npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@brassproof/cloudflare

v1.0.3

Published

BRASS integration helpers for Cloudflare Workers

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

tomjwxftomjwxf

Keywords

brasscloudflareworkersrate-limitingabuse-prevention

Readme

@brassproof/cloudflare

BRASS integration for Cloudflare Workers. Add privacy-preserving rate limiting to your Worker in minutes.

Installation

npm install @brassproof/cloudflare

Quick Start

import { createBrassWorker } from '@brassproof/cloudflare'

const handler = async (request: Request, env: Env) => {
  const { message } = await request.json()
  
  // Your protected logic here
  return new Response(JSON.stringify({ 
    success: true,
    message: `Received: ${message}`
  }), {
    headers: { 'Content-Type': 'application/json' }
  })
}

export default {
  fetch: createBrassWorker(handler, {
    scope: 'message-submission',
    onVerified: (result) => {
      console.log(`✅ Verified! ${result.remaining} remaining`)
    },
  })
}

Configuration

Environment Variables (wrangler.toml)

[vars]
# Set via `wrangler secret put BRASS_SECRET_KEY`
# Set via `wrangler secret put BRASS_ISSUER_PUBKEY`

[[kv_namespaces]]
binding = "BRASS_KV"
id = "your_kv_namespace_id"

Worker TypeScript Types

export interface Env {
  BRASS_SECRET_KEY: string
  BRASS_ISSUER_PUBKEY: string
  BRASS_KV: KVNamespace
}

API Reference

createBrassWorker(handler, options?)

Creates a BRASS-protected Worker handler.

Parameters:

  • handler: (request: Request, env: Env) => Promise<Response> | Response - Your worker logic
  • options?: BrassWorkerOptions - Configuration options

Options:

| Property | Type | Default | Description | |----------|------|---------|-------------| | scope | string | 'generic' | Rate limit scope identifier | | rateLimits | Record<string, RateLimit> | Defaults | Custom rate limits per scope | | onVerified | (result) => void \| Promise<void> | - | Called after successful verification | | onRateLimited | (result) => Response \| Promise<Response> | - | Custom rate limit response | | corsHeaders | HeadersInit | Allow all | Custom CORS headers |

Complete Example

// worker.ts
import { createBrassWorker, type BrassWorkerEnv } from '@brassproof/cloudflare'

interface Env extends BrassWorkerEnv {
  // Add your custom environment variables here
  MY_DATABASE: D1Database
}

const commentHandler = async (request: Request, env: Env): Promise<Response> => {
  const { author, comment } = await request.json()

  // Validate input
  if (!author || !comment) {
    return new Response(
      JSON.stringify({ error: 'Author and comment required' }),
      { status: 400, headers: { 'Content-Type': 'application/json' } }
    )
  }

  // Save to database
  await env.MY_DATABASE.prepare(
    'INSERT INTO comments (author, comment, created_at) VALUES (?, ?, ?)'
  ).bind(author, comment, Date.now()).run()

  return new Response(
    JSON.stringify({ success: true, message: 'Comment posted!' }),
    { headers: { 'Content-Type': 'application/json' } }
  )
}

export default {
  fetch: createBrassWorker(commentHandler, {
    scope: 'comment-submission',
    rateLimits: {
      'comment-submission': { maxRequests: 3, windowSeconds: 86400 } // 3 per day
    },
    onVerified: (result) => {
      console.log(`✅ Comment verified! ${result.remaining} remaining`)
    },
    onRateLimited: ({ remaining, resetAt }) => {
      return new Response(
        JSON.stringify({
          error: 'Too many comments. Try again tomorrow!',
          remaining,
          resetAt: new Date(resetAt).toISOString()
        }),
        { 
          status: 429,
          headers: { 'Content-Type': 'application/json' }
        }
      )
    },
  })
}

Advanced Usage

Custom CORS Headers

export default {
  fetch: createBrassWorker(handler, {
    corsHeaders: {
      'Access-Control-Allow-Origin': 'https://yourdomain.com',
      'Access-Control-Allow-Methods': 'POST',
      'Access-Control-Allow-Headers': 'Content-Type',
    },
  })
}

Multiple Scopes

const handler = async (request: Request, env: Env) => {
  const url = new URL(request.url)
  
  if (url.pathname === '/comment') {
    // Handle comment
  } else if (url.pathname === '/signup') {
    // Handle signup
  }
  
  return new Response('Not found', { status: 404 })
}

export default {
  fetch: createBrassWorker(handler, {
    rateLimits: {
      'comment': { maxRequests: 3, windowSeconds: 86400 },
      'signup': { maxRequests: 5, windowSeconds: 86400 },
    },
  })
}

Direct Verifier Access

For more control, use the verifier directly:

import { createBrassVerifier } from '@brassproof/cloudflare'

export default {
  async fetch(request: Request, env: Env): Promise<Response> {
    const verifier = createBrassVerifier({
      secretKey: env.BRASS_SECRET_KEY,
      issuerPublicKey: env.BRASS_ISSUER_PUBKEY,
      kvNamespace: env.BRASS_KV,
    })

    const { brassToken } = await request.json()
    
    const result = await verifier.verify(brassToken, {
      origin: request.headers.get('origin') || '',
      scope: 'custom-scope',
    })

    if (!result.success) {
      return new Response(JSON.stringify({ error: result.error }), {
        status: 429
      })
    }

    // Your logic here...
    return new Response('Success')
  }
}

Deployment

1. Install Wrangler

npm install -g wrangler

2. Create KV Namespace

wrangler kv:namespace create BRASS_KV

Copy the ID to wrangler.toml:

[[kv_namespaces]]
binding = "BRASS_KV"
id = "paste_namespace_id_here"

3. Set Secrets

wrangler secret put BRASS_SECRET_KEY
wrangler secret put BRASS_ISSUER_PUBKEY

4. Deploy

wrangler deploy

Environment Setup

Get the issuer public key:

For self-hosted deployment:

curl https://your-issuer.workers.dev/pub

For managed service: Get from brassproof.com dashboard

Then set it as a secret:

wrangler secret put BRASS_ISSUER_PUBKEY
# Paste the public key when prompted

See SECURITY.md for complete self-hosting guide.

Learn More

License

MIT - see LICENSE for details.