@appwarden/middleware 3.8.0 → 3.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/README.md +60 -57
  2. package/{chunk-G5FWKV2Q.js → chunk-MYIKUPTR.js} +3 -3
  3. package/{chunk-GK6JL5NZ.js → chunk-QGXPAVOA.js} +3 -5
  4. package/{chunk-HCGLR3Z3.js → chunk-UIIYORBW.js} +3 -9
  5. package/{chunk-52NBQDQT.js → chunk-VSCXTBP6.js} +2 -2
  6. package/{chunk-EPJ4ZVO6.js → chunk-Z7FIMIZS.js} +2 -2
  7. package/cloudflare/astro.d.ts +359 -16
  8. package/cloudflare/astro.js +22 -16
  9. package/cloudflare/nextjs.d.ts +419 -16
  10. package/cloudflare/nextjs.js +19 -15
  11. package/cloudflare/react-router.d.ts +23 -92
  12. package/cloudflare/react-router.js +12 -17
  13. package/cloudflare/tanstack-start.d.ts +45 -94
  14. package/cloudflare/tanstack-start.js +37 -21
  15. package/{cloudflare-K5EFFMNI.js → cloudflare-PE3JKP3X.js} +1 -1
  16. package/cloudflare.d.ts +17 -77
  17. package/cloudflare.js +6 -40
  18. package/index.d.ts +1 -5
  19. package/index.js +3 -3
  20. package/package.json +7 -4
  21. package/{use-content-security-policy-DUYpyUPy.d.ts → use-content-security-policy-jlU0Hjj8.d.ts} +24 -71
  22. package/vercel.d.ts +26 -86
  23. package/vercel.js +25 -15
  24. package/chunk-MNGMTDH3.js +0 -25
  25. package/use-content-security-policy-Dvc-oObb.d.ts +0 -17
package/cloudflare/react-router.d.ts CHANGED
@@ -14,9 +14,9 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
14
14
  /** Enable debug logging */
15
15
  debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
16
16
  /** Optional Content Security Policy configuration */
17
- contentSecurityPolicy: z.ZodOptional<z.ZodLazy<z.ZodEffects<z.ZodObject<{
18
- mode: z.ZodDefault<z.ZodOptional<z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>>>;
19
- directives: z.ZodEffects<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodObject<{
17
+ contentSecurityPolicy: z.ZodOptional<z.ZodLazy<z.ZodObject<{
18
+ mode: z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>;
19
+ directives: z.ZodEffects<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodObject<{
20
20
  "default-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
21
21
  "script-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
22
22
  "style-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
@@ -97,7 +97,7 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
97
97
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
98
98
  "trusted-types"?: string | boolean | string[] | undefined;
99
99
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
100
- }>]>>, string | {
100
+ }>]>, string | {
101
101
  "default-src"?: string | boolean | string[] | undefined;
102
102
  "script-src"?: string | boolean | string[] | undefined;
103
103
  "style-src"?: string | boolean | string[] | undefined;
@@ -124,7 +124,7 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
124
124
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
125
125
  "trusted-types"?: string | boolean | string[] | undefined;
126
126
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
127
- } | undefined, string | {
127
+ }, string | {
128
128
  "default-src"?: string | boolean | string[] | undefined;
129
129
  "script-src"?: string | boolean | string[] | undefined;
130
130
  "style-src"?: string | boolean | string[] | undefined;
@@ -151,7 +151,7 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
151
151
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
152
152
  "trusted-types"?: string | boolean | string[] | undefined;
153
153
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
154
- } | undefined>, {
154
+ }>, {
155
155
  "default-src"?: string | boolean | string[] | undefined;
156
156
  "script-src"?: string | boolean | string[] | undefined;
157
157
  "style-src"?: string | boolean | string[] | undefined;
@@ -205,7 +205,7 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
205
205
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
206
206
  "trusted-types"?: string | boolean | string[] | undefined;
207
207
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
208
- } | undefined>;
208
+ }>;
209
209
  }, "strip", z.ZodTypeAny, {
210
210
  mode: "disabled" | "report-only" | "enforced";
211
211
  directives?: {
@@ -237,38 +237,8 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
237
237
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
238
238
  } | undefined;
239
239
  }, {
240
- mode?: "disabled" | "report-only" | "enforced" | undefined;
241
- directives?: string | {
242
- "default-src"?: string | boolean | string[] | undefined;
243
- "script-src"?: string | boolean | string[] | undefined;
244
- "style-src"?: string | boolean | string[] | undefined;
245
- "img-src"?: string | boolean | string[] | undefined;
246
- "connect-src"?: string | boolean | string[] | undefined;
247
- "font-src"?: string | boolean | string[] | undefined;
248
