7007f19734
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| src | ||
| CHANGELOG.md | ||
| README.md | ||
| package.json | ||
| tsconfig.json | ||
| vitest.config.ts | ||
README.md
Cloudflare Access middleware for Hono
This is a Cloudflare Access third-party middleware for Hono.
This middleware can be used to validate that your application is being served behind Cloudflare Access by verifying the JWT received, User details from the JWT are also available inside the request context.
This middleware will also ensure the Access policy serving the application is from a specific Access Team.
Usage
import { cloudflareAccess } from '@hono/cloudflare-access'
import { Hono } from 'hono'
const app = new Hono()
app.use('*', cloudflareAccess('my-access-team-name'))
app.get('/', (c) => c.text('foo'))
export default app
Access JWT payload
import { cloudflareAccess, CloudflareAccessVariables } from '@hono/cloudflare-access'
import { Hono } from 'hono'
type myVariables = {
user: number
}
const app = new Hono<{ Variables: myVariables & CloudflareAccessVariables }>()
app.use('*', cloudflareAccess('my-access-team-name'))
app.get('/', (c) => {
const payload = c.get('accessPayload')
return c.text(`You just authenticated with the email ${payload.email}`)
})
export default app
Errors throw by the middleware
| Error | HTTP Code |
|---|---|
| Authentication error: Missing bearer token | 401 |
| Authentication error: Unable to decode Bearer token | 401 |
| Authentication error: Token is expired | 401 |
| Authentication error: Expected team name {your-team-name}, but received ${different-team-signed-token} | 401 |
| Authentication error: Invalid Token | 401 |
| Authentication error: The Access Organization 'my-team-name' does not exist | 500 |
| Authentication error: Received unexpected HTTP code 500 from Cloudflare Access | 500 |
Author
Gabriel Massadas https://github.com/g4brym
License
MIT