Skip to content

feat: add password protection for wildcard services#249

Merged
just-be-dev merged 2 commits intomainfrom
just-be/wildcard-password
Mar 21, 2026
Merged

feat: add password protection for wildcard services#249
just-be-dev merged 2 commits intomainfrom
just-be/wildcard-password

Conversation

@just-be-dev
Copy link
Owner

@just-be-dev just-be-dev commented Mar 21, 2026
edited
Loading

I just want to be able to put up some non-public personal sites.

AI Summary

Adds optional HTTP Basic Auth password protection to wildcard subdomains. Passwords are stored as Cloudflare Worker secrets and referenced by name in deploy.json. The deploy script interactively provisions missing secrets via wrangler secret put.

Key changes:

  • Added optional password field to all route config types (static, redirect, rewrite)
  • Implemented HTTP Basic Auth validation in the worker before handler dispatch
  • Added checkBasicAuth() and unauthorizedResponse() utility functions
  • Added secret management to deploy script: lists existing secrets, prompts for password if missing, uploads via wrangler secret put
  • Updated JSON schema for IDE autocompletion
  • Added 9 comprehensive tests for auth functions

Usage: Add "password": "SECRET_NAME" to any rule in deploy.json. On deploy, the script checks if the secret exists; if not, it prompts for the value interactively.

@just-be-dev
feat: add password protection for wildcard services
69f7b8f 
Add optional HTTP Basic Auth password protection to any wildcard subdomain service. Passwords are stored as Cloudflare Worker secrets and referenced by name in deploy.json. The deploy script interactively provisions missing secrets via 'wrangler secret put'.

- Add optional 'password' field to all route config types
- Implement HTTP Basic Auth check in worker before handler dispatch
- Add checkBasicAuth() and unauthorizedResponse() utility functions
- Add secret management in deploy script (list, prompt, upload)
- Add comprehensive tests for auth functions
- Update deploy.json schema for password field
@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Mar 21, 2026
edited
Loading

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs		 just-be-dev 35d613d Commit Preview URL

Branch Preview URL		 Mar 21 2026, 08:24 PM

@just-be-dev @claude
chore: bump package versions for password protection feature
35d613d 
- @just-be/wildcard: 0.6.0 -> 0.7.0
- @just-be/deploy: 0.10.0 -> 0.11.0
- @just-be/wildcard-service: 1.0.0 -> 1.1.0

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@just-be-dev just-be-dev merged commit 894a833 into main Mar 21, 2026
4 checks passed
@just-be-dev just-be-dev deleted the just-be/wildcard-password branch March 21, 2026 20:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@just-be-dev