Guides for Cloudflare Workers (#1086)

Co-authored-by: pilcrowOnPaper <[email protected]>
lucia-auth · Sep 8, 2023 · 0c249bb · 0c249bb · vercel · Sep 8, 2023
1 parent 1bc69a6
commit 0c249bb
Show file tree

Hide file tree

Showing 10 changed files with 74 additions and 2 deletions.
diff --git a/documentation/content/guidebook/improve-session-security.md b/documentation/content/guidebook/improve-session-security.md
@@ -70,7 +70,10 @@ if (!session || !isWithinExpiration(session.absoluteExpiration.getTime())) {
 
 ## Detect stolen sessions
 
-There are few ways to detect if a session cookie is being used by a different device/person. All these approaches are imperfect in some way but provide a good layer of security.
+There are few ways to detect if a session cookie is being used by a different device/person. All these approaches are imperfect in some way but provide a good layer of security. See each hosting provider's documentation on custom headers:
+
+- [Cloudflare](https://developers.cloudflare.com/fundamentals/reference/http-request-headers)
+- [Vercel](https://vercel.com/docs/edge-network/headers)
 
 ### IP addresses
 

diff --git a/documentation/content/main/database-adapters/cloudflare-d1.md b/documentation/content/main/database-adapters/cloudflare-d1.md
@@ -41,11 +41,13 @@ yarn add @lucia-auth/adapter-sqlite
 
 ## Usage
 
+Since the D1 bindings are only available in runtime, you'll need to create a new `Auth` instance on every request. Make sure to update your `Auth` type.
+
 ```ts
 import { lucia } from "lucia";
 import { d1 } from "@lucia-auth/adapter-sqlite";
 
-const initializeLucia = (db: D1Database) => {
+export const initializeLucia = (db: D1Database) => {
 	const auth = lucia({
 		adapter: d1(db, {
 			user: "user",
@@ -56,6 +58,23 @@ const initializeLucia = (db: D1Database) => {
 	});
 	return auth;
 };
+
+export type Auth = ReturnType<typeof initializeLucia>;
+```
+
+Please see the [documentation for Cloudflare Pages](https://developers.cloudflare.com/pages/framework-guides/) for accessing Cloudflare binding in your framework.
+
+```ts
+type Env = {
+	DB: D1Database; // install `@cloudflare/workers-types`
+};
+
+export default {
+	fetch: async (request: Request, env: Env) => {
+		const auth = initializeLucia(env.DB);
+		// ...
+	}
+};
 ```
 
