Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

cloudflare-auth

Package Overview
Dependencies
Maintainers
1
Versions
11
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cloudflare-auth

JWT implementation for Cloudflare using D1

  • 1.5.0
  • latest
  • npm
  • Socket score

Version published
Weekly downloads
8
increased by700%
Maintainers
1
Weekly downloads
 
Created
Source

cloudflare-auth - Simple Auth for Cloudflare Pages

Getting started

Add it to your Cloudflare Pages application

pnpm i cloudflare-auth

Define your AuthConfig

// src/lib/constants.ts

export const authConfig = {
  secretKey: 'this_is_your_secretKey',
  issuer: 'urn:continuata:issuer',
  audience: 'urn:continuata:audience',
  expiry: '2h',
  cookieName: 'cf-auth-token',
  redirectTo: '/dash',
  loginPath: '/',
};
// functions/login.ts
import { generateToken, Env } from 'cloudflare-auth';

export const onRequestPost: PagesFunction<Env> = async ({ request, env }) => {
  const url = new URL(request.url);
  const data = await request.formData();
  const email = data.get('email') as string;
  if (!email) {
    return new Response('No email');
  }
  const token = await generateToken(email, env);
  const magicLink = `${url.origin}/verify?token=${token}`;
  // normally send magicLink in an email to the user
  return new Response(
    `
      <a class="link text-primary" href="${magicLink}">Click here to login</a>
    `,
    { headers: { 'content-type': 'text/html' } }
  );
};

This will automatically redirect to the redirectTo path in your config

// functions/verify.ts
import { authConfig } from '@lib/constants';
import { verify, Env } from 'cloudflare-auth';

export const onRequestGet: PagesFunction<Env> = async ({ request, env }) => {
  const url = new URL(request.url);
  const token = url.searchParams.get('token');
  try {
    return await verify(token!, env, authConfig, url);
  } catch {
    return Response.redirect(url.origin, 303);
  }
};

Add middleware to guard all routes with authentication

// functions/dashboard/_middleware.ts

import { authConfig } from 'lib/constants';
import { middlewareGuard } from 'cloudflare-auth';

export const onRequest = [middlewareGuard(authConfig)];

... or check individual routes internally

// functions/protected.ts

import { authConfig } from '@lib/constants';
import { isAuthorised, Env } from 'cloudflare-auth';

export const onRequestGet: PagesFunction<Env> = async ({ request }) => {
  const authorised = await isAuthorised(authConfig, request);
  if (authorised) {
    return new Response(
      html`<h1 class="text-3xl text-primary">You are authorised!</h1>`,
      { headers: { 'content-type': 'text/html' } }
    );
  }
  return new Response(
    html`<h1 class="text-3xl text-error">You are not authorised!</h1>`,
    { headers: { 'content-type': 'text/html' } }
  );
};

Logout

This will automatically redirect to the loginPath in your config

import { logout } from 'cloudflare-auth';
import { authConfig } from '@lib/constants';

export const onRequestPost: PagesFunction = async ({ request }) => {
  return logout(authConfig, new URL(request.url));
};

FAQs

Package last updated on 23 Oct 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc