? false);
58
+ const configInput = configFn(context);
59
+ const validationResult = ReactRouterCloudflareConfigSchema.safeParse(configInput);
60
+ if (!validationResult.success) {
61
+ console.error(
62
+ printMessage(
63
+ `Config validation failed: ${validationResult.error.message}`
64
+ )
65
+ );
66
+ return next();
67
+ }
68
+ const config = validationResult.data;
69
+ const debugFn = debug(config.debug);
82
70
  const requestUrl = new URL(request.url);
83
71
  const isHTML = isHTMLRequest(request);
84
72
  debugFn(
@@ -88,10 +76,6 @@ function createAppwardenMiddleware(configFn) {
88
76
  if (!isHTML) {
89
77
  return next();
90
78
  }
91
- const hasError = validateConfig(config, ReactRouterCloudflareConfigSchema);
92
- if (hasError) {
93
- return next();
94
- }
95
79
  if (isOnLockPage(config.lockPageSlug, request.url)) {
96
80
  debugFn("Already on lock page - skipping");
97
81
  return next();
@@ -102,7 +86,7 @@ function createAppwardenMiddleware(configFn) {
102
86
  appwardenApiHostname: config.appwardenApiHostname,
103
87
  debug: config.debug,
104
88
  lockPageSlug: config.lockPageSlug,
105
- waitUntil: (fn) => cloudflare.ctx.waitUntil(fn)
89
+ waitUntil: context.waitUntil
106
90
  });
107
91
  if (result.isLocked) {
108
92
  const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
@@ -116,7 +100,7 @@ function createAppwardenMiddleware(configFn) {
116
100
  request,
117
101
  response,
118
102
  hostname: requestUrl.hostname,
119
- waitUntil: (fn) => cloudflare.ctx.waitUntil(fn),
103
+ waitUntil: context.waitUntil,
120
104
  debug: debugFn
121
105
  };
122
106
  await useContentSecurityPolicy(config.contentSecurityPolicy)(
@@ -146,6 +130,5 @@ function createAppwardenMiddleware(configFn) {
146
130
  };
147
131
  }
148
132
  export {
149
- cloudflareContextSymbol,
150
133
  createAppwardenMiddleware
151
134
  };
package/cloudflare/tanstack-start.js CHANGED
@@ -4,12 +4,12 @@ import {
4
4
  import {
5
5
  useContentSecurityPolicy
6
6
  } from "../chunk-52NBQDQT.js";
7
- import {
8
- getNowMs
9
- } from "../chunk-X7WZVYQS.js";
10
7
  import {
11
8
  validateConfig
12
9
  } from "../chunk-MNGMTDH3.js";
10
+ import {
11
+ getNowMs
12
+ } from "../chunk-X7WZVYQS.js";
13
13
  import {
14
14
  checkLockStatus
15
15
  } from "../chunk-G5FWKV2Q.js";
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@appwarden/middleware",
3
- "version": "3.7.0",
3
+ "version": "3.8.0",
4
4
  "description": "Instantly shut off access your app deployed on Cloudflare or Vercel",
5
5
  "type": "module",
6
6
  "license": "MIT",