 ## SQLite3 schema

diff --git a/documentation/content/main/database-adapters/prisma.md b/documentation/content/main/database-adapters/prisma.md
@@ -65,6 +65,14 @@ const auth = lucia({
 });
 ```
 
+### In non-Node.js environment
+
+To use Prisma in an environment that doesn't support Node.js (including Deno, Cloudflare Workers, Vercel Edge), import `PrismaClient` from `@prisma/client/edge` instead of `@prisma/client`.
+
+```ts
+import { PrismaClient } from "@prisma/client/edge";
+```
+
 ## Prisma schema
 
 You can add additional columns to the user model to store user attributes, and to the session model to store session attributes. If you change the model names, pass the new names to the adapter config.

diff --git a/documentation/content/main/getting-started/$astro.md b/documentation/content/main/getting-started/$astro.md
@@ -125,3 +125,9 @@ This allows us to share and access the same `AuthRequest` instance across multip
 You can learn all the concepts and general APIs of Lucia by reading the [Basics](/basics/database) section in the docs. If you prefer writing code immediately, check out the [Starter guides](/starter-guides) page or the [examples in the repository](https://github.com/pilcrowOnPaper/lucia/tree/main/examples).
 
 Remember to check out the [Guidebook](/guidebook) for tutorials and guides! If you have any questions, join our [Discord server](/discord)!
+
+## Limitations
+
+### Cloudflare
+
+Please note that password hashing will not work on Free Bundled Workers; **the allocated 10ms CPU time is not sufficient for this**. Consider using unbound workers or paid bundled workers for hashing operations. This is not an issue when using OAuth.
diff --git a/documentation/content/main/getting-started/$elysia.md b/documentation/content/main/getting-started/$elysia.md
@@ -90,3 +90,9 @@ declare namespace Lucia {
 You can learn all the concepts and general APIs of Lucia by reading the [Basics](/basics/database) section in the docs. If you prefer writing code immediately, check out the [Starter guides](/starter-guides) page or the [examples in the repository](https://github.com/pilcrowOnPaper/lucia/tree/main/examples).
 
 Remember to check out the [Guidebook](/guidebook) for tutorials and guides! If you have any questions, join our [Discord server](/discord)!
+
+## Limitations
+
+### Cloudflare
+
+Please note that password hashing will not work on Free Bundled Workers; **the allocated 10ms CPU time is not sufficient for this**. Consider using unbound workers or paid bundled workers for hashing operations. This is not an issue when using OAuth.
diff --git a/documentation/content/main/getting-started/$hono.md b/documentation/content/main/getting-started/$hono.md
@@ -109,3 +109,9 @@ node --experimental-global-webcrypto index.js
 You can learn all the concepts and general APIs of Lucia by reading the [Basics](/basics/database) section in the docs. If you prefer writing code immediately, check out the [Starter guides](/starter-guides) page or the [examples in the repository](https://github.com/pilcrowOnPaper/lucia/tree/main/examples).
 
 Remember to check out the [Guidebook](/guidebook) for tutorials and guides! If you have any questions, join our [Discord server](/discord)!
+
+## Limitations
+
+### Cloudflare
+
+Please note that password hashing will not work on Free Bundled Workers; **the allocated 10ms CPU time is not sufficient for this**. Consider using unbound workers or paid bundled workers for hashing operations. This is not an issue when using OAuth.
diff --git a/documentation/content/main/getting-started/$nuxt.md b/documentation/content/main/getting-started/$nuxt.md
@@ -132,3 +132,9 @@ Optionally, instead of doing a side-effect import, add the `--experimental-globa
 You can learn all the concepts and general APIs of Lucia by reading the [Basics](/basics/database) section in the docs. If you prefer writing code immediately, check out the [Starter guides](/starter-guides) page or the [examples in the repository](https://github.com/pilcrowOnPaper/lucia/tree/main/examples).
 
 Remember to check out the [Guidebook](/guidebook) for tutorials and guides! If you have any questions, join our [Discord server](/discord)!
+
+## Limitations
+
+### Cloudflare
+
+Please note that password hashing will not work on Free Bundled Workers; **the allocated 10ms CPU time is not sufficient for this**. Consider using unbound workers or paid bundled workers for hashing operations. This is not an issue when using OAuth.
diff --git a/documentation/content/main/getting-started/$remix.md b/documentation/content/main/getting-started/$remix.md
@@ -150,3 +150,9 @@ Optionally, instead of doing a side-effect import, add the `--experimental-globa
 You can learn all the concepts and general APIs of Lucia by reading the [Basics](/basics/database) section in the docs. If you prefer writing code immediately, check out the [Starter guides](/starter-guides) page or the [examples in the repository](https://github.com/pilcrowOnPaper/lucia/tree/main/examples).
 
 Remember to check out the [Guidebook](/guidebook) for tutorials and guides! If you have any questions, join our [Discord server](/discord)!
+
+## Limitations
+
+### Cloudflare
+
+Please note that password hashing will not work on Free Bundled Workers; **the allocated 10ms CPU time is not sufficient for this**. Consider using unbound workers or paid bundled workers for hashing operations. This is not an issue when using OAuth.
diff --git a/documentation/content/main/getting-started/$sveltekit.md b/documentation/content/main/getting-started/$sveltekit.md
@@ -129,3 +129,9 @@ This allows us to share and access the same `AuthRequest` instance across multip
 You can learn all the concepts and general APIs of Lucia by reading the [Basics](/basics/database) section in the docs. If you prefer writing code immediately, check out the [Starter guides](/starter-guides) page or the [examples in the repository](https://github.com/pilcrowOnPaper/lucia/tree/main/examples).
 
 Remember to check out the [Guidebook](/guidebook) for tutorials and guides! If you have any questions, join our [Discord server](/discord)!
+
+## Limitations
+
+### Cloudflare
+
+Please note that password hashing will not work on Free Bundled Workers; **the allocated 10ms CPU time is not sufficient for this**. Consider using unbound workers or paid bundled workers for hashing operations. This is not an issue when using OAuth.
diff --git a/documentation/content/main/getting-started/index.md b/documentation/content/main/getting-started/index.md
@@ -140,3 +140,9 @@ node --experimental-global-webcrypto index.js
 You can learn all the concepts and general APIs of Lucia by reading the [Basics](/basics/database) section in the docs. If you prefer writing code immediately, check out the [Starter guides](/starter-guides) page or the [examples in the repository](https://github.com/pilcrowOnPaper/lucia/tree/main/examples).
 
 Remember to check out the [Guidebook](/guidebook) for tutorials and guides! If you have any questions, join our [Discord server](/discord)!
+
+## Limitations
+
+### Cloudflare
+
+Please note that password hashing will not work on Free Bundled Workers; **the allocated 10ms CPU time is not sufficient for this**. Consider using unbound workers or paid bundled workers for hashing operations. This is not an issue when using OAuth.