- "object-src"?: string | boolean | string[] | undefined;
249
- "media-src"?: string | boolean | string[] | undefined;
250
- "frame-src"?: string | boolean | string[] | undefined;
251
- sandbox?: string | boolean | string[] | undefined;
252
- "report-uri"?: string | boolean | string[] | undefined;
253
- "child-src"?: string | boolean | string[] | undefined;
254
- "form-action"?: string | boolean | string[] | undefined;
255
- "frame-ancestors"?: string | boolean | string[] | undefined;
256
- "plugin-types"?: string | boolean | string[] | undefined;
257
- "base-uri"?: string | boolean | string[] | undefined;
258
- "report-to"?: string | boolean | string[] | undefined;
259
- "worker-src"?: string | boolean | string[] | undefined;
260
- "manifest-src"?: string | boolean | string[] | undefined;
261
- "prefetch-src"?: string | boolean | string[] | undefined;
262
- "navigate-to"?: string | boolean | string[] | undefined;
263
- "require-sri-for"?: string | boolean | string[] | undefined;
264
- "block-all-mixed-content"?: string | boolean | string[] | undefined;
265
- "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
266
- "trusted-types"?: string | boolean | string[] | undefined;
267
- "require-trusted-types-for"?: string | boolean | string[] | undefined;
268
- } | undefined;
269
- }>, {
270
240
  mode: "disabled" | "report-only" | "enforced";
271
- directives?: {
241
+ directives: string | {
272
242
  "default-src"?: string | boolean | string[] | undefined;
273
243
  "script-src"?: string | boolean | string[] | undefined;
274
244
  "style-src"?: string | boolean | string[] | undefined;
@@ -295,37 +265,7 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
295
265
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
296
266
  "trusted-types"?: string | boolean | string[] | undefined;
297
267
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
298
- } | undefined;
299
- }, {
300
- mode?: "disabled" | "report-only" | "enforced" | undefined;
301
- directives?: string | {
302
- "default-src"?: string | boolean | string[] | undefined;
303
- "script-src"?: string | boolean | string[] | undefined;
304
- "style-src"?: string | boolean | string[] | undefined;
305
- "img-src"?: string | boolean | string[] | undefined;
306
- "connect-src"?: string | boolean | string[] | undefined;
307
- "font-src"?: string | boolean | string[] | undefined;
308
- "object-src"?: string | boolean | string[] | undefined;
309
- "media-src"?: string | boolean | string[] | undefined;
310
- "frame-src"?: string | boolean | string[] | undefined;
311
- sandbox?: string | boolean | string[] | undefined;
312
- "report-uri"?: string | boolean | string[] | undefined;
313
- "child-src"?: string | boolean | string[] | undefined;
314
- "form-action"?: string | boolean | string[] | undefined;
315
- "frame-ancestors"?: string | boolean | string[] | undefined;
316
- "plugin-types"?: string | boolean | string[] | undefined;
317
- "base-uri"?: string | boolean | string[] | undefined;
318
- "report-to"?: string | boolean | string[] | undefined;
319
- "worker-src"?: string | boolean | string[] | undefined;
320
- "manifest-src"?: string | boolean | string[] | undefined;
321
- "prefetch-src"?: string | boolean | string[] | undefined;
322
- "navigate-to"?: string | boolean | string[] | undefined;
323
- "require-sri-for"?: string | boolean | string[] | undefined;
324
- "block-all-mixed-content"?: string | boolean | string[] | undefined;
325
- "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
326
- "trusted-types"?: string | boolean | string[] | undefined;
327
- "require-trusted-types-for"?: string | boolean | string[] | undefined;
328
- } | undefined;
268
+ };
329
269
  }>>>;
330
270
  }, "strip", z.ZodTypeAny, {
331
271
  debug: boolean;
@@ -368,8 +308,8 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
368
308
  appwardenApiToken: string;
369
309
  debug?: string | boolean | undefined;
370
310
  contentSecurityPolicy?: {
371
- mode?: "disabled" | "report-only" | "enforced" | undefined;
372
- directives?: string | {
311
+ mode: "disabled" | "report-only" | "enforced";
312
+ directives: string | {
373
313
  "default-src"?: string | boolean | string[] | undefined;
374
314
  "script-src"?: string | boolean | string[] | undefined;
375
315
  "style-src"?: string | boolean | string[] | undefined;
@@ -396,10 +336,11 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
396
336
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
397
337
  "trusted-types"?: string | boolean | string[] | undefined;
398
338
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
399
- } | undefined;
339
+ };
400
340
  } | undefined;
401
341
  appwardenApiHostname?: string | undefined;
402
342
  }>;
343
+ type ReactRouterCloudflareConfig = z.infer<typeof ReactRouterCloudflareConfigSchema>;
403
344
  /**
404
345
  * Input type for React Router Cloudflare adapter configuration.
