UNPKG

better-auth-is-bot

Version:

A better-auth plugin to detect and block bots.

52 lines (48 loc) 1.33 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
'use strict'; const isbot = require('isbot'); const escapeRegex = (str) => { return str.replace(/[-[\]/{}()+?.\\^$|]/g, "\\$&"); }; const pathToRegexp = (path) => { const pattern = escapeRegex(path).replace(/\*/g, ".*"); return new RegExp(`^${pattern}$`); }; const IsBot = (options = {}) => { return { id: "is-bot", onRequest: async (request) => { if (!request) return; const { method, url } = request; if (method !== "POST" && method !== "GET") { return; } const { protectedEndpoints } = options; const pathname = new URL(url).pathname; if (protectedEndpoints && protectedEndpoints.length > 0) { const isProtected = protectedEndpoints.some( (endpoint) => pathToRegexp(endpoint).test(pathname) ); if (!isProtected) { return; } } if (isbot.isbot(request.headers.get("user-agent") ?? "")) { const response = new Response( JSON.stringify({ message: "BOT_DETECTED", error: "BAD_REQUEST" }), { status: 400, headers: { "Content-Type": "application/json" } } ); return { response }; } }, $ERROR_CODES: { BOT_DETECTED: "You are a bot" } }; }; exports.IsBot = IsBot;