diff --git a/docs/06-concepts/01-working-with-endpoints/03-configure-http-calls.md b/docs/06-concepts/01-working-with-endpoints/03-configure-http-calls.md index 52e0d1c5..21abd3e0 100644 --- a/docs/06-concepts/01-working-with-endpoints/03-configure-http-calls.md +++ b/docs/06-concepts/01-working-with-endpoints/03-configure-http-calls.md @@ -21,7 +21,7 @@ final client = Client( On the server, Serverpod adds CORS headers to API responses by default through `httpResponseHeaders` and `httpOptionsResponseHeaders` on the `Serverpod` constructor. The defaults allow cross-origin `POST` requests from any origin (`Access-Control-Allow-Origin: *`) and permit common request headers such as `Authorization` on preflight `OPTIONS` requests. -Credential-aware requests require stricter headers: the browser rejects `Access-Control-Allow-Origin: *` when credentials are included, and the server must respond with `Access-Control-Allow-Credentials: true` and a specific origin. Override the defaults in your `lib/server.dart` (or wherever you construct `Serverpod`): +Credential-aware requests require `Access-Control-Allow-Credentials: true` and a specific origin instead of the wildcard. Override the defaults in your `lib/server.dart` (or wherever you construct `Serverpod`): ```dart import 'package:serverpod/serverpod.dart'; @@ -67,7 +67,7 @@ Set `origin` to the exact origin of your Flutter web app (scheme, host, and port You can also override the default HTTP client with a platform-native HTTP client. On iOS and macOS, you can use [cupertino_http](https://pub.dev/packages/cupertino_http) to route traffic through `NSURLSession`. On Android, you can use [cronet_http](https://pub.dev/packages/cronet_http) to use the Cronet network stack. -Below is an example of how to override the default HTTP client with platform-native HTTP clients. +Add the corresponding package to your Flutter app's `pubspec.yaml` before using these clients. ```dart import 'dart:io'; @@ -114,5 +114,3 @@ final client = Client( httpClientOverride: createHttpClient(), ); ``` - -Add the corresponding package to your Flutter app's `pubspec.yaml` before using these clients. diff --git a/docs/06-concepts/01-working-with-endpoints/04-middleware.md b/docs/06-concepts/01-working-with-endpoints/04-middleware.md index 3955df06..336b5509 100644 --- a/docs/06-concepts/01-working-with-endpoints/04-middleware.md +++ b/docs/06-concepts/01-working-with-endpoints/04-middleware.md @@ -1,10 +1,10 @@ -# Middleware - -Serverpod provides a middleware system that allows you to intercept and process HTTP requests before they reach your endpoints, and modify responses before they're sent to clients. This enables cross-cutting concerns like caching and rate limiting. +--- +description: Add middleware to Serverpod to intercept HTTP requests and responses for concerns such as logging, caching, and rate limiting. +--- -## Overview +# Middleware -Middleware in Serverpod are based on [Relic middleware](https://docs.dartrelic.dev/reference/middleware). +Middleware runs before and after your endpoints, making it suitable for logging, caching, and rate limiting. Serverpod middleware follows the [Relic middleware](https://docs.dartrelic.dev/reference/middleware) interface. ## Adding middleware to your server @@ -38,7 +38,7 @@ typedef Handler = FutureOr Function(Request request); typedef Middleware = Handler Function(Handler innerHandler); ``` -`Result` is a sealed type with three subclasses: `Response`, `Hijack`, and `WebSocketUpgrade`. Middleware that modifies response-specific fields must first narrow to `Response` with an `is` check. +The return value is a `Result`, which can be a `Response`, `Hijack`, or `WebSocketUpgrade`. Check `is Response` before modifying response-specific fields. ### Simple middleware example @@ -95,14 +95,6 @@ Middleware errorHandlingMiddleware() { 1. **Order matters**: Add middleware in the order you want it to execute. -2. **Keep middleware focused**: Each middleware should have a single, well-defined responsibility. - -3. **Handle errors gracefully**: Always consider error cases and decide whether to handle or rethrow. - -4. **Performance considerations**: Middleware executes on every request, so keep it efficient. - -5. **Test your middleware**: Write tests to verify middleware behavior in isolation and when composed. - -6. **Document configuration**: If middleware accepts parameters, document them clearly. +2. **Performance**: Middleware executes on every request, so keep it efficient. -7. **Avoid side effects**: Be cautious with middleware that modifies global state or external systems. +3. **Test your middleware**: Write tests to verify middleware behavior in isolation and when composed. diff --git a/docs/06-concepts/11-authentication/03-working-with-users.md b/docs/06-concepts/11-authentication/03-working-with-users.md index 57df77a9..b999687d 100644 --- a/docs/06-concepts/11-authentication/03-working-with-users.md +++ b/docs/06-concepts/11-authentication/03-working-with-users.md @@ -8,7 +8,7 @@ All authenticated users have an authentication identifier, that uniquely identif ```dart var userIdString = session.authenticated?.userIdentifier; -// requires `import 'package:serverpod_auth_idp_server/serverpod_auth_idp_server.dart';` +// requires `import 'package:serverpod_auth_idp_server/core.dart';` var userIdUuidValue = session.authenticated?.authUserId; ``` diff --git a/versioned_docs/version-3.0.0/06-concepts/11-authentication/03-working-with-users.md b/versioned_docs/version-3.0.0/06-concepts/11-authentication/03-working-with-users.md index 57df77a9..b999687d 100644 --- a/versioned_docs/version-3.0.0/06-concepts/11-authentication/03-working-with-users.md +++ b/versioned_docs/version-3.0.0/06-concepts/11-authentication/03-working-with-users.md @@ -8,7 +8,7 @@ All authenticated users have an authentication identifier, that uniquely identif ```dart var userIdString = session.authenticated?.userIdentifier; -// requires `import 'package:serverpod_auth_idp_server/serverpod_auth_idp_server.dart';` +// requires `import 'package:serverpod_auth_idp_server/core.dart';` var userIdUuidValue = session.authenticated?.authUserId; ``` diff --git a/versioned_docs/version-3.1.0/06-concepts/11-authentication/03-working-with-users.md b/versioned_docs/version-3.1.0/06-concepts/11-authentication/03-working-with-users.md index 57df77a9..b999687d 100644 --- a/versioned_docs/version-3.1.0/06-concepts/11-authentication/03-working-with-users.md +++ b/versioned_docs/version-3.1.0/06-concepts/11-authentication/03-working-with-users.md @@ -8,7 +8,7 @@ All authenticated users have an authentication identifier, that uniquely identif ```dart var userIdString = session.authenticated?.userIdentifier; -// requires `import 'package:serverpod_auth_idp_server/serverpod_auth_idp_server.dart';` +// requires `import 'package:serverpod_auth_idp_server/core.dart';` var userIdUuidValue = session.authenticated?.authUserId; ``` diff --git a/versioned_docs/version-3.2.0/06-concepts/11-authentication/03-working-with-users.md b/versioned_docs/version-3.2.0/06-concepts/11-authentication/03-working-with-users.md index 57df77a9..b999687d 100644 --- a/versioned_docs/version-3.2.0/06-concepts/11-authentication/03-working-with-users.md +++ b/versioned_docs/version-3.2.0/06-concepts/11-authentication/03-working-with-users.md @@ -8,7 +8,7 @@ All authenticated users have an authentication identifier, that uniquely identif ```dart var userIdString = session.authenticated?.userIdentifier; -// requires `import 'package:serverpod_auth_idp_server/serverpod_auth_idp_server.dart';` +// requires `import 'package:serverpod_auth_idp_server/core.dart';` var userIdUuidValue = session.authenticated?.authUserId; ``` diff --git a/versioned_docs/version-3.3.0/06-concepts/11-authentication/03-working-with-users.md b/versioned_docs/version-3.3.0/06-concepts/11-authentication/03-working-with-users.md index 57df77a9..b999687d 100644 --- a/versioned_docs/version-3.3.0/06-concepts/11-authentication/03-working-with-users.md +++ b/versioned_docs/version-3.3.0/06-concepts/11-authentication/03-working-with-users.md @@ -8,7 +8,7 @@ All authenticated users have an authentication identifier, that uniquely identif ```dart var userIdString = session.authenticated?.userIdentifier; -// requires `import 'package:serverpod_auth_idp_server/serverpod_auth_idp_server.dart';` +// requires `import 'package:serverpod_auth_idp_server/core.dart';` var userIdUuidValue = session.authenticated?.authUserId; ``` diff --git a/versioned_docs/version-3.4.0/06-concepts/11-authentication/03-working-with-users.md b/versioned_docs/version-3.4.0/06-concepts/11-authentication/03-working-with-users.md index 57df77a9..b999687d 100644 --- a/versioned_docs/version-3.4.0/06-concepts/11-authentication/03-working-with-users.md +++ b/versioned_docs/version-3.4.0/06-concepts/11-authentication/03-working-with-users.md @@ -8,7 +8,7 @@ All authenticated users have an authentication identifier, that uniquely identif ```dart var userIdString = session.authenticated?.userIdentifier; -// requires `import 'package:serverpod_auth_idp_server/serverpod_auth_idp_server.dart';` +// requires `import 'package:serverpod_auth_idp_server/core.dart';` var userIdUuidValue = session.authenticated?.authUserId; ```