405
346
  * This is the pre-transformation type that accepts string | boolean for debug
@@ -409,34 +350,23 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
409
350
  type ReactRouterAppwardenConfigInput = z.input<typeof ReactRouterCloudflareConfigSchema>;
410
351
 
411
352
  /**
412
- * Minimal runtime context required by the React Router adapter.
413
- * Contains only the essential properties needed by the middleware.
414
- */
415
- interface ReactRouterRuntimeContext {
416
- /** Cloudflare environment bindings */
417
- env: CloudflareEnv;
418
- /** Function to extend the lifetime of the request for background tasks */
419
- waitUntil(promise: Promise<unknown>): void;
420
- }
421
- /**
422
- * Configuration function that receives the runtime context and returns the config.
423
- * This allows dynamic configuration based on environment variables.
353
+ * Configuration function that returns the config.
354
+ * This allows dynamic configuration based on environment variables from cloudflare:workers.
424
355
  * The config can use the relaxed input types (string | boolean for debug,
425
356
  * string | object for CSP directives) which will be transformed by Zod.
357
+ *
358
+ * @param runtime - Optional runtime context (for backward compatibility)
426
359
  */
427
- type ReactRouterConfigFn = (runtime: ReactRouterRuntimeContext) => ReactRouterAppwardenConfigInput;
360
+ type ReactRouterConfigFn = (runtime?: unknown) => ReactRouterAppwardenConfigInput;
428
361
  /**
429
362
  * React Router middleware function signature.
430
363
  * This matches the unstable_middleware export type in React Router v7.
431
- *
432
- * The context should contain the runtime context with env and waitUntil.
433
364
  */
434
365
  interface ReactRouterMiddlewareArgs {
435
366
  request: Request;
436
367
  params: Record<string, string | undefined>;
437
- context: ReactRouterRuntimeContext;
438
368
  }
439
- type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: () => Promise<unknown>) => Promise<unknown>;
369
+ type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: () => Promise<void | Response>) => Promise<void | Response>;
440
370
  /**
441
371
  * Creates an Appwarden middleware function for React Router.
442
372
  *
@@ -446,19 +376,20 @@ type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: ()
446
376
  * @example
447
377
  * ```typescript
448
378
  * // app/root.tsx
379
+ * import { env } from "cloudflare:workers"
449
380
  * import { createAppwardenMiddleware } from "@appwarden/middleware/react-router"
450
381
  *
451
382
  * export const unstable_middleware = [
452
- * createAppwardenMiddleware(({ env }) => ({
383
+ * createAppwardenMiddleware(() => ({
453
384
  * lockPageSlug: env.APPWARDEN_LOCK_PAGE_SLUG,
454
385
  * appwardenApiToken: env.APPWARDEN_API_TOKEN,
455
386
  * })),
456
387
  * ]
457
388
  * ```
458
389
  *
459
- * @param configFn - A function that receives the runtime context and returns the config
390
+ * @param configFn - A function that returns the config using env from cloudflare:workers
460
391
  * @returns A React Router middleware function
461
392
  */
462
393
  declare function createAppwardenMiddleware(configFn: ReactRouterConfigFn): ReactRouterMiddlewareFunction;
463
394
 
464
- export { type ReactRouterRuntimeContext, createAppwardenMiddleware };
395
+ export { type ReactRouterAppwardenConfigInput, type ReactRouterCloudflareConfig, type ReactRouterConfigFn, type ReactRouterMiddlewareArgs, type ReactRouterMiddlewareFunction, createAppwardenMiddleware };
package/cloudflare/react-router.js CHANGED
@@ -3,28 +3,31 @@ import {
3
3
  } from "../chunk-XFG6SUSV.js";
4
4
  import {
5
5
  useContentSecurityPolicy
6
- } from "../chunk-52NBQDQT.js";
6
+ } from "../chunk-VSCXTBP6.js";
7
7
  import {
8
8
  getNowMs
9
9
  } from "../chunk-X7WZVYQS.js";
10
10
  import {
11
11
  checkLockStatus
12
- } from "../chunk-G5FWKV2Q.js";
12
+ } from "../chunk-MYIKUPTR.js";
13
13
  import {
14
14
  buildLockPageUrl,
15
15
  createRedirect,
16
16
  debug,
17
17
  isOnLockPage
18
- } from "../chunk-EPJ4ZVO6.js";
18
+ } from "../chunk-Z7FIMIZS.js";
19
19
  import {
20
20
  UseCSPInputSchema,
21
21
  isHTMLRequest
22
- } from "../chunk-HCGLR3Z3.js";
22
+ } from "../chunk-UIIYORBW.js";
23
23
  import {
24
24
  AppwardenApiTokenSchema,
25
25
  BooleanSchema,
26
26
  printMessage
27
- } from "../chunk-GK6JL5NZ.js";
27
+ } from "../chunk-QGXPAVOA.js";
28
+
29
+ // src/adapters/react-router-cloudflare.ts
30
+ import { waitUntil } from "cloudflare:workers";
28
31
 
29
32
  // src/schemas/react-router-cloudflare.ts
30
33
  import { z } from "zod";
@@ -45,17 +48,9 @@ var ReactRouterCloudflareConfigSchema = z.object({
45
48
  function createAppwardenMiddleware(configFn) {
46
49
  return async (args, next) => {
47
50
  const startTime = getNowMs();
48
- const { request, context } = args;
51
+ const { request } = args;
49
52
  try {
50
- if (!context?.env || !context?.waitUntil) {
51
- console.error(
52
- printMessage(
53
- "Runtime context missing required properties (env, waitUntil). Make sure you're passing the correct context to the middleware."
54
- )
55
- );
56
- return next();
57
- }
58
- const configInput = configFn(context);
53
+ const configInput = configFn();
59
54
  const validationResult = ReactRouterCloudflareConfigSchema.safeParse(configInput);
60
55
  if (!validationResult.success) {
61
56
  console.error(
@@ -86,7 +81,7 @@ function createAppwardenMiddleware(configFn) {
86
81
  appwardenApiHostname: config.appwardenApiHostname,
87
82
  debug: config.debug,
88
83
  lockPageSlug: config.lockPageSlug,
89
- waitUntil: context.waitUntil
84
+ waitUntil
90
85
  });
91
86
  if (result.isLocked) {
92
87
  const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
@@ -100,7 +95,7 @@ function createAppwardenMiddleware(configFn) {
100
95
  request,
101
96
  response,
102
97
  hostname: requestUrl.hostname,
103
- waitUntil: context.waitUntil,
98
+ waitUntil,
104
99
  debug: debugFn
105
100
  };
106
101
  await useContentSecurityPolicy(config.contentSecurityPolicy)(
package/cloudflare/tanstack-start.d.ts CHANGED
@@ -14,9 +14,9 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
14
14
  /** Enable debug logging */
15
15
  debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
16
16
  /** Optional Content Security Policy configuration */
17
- contentSecurityPolicy: z.ZodOptional<z.ZodLazy<z.ZodEffects<z.ZodObject<{
18
- mode: z.ZodDefault<z.ZodOptional<z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>>>;
19
- directives: z.ZodEffects<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodObject<{
17
+ contentSecurityPolicy: z.ZodOptional<z.ZodLazy<z.ZodObject<{
18
+ mode: z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>;
19
+ directives: z.ZodEffects<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodObject<{
20
20
  "default-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
21
21
  "script-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
22
22
  "style-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
@@ -97,7 +97,7 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
97
97
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
98
98
  "trusted-types"?: string | boolean | string[] | undefined;
99
99
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
100
- }>]>>, string | {
100
+ }>]>, string | {
101
101
  "default-src"?: string | boolean | string[] | undefined;
102
102
  "script-src"?: string | boolean | string[] | undefined;
103
103
  "style-src"?: string | boolean | string[] | undefined;
@@ -124,7 +124,7 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
124
124
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
125
125
  "trusted-types"?: string | boolean | string[] | undefined;
126
126
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
127
- } | undefined, string | {
127
+ }, string | {
128
128
  "default-src"?: string | boolean | string[] | undefined;
129
129
  "script-src"?: string | boolean | string[] | undefined;
130
130
  "style-src"?: string | boolean | string[] | undefined;
@@ -151,7 +151,7 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
151
151
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
152
152
  "trusted-types"?: string | boolean | string[] | undefined;
153
153
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
154
- } | undefined>, {
154
+ }>, {
155
155
  "default-src"?: string | boolean | string[] | undefined;
156
156
  "script-src"?: string | boolean | string[] | undefined;
157
157
  "style-src"?: string | boolean | string[] | undefined;
@@ -205,7 +205,7 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
205
205
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
206
206
  "trusted-types"?: string | boolean | string[] | undefined;
207
207
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
208
- } | undefined>;
208
+ }>;
209
209
  }, "strip", z.ZodTypeAny, {
210
210
  mode: "disabled" | "report-only" | "enforced";
211
211
  directives?: {
@@ -237,38 +237,8 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
237
237
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
238
238
  } | undefined;
239
239
  }, {
240
- mode?: "disabled" | "report-only" | "enforced" | undefined;
241
- directives?: string | {
242
- "default-src"?: string | boolean | string[] | undefined;
243
- "script-src"?: string | boolean | string[] | undefined;
244
- "style-src"?: string | boolean | string[] | undefined;
245
- "img-src"?: string | boolean | string[] | undefined;
246
- "connect-src"?: string | boolean | string[] | undefined;
247
- "font-src"?: string | boolean | string[] | undefined;
248
- "object-src"?: string | boolean | string[] | undefined;
249
- "media-src"?: string | boolean | string[] | undefined;
250
- "frame-src"?: string | boolean | string[] | undefined;
251
- sandbox?: string | boolean | string[] | undefined;
252
- "report-uri"?: string | boolean | string[] | undefined;
253
- "child-src"?: string | boolean | string[] | undefined;
254
- "form-action"?: string | boolean | string[] | undefined;
255
- "frame-ancestors"?: string | boolean | string[] | undefined;
256
- "plugin-types"?: string | boolean | string[] | undefined;
257
- "base-uri"?: string | boolean | string[] | undefined;
258
- "report-to"?: string | boolean | string[] | undefined;
259
- "worker-src"?: string | boolean | string[] | undefined;
260
- "manifest-src"?: string | boolean | string[] | undefined;
261
- "prefetch-src"?: string | boolean | string[] | undefined;
262
- "navigate-to"?: string | boolean | string[] | undefined;
263
- "require-sri-for"?: string | boolean | string[] | undefined;
264
- "block-all-mixed-content"?: string | boolean | string[] | undefined;
265
- "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
266
- "trusted-types"?: string | boolean | string[] | undefined;
267
- "require-trusted-types-for"?: string | boolean | string[] | undefined;
268
- } | undefined;
269
- }>, {
270
240
  mode: "disabled" | "report-only" | "enforced";
271
- directives?: {
241
+ directives: string | {
272
242
  "default-src"?: string | boolean | string[] | undefined;
273
243
  "script-src"?: string | boolean | string[] | undefined;
274
244
  "style-src"?: string | boolean | string[] | undefined;
@@ -295,37 +265,7 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
295
265
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
296
266
  "trusted-types"?: string | boolean | string[] | undefined;
297
267
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
298
- } | undefined;
299
- }, {
300
- mode?: "disabled" | "report-only" | "enforced" | undefined;
301
- directives?: string | {
302
- "default-src"?: string | boolean | string[] | undefined;
303
- "script-src"?: string | boolean | string[] | undefined;
304
- "style-src"?: string | boolean | string[] | undefined;
305
- "img-src"?: string | boolean | string[] | undefined;
306
- "connect-src"?: string | boolean | string[] | undefined;
307
- "font-src"?: string | boolean | string[] | undefined;
308
- "object-src"?: string | boolean | string[] | undefined;
309
- "media-src"?: string | boolean | string[] | undefined;
310
- "frame-src"?: string | boolean | string[] | undefined;
311
- sandbox?: string | boolean | string[] | undefined;
312
- "report-uri"?: string | boolean | string[] | undefined;
313
- "child-src"?: string | boolean | string[] | undefined;
314
- "form-action"?: string | boolean | string[] | undefined;
315
- "frame-ancestors"?: string | boolean | string[] | undefined;
316
