chore: Update readme for new CLI/API, backward compatibility (#23)

james-pre · jcubic · commit 20bc0643581a · 2025-09-25T22:55:32.000+02:00
* Update readme

* Added small API section

* Add back support for middleware

* Revert readme changes
diff --git a/README.md b/README.md
@@ -18,22 +18,22 @@ npm install @isomorphic-git/cors-proxy
 Start proxy on default port 9999:
 
 ```sh
-cors-proxy start
+cors-proxy run
 ```
 
 Start proxy on a custom port:
 
 ```sh
-cors-proxy start -p 9889
+cors-proxy run -p 9889
 ```
 
-Start proxy in daemon mode. It will write the PID of the daemon process to `$PWD/cors-proxy.pid`:
+Start proxy in daemon mode.
 
 ```sh
-cors-proxy start -d
+cors-proxy start
 ```
 
-Kill the process with the PID specified in `$PWD/cors-proxy.pid`:
+Kill the daemon process:
 
 ```sh
 cors-proxy stop
@@ -42,67 +42,67 @@ cors-proxy stop
 ### CLI configuration
 
 Environment variables:
+
 - `PORT` the port to listen to (if run with `npm start`)
 - `ALLOW_ORIGIN` the value for the 'Access-Control-Allow-Origin' CORS header
 - `INSECURE_HTTP_ORIGINS` comma separated list of origins for which HTTP should be used instead of HTTPS (added to make developing against locally running git servers easier)
 
-
 ## Middleware usage
 
 You can also use the `cors-proxy` as a middleware in your own server.
 
 ```js
-const express = require('express')
-const corsProxy = require('@isomorphic-git/cors-proxy/middleware.js')
+import express from 'express';
+import corsProxy from '@isomorphic-git/cors-proxy';
 
-const app = express()
-const options = {}
-
-app.use(corsProxy(options))
+const app = express();
+const options = {};
 
+app.use(corsProxy(options));
 ```
 
 ### Middleware configuration
 
-*The middleware doesn't use the environment variables.* The options object supports the following properties:
+_The middleware doesn't use the environment variables._ The options object supports the following properties:
 
 - `origin`: _string_. The value for the 'Access-Control-Allow-Origin' CORS header
 - `insecure_origins`: _string[]_. Array of origins for which HTTP should be used instead of HTTPS (added to make developing against locally running git servers easier)
 - `authorization`: _(req, res, next) => void_. A middleware function you can use to handle custom authorization. Is run after filtering for git-like requests and handling CORS but before the request is proxied.
 
 _Example:_
+
 ```ts
 app.use(
-  corsProxy({
-    authorization: (req: Request, res: Response, next: NextFunction) => {
-      // proxied git HTTP requests already use the Authorization header for git credentials,
-      // so their [Company] credentials are inserted in the X-Authorization header instead.
-      if (getAuthorizedUser(req, 'X-Authorization')) {
-        return next();
-      } else {
-        return res.status(401).send("Unable to authenticate you with [Company]'s git proxy");
-      }
-    },
-  })
+	corsProxy({
+		authorization: (req: Request, res: Response, next: NextFunction) => {
+			// proxied git HTTP requests already use the Authorization header for git credentials,
+			// so their [Company] credentials are inserted in the X-Authorization header instead.
+			if (getAuthorizedUser(req, 'X-Authorization')) {
+				return next();
+			} else {
+				return res.status(401).send("Unable to authenticate you with [Company]'s git proxy");
+			}
+		},
+	}),
 );
 
 // Only requests with a valid JSON Web Token will be proxied
 function getAuthorizedUser(req: Request, header: string = 'Authorization') {
-  const Authorization = req.get(header);
-
-  if (Authorization) {
-    const token = Authorization.replace('Bearer ', '');
-    try {
-      const verifiedToken = verify(token, env.APP_SECRET) as IToken;
-      if (verifiedToken) {
-        return {
-          id: verifiedToken.userId,
-        };
-      }
-    } catch (e) {
-      // noop
-    }
-  }
+	const Authorization = req.get(header);
+
+	if (Authorization) {
+		const token = Authorization.replace('Bearer ', '');
+		try {
+			const verifiedToken = verify(token, env.APP_SECRET) as IToken;
+			if (verifiedToken) {
+				return {
+					id: verifiedToken.userId,
+				};
+			}
+		} catch (e) {
+			// noop
+		}
+	}
 }
 ```
 
@@ -111,29 +111,30 @@ function getAuthorizedUser(req: Request, header: string = 'Authorization') {
 There is no official chart for this project, helm or otherwise. You can make your own, but keep in mind cors-proxy uses the Micro server, which will return a 403 error for any requests that do not have the user agent header.
 
 _Example:_
+
 ```yaml
-  containers:
-      - name: cors-proxy
-        image: node:lts-alpine
-        env:
-        - name: ALLOW_ORIGIN
-          value: https://mydomain.com
-        command:
-        - npx
-        args:
-        - '@isomorphic-git/cors-proxy'
-        - start
-        ports:
-        - containerPort: 9999
-          hostPort: 9999
-          name: proxy
-          protocol: TCP
-        livenessProbe:
-          tcpSocket:
-            port: proxy
-        readinessProbe:
-          tcpSocket:
-            port: proxy
+containers:
+  - name: cors-proxy
+    image: node:lts-alpine
+    env:
+      - name: ALLOW_ORIGIN
+        value: https://mydomain.com
+    command:
+      - npx
+    args:
+      - '@isomorphic-git/cors-proxy'
+      - start
+    ports:
+      - containerPort: 9999
+        hostPort: 9999
+        name: proxy
+        protocol: TCP
+    livenessProbe:
+      tcpSocket:
+        port: proxy
+    readinessProbe:
+      tcpSocket:
+        port: proxy
 ```
 
 ## License
diff --git a/index.js b/index.js
@@ -90,10 +90,12 @@ function isAllowed(req, u) {
  *
  * @param {import('http').IncomingMessage} req
  * @param {import('http').ServerResponse} res
+ * @param {(() => any)?} next
  * @returns
  */
-export default function handleRequest(req, res) {
+export default function handleRequest(req, res, next) {
 	const u = new URL(req.url, `https://0.0.0.0:${req.socket.localPort}/`);
+	const isMiddleware = typeof next === 'function';
 
 	// CORS
 
@@ -120,13 +122,15 @@ export default function handleRequest(req, res) {
 
 	// Default landing page
 	if (u.pathname === '/') {
+		if (isMiddleware) return next();
 		res.setHeader('content-type', 'text/html');
 		res.statusCode = 400;
 		res.end(landingPage);
 		return;
 	}
 
 	if (!isAllowed(req, u)) {
+		if (isMiddleware) return next();
 		res.statusCode = 403;
 		res.end();
 		return;
@@ -175,8 +179,9 @@ export default function handleRequest(req, res) {
 			return f.body.pipeTo(Writable.toWeb(res));
 		})
 		.catch((e) => {
-			res.statusCode = 502;
 			console.error(e);
+			if (isMiddleware) return next();
+			res.statusCode = 502;
 			res.end();
 		});
 }
