
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
next-compose-middleware
Advanced tools
`next-compose-middleware` is a library that simplifies building complex, declarative middleware for Next.js applications. It allows you to create highly readable and maintainable middleware by composing multiple functions together.
next-compose-middleware
is a library that simplifies building complex, declarative middleware for Next.js applications. It allows you to create highly readable and maintainable middleware by composing multiple functions together.
Next.js v12.2.0+ (Middleware support)
npm install next-compose-middleware
# or
yarn add next-compose-middleware
# or
pnpm add next-compose-middleware
export default async function middleware(req: NextRequest) {
/**
* Path : Middleware execution order
*
* `/` : root1 -> root2
* `/foo` : root1 -> root2 -> foo
* `/foo/bar/hoge` : root1 -> root2 -> foo -> fooBar
* `/foo/bar/xxxx/baz` : root1 -> root2 -> foo -> fooId -> fooIdBaz
*/
return composeMiddleware(req, NextResponse.next(), {
scripts: [root1, root2],
'/foo': {
scripts: [foo],
'/bar': {
scripts: [fooBar],
},
'/[id]': {
scripts: [fooId],
'/baz': [fooIdBaz]
},
// ↓ Either writing method will work, but if you want to nest more, you have to write it in the Object
'/qux': [fooQux]
'/qux': {
scripts: [fooQux]
}
}
})
}
Each middleware function is a ComposableMiddleware
function.
It is almost identical to the Next.js middleware, except for additional arguments.
/**
* type ComposableMiddleware = (
* req: NextRequest,
* res: NextResponse,
* handler?: {...} // explained at next section
* ) => Promise<Response>;
*/
const fooMiddleware: ComposableMiddleware = async (req, res) => {
res.cookies.set('foo', 'foo')
return res;
};
To abort the process at a specific middleware without executing subsequent functions, use the breakAll or breakOnce handler from the third argument.
const basicAuth: ComposableMiddleware = async (req, res, { breakAll, breakOnce }) => {
const success = validateBasicAuth(req); // returns boolean
if (success) {
return res;
} else {
return breakAll(res); // All subsequent middleware (e.g., refreshToken, foo, etc.) will not be executed.
// or
return breakOnce(res); // Only subsequent middleware in the same hierarchy (e.g., refreshToken) will not be executed (foo will be executed).
}
};
export default async function middleware(req: NextRequest) {
return composeMiddleware(req, NextResponse.next(), {
scripts: [basicAuth, refreshToken],
'/foo': {
scripts: [foo],
...
}
})
}
FAQs
`next-compose-middleware` is a library that simplifies building complex, declarative middleware for Next.js applications. It allows you to create highly readable and maintainable middleware by composing multiple functions together.
The npm package next-compose-middleware receives a total of 1,325 weekly downloads. As such, next-compose-middleware popularity was classified as popular.
We found that next-compose-middleware demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.