Val Town Code SearchReturn to Val Town

16}>("middleware.geofence").geofencing;
17
18function logGeoEvent(type: string, details: GeoEventDetails): void {
19  const logData = {
20    type,
29}
30
31export function checkGeoRestriction(request: Request): GeoFilterResult {
32  if (!GEO.enabled) {
33    return { allowed: true, country: "XX", reason: "Geofencing disabled" };
124/* Middleware                                                          */
125/* ------------------------------------------------------------------ */
126export function createGeoFilterMiddleware() {
127  return async (c: Context, next: Next) => {
128    if (!GEO.enabled) return await next();
152}
153
154export async function geoDataExtractionMiddleware(
155  c: Context,
156  next: Next,

61 * @returns HTTPException with formatted JSON response
62 */
63export function buildError(
64  cfg: HeaderInspectionConfig,
65  msg: string,
167
168/**
169 * Helper function to throw HTTP errors with consistent formatting and error codes.
170 *
171 * Creates HTTPException instances with standardized status codes and optional
176 * @param message - Error message to include in the HTTP response body
177 * @param code - Optional error code for categorization and debugging purposes
178 * @returns void - Function throws HTTPException instead of returning
179 * @throws HTTPException - Always throws with provided status and formatted message
180 *
192
193/**
194 * Configuration management functions for error handler settings.
195 */
196
219 *
220 * @param _c - Hono context object (unused but required by middleware signature)
221 * @param next - Next middleware function in the processing chain
222 * @returns Promise<void> - Completes after error handling or next() execution
223 * @throws HTTPException - Converts all errors to HTTPException format for global handler

110
111/* helper to throw HTTPException with consistent body */
112function throwCsrfError(message: string, code: string): never {
113  const payload = {
114    error: message,

9 * Extracts and parses CF-Visitor header which contains JSON data
10 */
11function parseVisitorHeader(visitorHeader: string | undefined): Record<string, unknown> | null {
12  if (!visitorHeader) return null;
13
23 * Validates and sanitizes coordinate values
24 */
25function parseCoordinate(coord: string | undefined): number | null {
26  if (!coord) return null;
27
33 * Extracts all Cloudflare headers from the request and structures them for use
34 */
35export function extractCloudflareHeaders(c: Context): CloudflareHeaderData {
36  const headers = c.req.raw.headers;
37
104 * Logs CF header data
105 */
106export function logCFData(cfData: CloudflareHeaderData, zid?: string): void {
107  console.log(
108    `[CF-Headers] ${zid ? `[${zid}] ` : ""}Headers processed: ${
113
114/**
115 * Helper function to get Cloudflare data from context
116 */
117export function getCFData(c: Context): CloudflareHeaderData | null {
118  return c.get("cfData") || null;
119}
120
121/**
122 * Helper function to check if request came through Cloudflare
123 */
124export function isCloudflareRequest(c: Context): boolean {
125  const cfData = getCFData(c);
126  return cfData?.hasCloudflareHeaders || false;
128
129/**
130 * Helper function to get geographic summary string
131 */
132export function getGeographicSummary(c: Context): string {
133  const cfData = getCFData(c);
134  if (!cfData) return "Unknown location";

24 * Creates a complete browser-to-backend middleware chain per server.md specification.
25 *
26 * @returns {Array<(c: Context, next: Next) => unknown>} Array of middleware functions in execution order
27 */
28export function createBrowserMiddlewareChain(): Array<
29  MiddlewareHandler<{ Variables: HonoVariables }>
30> {
54 * @throws {Error} When middleware application fails
55 */
56export function applyBrowserMiddleware(
57  app: Hono<{ Variables: HonoVariables }>,
58  path: string = "/v1/*",

23 * Creates a complete backend-to-backend middleware chain.
24 */
25export function createBackendMiddlewareChain(): Array<
26  (c: Context, next: Next) => unknown
27> {
45 * Applies backend middleware chain to a Hono application.
46 */
47export function applyBackendMiddleware(
48  app: any, // Use any to avoid Hono type complexity
49  path: string = "/v1/*",

21 * Session-based authentication middleware (for orchestrator)
22 */
23export async function sessionAuthMiddleware(
24  c: Context<{ Variables: HonoVariables }>,
25  next: Next,
37 * Session-based authentication logic.
38 */
39export function applySessionAuth(
40  c: Context<{ Variables: HonoVariables }>,
41): AuthResult {

17 * OAuth authentication middleware
18 */
19export async function oauthAuthMiddleware(
20  c: Context<{ Variables: Variables }>,
21  next: () => Promise<void>,
38 * OAuth authentication logic (checks session for OAuth data)
39 */
40export function applyOAuthAuth(
41  c: Context<{ Variables: Variables }>,
42): AuthResult {
96 * Generate OAuth authorization URL
97 */
98export function generateOAuthUrl(provider: string, state: string): string | null {
99  const providerConfig =
100    AUTH_CONFIG.oauth.providers[provider as keyof typeof AUTH_CONFIG.oauth.providers];

17 * Creates a JWT token with the provided payload
18 */
19export async function createJWT(payload: AppJwtPayload): Promise<string> {
20  try {
21    const { iat: _iat, exp: _exp, ...restPayload } = payload;
41 * Verifies and decodes a JWT token
42 */
43export async function verifyAppJWT(
44  token: string,
45  customSecret?: string,
73 * JWT authentication logic
74 */
75export async function applyJwtAuth(
76  request: Request,
77  customSecret?: string,
166 * JWT Bearer token authentication middleware
167 */
168export async function jwtAuthMiddleware(
169  c: Context<{ Variables: HonoVariables }>,
170  next: Next,
197 * JWT-only middleware for endpoints that strictly require JWT authentication
198 */
199export function jwtOnlyMiddleware(customSecret?: string) {
200  return async (c: Context<{ Variables: HonoVariables }>, next: Next): Promise<Response | void> => {
201    const authResult = await applyJwtAuth(c.req.raw, customSecret);
227 * Creates a refresh token with extended expiry
228 */
229export async function createRefreshToken(payload: AppJwtPayload): Promise<string> {
230  try {
231    const { iat: _iat, exp: _exp, ...restPayload } = payload;
256 * Validates a refresh token and returns new access token
257 */
258export async function refreshAccessToken(
259  refreshTokenValue: string,
260): Promise<{ accessToken: string; refreshToken: string } | null> {

5import { internalJwtService } from "@/services/internalJWTService.ts"; // Adjust path if necessary
6
7export function createInternalAuthMiddleware() {
8  const internalJwtConfig = AUTH_CONFIG.jwt.INTERNAL;
9  if (!internalJwtConfig.enabled) {
75}
76
77export function requireInternalAuth(requiredScope?: string) {
78  return async (c: Context<{ Variables: HonoVariables }>, next: Next): Promise<Response | void> => {
79    const internalContext = c.get("internalAuth");