- "plugin-types"?: string | boolean | string[] | undefined;
317
- "base-uri"?: string | boolean | string[] | undefined;
318
- "report-to"?: string | boolean | string[] | undefined;
319
- "worker-src"?: string | boolean | string[] | undefined;
320
- "manifest-src"?: string | boolean | string[] | undefined;
321
- "prefetch-src"?: string | boolean | string[] | undefined;
322
- "navigate-to"?: string | boolean | string[] | undefined;
323
- "require-sri-for"?: string | boolean | string[] | undefined;
324
- "block-all-mixed-content"?: string | boolean | string[] | undefined;
325
- "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
326
- "trusted-types"?: string | boolean | string[] | undefined;
327
- "require-trusted-types-for"?: string | boolean | string[] | undefined;
328
- } | undefined;
268
+ };
329
269
  }>>>;
330
270
  }, "strip", z.ZodTypeAny, {
331
271
  debug: boolean;
@@ -368,8 +308,8 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
368
308
  appwardenApiToken: string;
369
309
  debug?: string | boolean | undefined;
370
310
  contentSecurityPolicy?: {
371
- mode?: "disabled" | "report-only" | "enforced" | undefined;
372
- directives?: string | {
311
+ mode: "disabled" | "report-only" | "enforced";
312
+ directives: string | {
373
313
  "default-src"?: string | boolean | string[] | undefined;
374
314
  "script-src"?: string | boolean | string[] | undefined;
375
315
  "style-src"?: string | boolean | string[] | undefined;
@@ -396,57 +336,68 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
396
336
  "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
397
337
  "trusted-types"?: string | boolean | string[] | undefined;
398
338
  "require-trusted-types-for"?: string | boolean | string[] | undefined;
399
- } | undefined;
339
+ };
400
340
  } | undefined;
401
341
  appwardenApiHostname?: string | undefined;
402
342
  }>;
343
+ type TanStackStartCloudflareConfig = z.infer<typeof TanStackStartCloudflareConfigSchema>;
403
344
  type TanStackStartCloudflareConfigInput = z.input<typeof TanStackStartCloudflareConfigSchema>;
404
345
 
405
346
  /**
406
- * Minimal runtime context type for TanStack Start adapter.
407
- * Contains only what the adapter and config function need.
408
- * Users provide this context by importing env and waitUntil from "cloudflare:workers".
409
- */
410
- interface TanStackStartRuntimeContext {
411
- env: CloudflareEnv;
412
- waitUntil(promise: Promise<unknown>): void;
413
- }
414
- /**
415
- * Configuration function that receives the runtime context and returns the config.
416
- * This allows dynamic configuration based on environment variables.
347
+ * Configuration function that returns the config.
348
+ * This allows dynamic configuration based on environment variables from cloudflare:workers.
417
349
  * Accepts pre-transformation input types (e.g., string | boolean for debug, string | object for CSP directives).
418
350
  */
419
- type TanStackStartConfigFn = (runtime: TanStackStartRuntimeContext) => TanStackStartCloudflareConfigInput;
351
+ type TanStackStartConfigFn = () => TanStackStartCloudflareConfigInput;
420
352
  /**
421
353
  * The result returned by the `next()` function in TanStack Start request middleware.
422
354
  *
423
355
  * Mirrors the internal `RequestServerResult` interface from `@tanstack/start-client-core`
424
356
  * without importing from an unstable internal package path.
357
+ *
358
+ * Note: `pathname` remains required here to stay structurally compatible with
359
+ * TanStack's `RequestServerResult` type, which expects a non-optional string.
360
+ * The adapter itself does not use this property, but other parts of TanStack's
361
+ * type system do, so we keep it required on the result while allowing it to be
362
+ * optional on the middleware *args* type.
425
363
  */
426
364
  interface TanStackStartNextResult {
427
365
  request: Request;
428
366
  pathname: string;
429
- context: Record<string, unknown>;
367
+ context: unknown;
430
368
  response: Response;
431
369
  }
432
370
  /**
433
371
  * The `next()` function passed to TanStack Start request middleware.
434
372
  *
435
- * Mirrors the internal `RequestServerNextFn` signature.
373
+ * This mirrors the shape of TanStack's `RequestServerNextFn` from
374
+ * `@tanstack/start-client-core` without importing the type directly.
375
+ *
376
+ * - It accepts an optional options object with an optional `context`.
377
+ * - It may return either a `TanStackStartNextResult` or a Promise of one,
378
+ * matching TanStack's own union return type
379
+ * (`Promise<RequestServerResult> | RequestServerResult`).
380
+ * - The adapter itself always calls `next()` with no arguments and awaits it,
381
+ * so callers are free to pass TanStack's native `next` implementation
382
+ * directly (`next: next`).
436
383
  */
437
- type TanStackStartNextFn = (options?: {
438
- context?: Record<string, unknown>;
439
- }) => Promise<TanStackStartNextResult>;
384
+ interface TanStackStartNextOptions<TServerContext = Record<string, unknown>> {
385
+ context?: TServerContext;
386
+ }
387
+ type TanStackStartNextFnResult = Promise<TanStackStartNextResult> | TanStackStartNextResult;
388
+ type TanStackStartNextFn = <TServerContext = Record<string, unknown>>(options?: TanStackStartNextOptions<TServerContext>) => TanStackStartNextFnResult;
440
389
  /**
441
390
  * TanStack Start middleware server callback arguments.
442
391
  *
443
392
  * Mirrors the official TanStack Start `RequestServerOptions` interface.
444
- * The context should include env and waitUntil from the Cloudflare Workers runtime.
445
393
  */
446
394
  interface TanStackStartMiddlewareArgs {
447
395
  request: Request;
448
- pathname: string;
449
- context: TanStackStartRuntimeContext & Record<string, unknown>;
396
+ /**
397
+ * Optional pathname supplied by TanStack Start. The adapter does not require it,
398
+ * so callers do not need to provide it when constructing harness args manually.
399
+ */
400
+ pathname?: string;
450
401
  next: TanStackStartNextFn;
451
402
  serverFnMeta?: unknown;
452
403
  }
@@ -462,9 +413,9 @@ interface TanStackStartMiddlewareArgs {
462
413
  type TanStackStartMiddlewareFunction = (args: TanStackStartMiddlewareArgs) => Promise<TanStackStartNextResult>;
463
414
  /**
464
415
  *
465
- * @param configFn - A function that receives the Cloudflare context and returns the config
416
+ * @param configFn - A function that returns the config using env from cloudflare:workers
466
417
  * @returns A TanStack Start middleware function
467
418
  */
468
419
  declare function createAppwardenMiddleware(configFn: TanStackStartConfigFn): TanStackStartMiddlewareFunction;
469
420
 
470
- export { createAppwardenMiddleware };
421
+ export { type TanStackStartCloudflareConfig, type TanStackStartCloudflareConfigInput, type TanStackStartConfigFn, type TanStackStartMiddlewareArgs, type TanStackStartMiddlewareFunction, type TanStackStartNextFn, type TanStackStartNextResult, createAppwardenMiddleware };
package/cloudflare/tanstack-start.js CHANGED
@@ -3,31 +3,31 @@ import {
3
3
  } from "../chunk-XFG6SUSV.js";
4
4
  import {
5
5
  useContentSecurityPolicy
6
- } from "../chunk-52NBQDQT.js";
7
- import {
8
- validateConfig
9
- } from "../chunk-MNGMTDH3.js";
6
+ } from "../chunk-VSCXTBP6.js";
10
7
  import {
11
8
  getNowMs
12
9
  } from "../chunk-X7WZVYQS.js";
13
10
  import {
14
11
  checkLockStatus
15
- } from "../chunk-G5FWKV2Q.js";
12
+ } from "../chunk-MYIKUPTR.js";
16
13
  import {
17
14
  buildLockPageUrl,
18
15
  createRedirect,
19
16
  debug,
20
17
  isOnLockPage
21
- } from "../chunk-EPJ4ZVO6.js";
18
+ } from "../chunk-Z7FIMIZS.js";
22
19
  import {
23
20
  UseCSPInputSchema,
24
21
  isHTMLRequest
25
- } from "../chunk-HCGLR3Z3.js";
22
+ } from "../chunk-UIIYORBW.js";
26
23
  import {
27
24
  AppwardenApiTokenSchema,
28
25
  BooleanSchema,
29
26
  printMessage
30
- } from "../chunk-GK6JL5NZ.js";
27
+ } from "../chunk-QGXPAVOA.js";
28
+
29
+ // src/adapters/tanstack-start-cloudflare.ts
30
+ import { waitUntil } from "cloudflare:workers";
31
31
 
32
32
  // src/schemas/tanstack-start-cloudflare.ts
33
33
  import { z } from "zod";
@@ -48,23 +48,19 @@ var TanStackStartCloudflareConfigSchema = z.object({
48
48
  function createAppwardenMiddleware(configFn) {
49
49
  const middleware = async (args) => {
50
50
  const startTime = getNowMs();
51
- const { request, next, context } = args;
51
+ const { request, next } = args;
52
52
  try {
53
- if (!context.env || !context.waitUntil) {
53
+ const rawConfig = configFn();
54
+ const validationResult = TanStackStartCloudflareConfigSchema.safeParse(rawConfig);
55
+ if (!validationResult.success) {
54
56
  console.error(
55
57
  printMessage(
56
- "Runtime context missing required properties (env, waitUntil). Ensure you pass { env, waitUntil } from cloudflare:workers to the middleware context."
