npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@pauxiel/edge-auth-worker

v1.0.1

Published

JWT auth at the edge — Cloudflare Workers + Neon Postgres + Worker AI. No cold starts, no API keys.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

pauxielpauxiel

Keywords

cloudflare-workersjwtauthedgeneonserverlessworker-ai

Readme

edge-auth-worker

JWT authentication at the edge using Cloudflare Workers, Neon Postgres, and Cloudflare Worker AI. No cold starts. No Lambda. No JWKS round trips.

What it does

  • Verifies JWT tokens at the edge using @tsndr/cloudflare-worker-jwt — zero dependencies, built specifically for Workers
  • Stores sessions in Neon serverless Postgres via HTTP (no connection pooling needed)
  • Runs an AI security audit of the auth implementation on demand via Cloudflare Worker AI (no API key required)

Use as a library

Install into your existing Cloudflare Worker:

npm install @pauxiel/edge-auth-worker
import { EdgeAuth } from '@pauxiel/edge-auth-worker';

const auth = new EdgeAuth({
  secret: env.JWT_SECRET,
  neonUrl: env.DATABASE_URL,
});

// Verify a Bearer token from the request
const user = await auth.verify(request);

// Or verify + store the session in Neon in one call
const user = await auth.verifyAndStore(request);

// Look up an existing session by token
const session = await auth.getSession(token);

verify extracts the Authorization: Bearer <token> header, validates the JWT, and returns a User object. It throws if the token is missing or invalid.

Deploy your own in one command

npx create-cloudflare@latest my-auth-worker --template pauxiel/edge-auth-worker

Then add your secrets:

cd my-auth-worker
npx wrangler secret put JWT_SECRET      # openssl rand -base64 32
npx wrangler secret put DATABASE_URL    # from neon.tech
npx wrangler deploy

That's it.

Manual setup

1. Clone and install

git clone https://github.com/pauxiel/edge-auth-worker
cd edge-auth-worker
npm install

2. Create Neon database

Go to neon.tech → create free account → create database named edge-auth → run:

CREATE TABLE sessions (
  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
  user_id TEXT NOT NULL,
  email TEXT NOT NULL,
  token TEXT NOT NULL,
  expires_at TIMESTAMP NOT NULL,
  created_at TIMESTAMP DEFAULT NOW()
);

Copy the DATABASE_URL connection string.

3. Add secrets

npx wrangler secret put JWT_SECRET    # paste output of: openssl rand -base64 32
npx wrangler secret put DATABASE_URL  # paste your Neon connection string

4. Deploy

npx wrangler deploy

API

POST / — Verify token and store session

curl https://your-worker.workers.dev \
  -H "Authorization: Bearer <your-jwt>"

Returns 200 with user JSON on success, 401 on invalid/missing token.

GET /audit — AI security review

curl https://your-worker.workers.dev/audit

Runs the auth implementation through Cloudflare Worker AI (Llama 3.1) and returns a security review. No API key needed.

Project structure

src/
├── index.ts        # Worker entry point — routing + auth flow
├── types.ts        # Env + User interfaces
└── lib/
    ├── auth.ts     # JWT verification via @tsndr/cloudflare-worker-jwt
    ├── session.ts  # Neon session storage + retrieval
    └── ai.ts       # Worker AI security audit

Tech

| | | |---|---| | Runtime | Cloudflare Workers | | JWT | @tsndr/cloudflare-worker-jwt | | Database | Neon serverless Postgres | | AI | Cloudflare Worker AI — @cf/meta/llama-3.1-8b-instruct |

License

MIT