@arcjet/astro

Arcjet helps developers protect their apps in just a few lines of code. Implement rate limiting, bot protection, email verification, and defense against common attacks.

This is the Arcjet SDK integration for Astro.

• npm package (@arcjet/astro)
• GitHub source code (arcjet-astro/ in arcjet/arcjet-js)

Getting started

Visit the quick start guide to get started.

Example app

Try an Arcjet protected app live at https://example.arcjet.com (source code).

What is this?

This is our adapter to integrate Arcjet into Astro. Arcjet helps you secure your Astro website. This package exists so that we can provide the best possible experience to Astro users.

When should I use this?

You can use this if you are using Astro. See our Get started guide for other supported frameworks.

Install

This package is ESM only. Install with npm and the Astro CLI in Node.js:

npx astro add @arcjet/astro

Use

Configure Arcjet in astro.config.mjs:

import arcjet, { shield } from "@arcjet/astro";
import { defineConfig } from "astro/config";

export default defineConfig({
  // We recommend setting
  // [`validateSecrets`](https://docs.astro.build/en/reference/configuration-reference/#envvalidatesecrets).
  env: { validateSecrets: true },
  integrations: [
    arcjet({
      rules: [
        // Shield protects your app from common attacks.
        // Use `DRY_RUN` instead of `LIVE` to only log.
        shield({ mode: "LIVE" }),
      ],
    }),
  ],
});

…then use Arcjet in on-demand routes (such as src/pages/api.json.ts):

import type { APIRoute } from "astro";
import aj from "arcjet:client";

export const GET: APIRoute = async ({ request }) => {
  const decision = await aj.protect(request);

  if (decision.isDenied()) {
    return Response.json({ message: "Forbidden" }, { status: 403 });
  }

  return Response.json({ message: "Hello world" });
};

For more on how to configure Arcjet with Astro and how to protect Astro, see the Arcjet Astro SDK reference on our website.

License

Apache License, Version 2.0 © Arcjet Labs, Inc.