Graphorin API reference v0.7.0
Graphorin API reference / @graphorin/server / middleware
middleware
Middleware barrel for @graphorin/server. Every entry is a Hono MiddlewareHandler; they are composed by the createServer({...}) factory in a fixed order:
request-state -> cors -> request audit metadata -> rate-limit -> csrf -> auth -> scope (per-route) -> idempotency (per-route) -> audit -> handler
Operators that build a custom Hono app (or wrap the framework one) can re-import these factories directly through this barrel.
Functions
| Function | Description |
|---|---|
| createAnonymousAuthMiddleware | Build the no-auth middleware mounted when auth.kind = 'none'. It stamps state.auth = { kind: 'anonymous', grantedScopes: [admin:*] } so the scope middleware, SSE handler and replay routes all treat the request as a fully-authorized principal. This is the documented trusted-loopback / single-operator mode - never mount it on a non-loopback deployment without understanding that every endpoint becomes open. |
References
AuditErrorSink
Re-exports AuditErrorSink
AuditMiddlewareOptions
Re-exports AuditMiddlewareOptions
AuthMiddlewareOptions
Re-exports AuthMiddlewareOptions
createAuditMiddleware
Re-exports createAuditMiddleware
createAuthMiddleware
Re-exports createAuthMiddleware
createCorsMiddleware
Re-exports createCorsMiddleware
createCsrfMiddleware
Re-exports createCsrfMiddleware
createIdempotencyMiddleware
Re-exports createIdempotencyMiddleware
createRateLimitMiddleware
Re-exports createRateLimitMiddleware
createRequestStateMiddleware
Re-exports createRequestStateMiddleware
createScopeMiddleware
Re-exports createScopeMiddleware
HTTP_REQUEST_AUDIT_ACTION
Re-exports HTTP_REQUEST_AUDIT_ACTION
IdempotencyMiddlewareOptions
Re-exports IdempotencyMiddlewareOptions
RequestStateMiddlewareOptions
Re-exports RequestStateMiddlewareOptions
ScopeRequirement
Re-exports ScopeRequirement