1.4.0 • Published 5 months ago

@appwarden/middleware v1.4.0

Weekly downloads
-
License
MIT
Repository
github
Last release
5 months ago

@appwarden/middleware

Test Coverage npm version npm provenance License: MIT

Read the docs to learn more

Stop in progress attacks in their tracks

Core Features

  • Instant Quarantine: Immediately redirects all visitors to a maintenance page when activated
  • Discord Integration: Trigger lockdowns via Discord commands (/quarantine lock your.app.io)
  • Nonce-based Content Security Policy: On Cloudflare, deploy a nonce-based Content Security Policy to supercharge your website security

Performance Optimizations

  • Background Synchronization: Uses waitUntil() to update cache state without blocking responses
  • Minimal Runtime Overhead: Lightweight implementation with negligible performance impact

Installation

Compatible with websites powered by Cloudflare or Vercel.

For detailed usage instructions, please refer to our documentation.

Cloudflare

We recommend using the @appwarden/build-cloudflare-action Github Action to deploy automatically on Cloudflare.

Read the docs to get started

import {
  withAppwarden,
  useContentSecurityPolicy,
} from "@appwarden/middleware/cloudflare"

export default {
  fetch: withAppwarden((context) => ({
    debug: context.env.DEBUG,
    lockPageSlug: context.env.LOCK_PAGE_SLUG,
    appwardenApiToken: context.env.APPWARDEN_API_TOKEN,
    middleware: {
      before: [
        useContentSecurityPolicy({
          mode: "enforced",
          directives: {
            "script-src": ["self", "{{nonce}}"],
            "style-src": ["self", "{{nonce}}"],
          },
        }),
      ],
    },
  })),
}

Vercel

Read the docs to get started

import { withAppwarden } from "@appwarden/middleware/vercel"

export default withAppwarden({
  cacheUrl: process.env.EDGE_CONFIG_URL || process.env.UPSTASH_URL,
  appwardenApiToken: process.env.APPWARDEN_API_TOKEN,
  vercelApiToken: process.env.VERCEL_API_TOKEN,
  lockPageSlug: "/maintenance",
})

// Configures middleware to match all routes
export const config = {
  matcher: ["/((?!api|_next/static|_next/image|favicon.ico).*)"],
}

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

  1. Fork the repository
  2. Create your feature branch (git checkout -b feature/amazing-feature)
  3. Commit your changes using the Conventional Commits format
    • This project enforces commit message format with commitlint
    • Examples:
      • feat: add new feature
      • fix: resolve issue with X
      • docs: update README
      • chore: update dependencies
      • refactor: improve code structure
      • test: add tests for feature X
  4. Push to the branch (git push origin feature/amazing-feature)
  5. Open a Pull Request

Development

# Install dependencies
pnpm install

# Build the package
pnpm build

# Run tests
pnpm test

Security

This package is published with npm provenance enabled, which provides a verifiable link between the published package and its source code. For more information, see npm provenance documentation.

License

This project is licensed under the MIT License - see the LICENSE file for details.

1.2.0

5 months ago

1.1.1

12 months ago

1.0.1

5 months ago

1.1.0

12 months ago

1.0.0

5 months ago

1.1.9

5 months ago

1.1.8

5 months ago

1.1.7

5 months ago

1.1.6

5 months ago

1.1.5

7 months ago

1.1.4

8 months ago

1.4.0

5 months ago

1.3.1

5 months ago

1.1.3

12 months ago

1.3.0

5 months ago

1.1.2

12 months ago

1.1.11

5 months ago

1.1.10

5 months ago

1.2.31

5 months ago

1.2.39

5 months ago

1.0.19

1 year ago

1.0.18

1 year ago

1.0.17

1 year ago

1.0.16

1 year ago