⚡ A highly opinionated TypeScript framework for Cloudflare Workers.
Install darkflare using your favorite package manager.
npm i darkflare
Add a build script to your package.json file.
"build": "darkflare"
Add a darkflare.json file to the root of your project.
{
"base": "/api",
"origin": "*"
}
Add a new routes folder into your src folder.
Add a new route, e.g. [id].ts or hello-world.ts
import { Handler } from 'darkflare'
export default {
get: async () => {
return 'Hello World'
}
} as Handler
darkflare's routing is pretty similar to the way Next.js does. Instead of the pages directory, darkflare uses the routes directory.
query - a parsed object of the request queryparams - a parsed object of the request paramsheaders - a parsed object of the request headerscookies - a parsed object of cookiesbody - a parsed object of the request bodyraw - the incoming Request object...moreAdd the routes which should be protected to your darkflare.json config.
"protect": {
"strict": ["/protect/strictly"],
"flexible": ["/protect/maybe/:id", "/and/not/for/sure"]
}
-> strict = must return no json object/string
-> flexible = can or cannot return a json object/string
Add a hooks directory in your src directory. Create a new file called preValidate.ts in this folder.
import { Hook } from 'darkflare'
const preValidation: Hook = async (req, res) => {
// restrict access to users from Germany
if (req.country !== 'DE') return {
code: 403,
message: 'Access Denied'
}
// add some data to the request object, if the users comes from Germany
req.hello = 'world'
}
export default preValidation
redirect(destination, code) - a asynchronous method for redirecting (status code defaults to 307)code(code) - a asynchronous method for setting the status code for the responseheader(name, value) - a asynchronous method for adding a header to the response objectcookie(name, value, config) - a asynchronous method for setting a cookieBy default the status code is 200, but you can change it easily to any number.
import { Handler } from 'darkflare'
export default {
put: async (req, res) => {
return {
code: 400 // set the status code to 400 and send a json object with the code as response body
}
// alternatively, you can also set it via a method
await res.code(400)
}
} as Handler
FAQs
The API Engine
The npm package darkflare receives a total of 0 weekly downloads. As such, darkflare popularity was classified as not popular.
We found that darkflare demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Socket found a Rust typosquat (finch-rust) that loads sha-rust to steal credentials, using impersonation and an unpinned dependency to auto-deliver updates.
Research
/Security Fundamentals
A pair of typosquatted Go packages posing as Google’s UUID library quietly turn helper functions into encrypted exfiltration channels to a paste site, putting developer and CI data at risk.
Security News
November CVE publications fell 25% YoY even as 2025 totals rose, showing how a few major CNAs can swing “global” counts and skew perceived risk.