58
+ `Config validation failed: ${validationResult.error.message}`
57
59
  )
58
60
  );
59
61
  return next();
60
62
  }
61
- const rawConfig = configFn(context);
62
- const parseResult = TanStackStartCloudflareConfigSchema.safeParse(rawConfig);
63
- if (!parseResult.success) {
64
- validateConfig(rawConfig, TanStackStartCloudflareConfigSchema);
65
- return next();
66
- }
67
- const config = parseResult.data;
63
+ const config = validationResult.data;
68
64
  const debugFn = debug(config.debug ?? false);
69
65
  const requestUrl = new URL(request.url);
70
66
  const isHTML = isHTMLRequest(request);
@@ -85,12 +81,32 @@ function createAppwardenMiddleware(configFn) {
85
81
  appwardenApiHostname: config.appwardenApiHostname,
86
82
  debug: config.debug,
87
83
  lockPageSlug: config.lockPageSlug,
88
- waitUntil: context.waitUntil
84
+ waitUntil
89
85
  });
90
86
  if (lockStatus.isLocked) {
91
87
  const lockPageUrl = buildLockPageUrl(config.lockPageSlug, request.url);
92
88
  debugFn(`Website is locked - redirecting to ${lockPageUrl.pathname}`);
93
- throw createRedirect(lockPageUrl);
89
+ const redirectResponse = createRedirect(lockPageUrl);
90
+ if (config.contentSecurityPolicy && isResponseLike(redirectResponse)) {
91
+ const cspContext = {
92
+ request,
93
+ response: redirectResponse,
94
+ hostname: requestUrl.hostname,
95
+ waitUntil,
96
+ debug: debugFn
97
+ };
98
+ await useContentSecurityPolicy(config.contentSecurityPolicy)(
99
+ cspContext,
100
+ async () => {
101
+ }
102
+ );
103
+ const elapsed3 = Math.round(getNowMs() - startTime);
104
+ debugFn(`Middleware executed in ${elapsed3}ms`);
105
+ throw cspContext.response;
106
+ }
107
+ const elapsed2 = Math.round(getNowMs() - startTime);
108
+ debugFn(`Middleware executed in ${elapsed2}ms`);
109
+ throw redirectResponse;
94
110
  }
95
111
  debugFn("Website is unlocked");
96
112
  const result = await next();
@@ -100,7 +116,7 @@ function createAppwardenMiddleware(configFn) {
100
116
  request,
101
117
  response,
102
118
  hostname: requestUrl.hostname,
103
- waitUntil: context.waitUntil,
119
+ waitUntil,
104
120
  debug: debugFn
105
121
  };
106
122
  await useContentSecurityPolicy(config.contentSecurityPolicy)(
package/{cloudflare-K5EFFMNI.js → cloudflare-PE3JKP3X.js} RENAMED
@@ -11,7 +11,7 @@ import {
11
11
  makeCSPHeader,
12
12
  store,
13
13
  syncEdgeValue
14
- } from "./chunk-GK6JL5NZ.js";
14
+ } from "./chunk-QGXPAVOA.js";
15
15
  export {
16
16
  CSP_KEYWORDS,
17
17
  autoQuoteCSPDirectiveArray,