@orangecheck/gate / GateOptions
Interface: GateOptions
Defined in: types.ts:47
Config for a single gated route.
You MUST pick exactly one of address / attestationId / identity
— that's the field the gate uses to look the subject up.
Properties
| Property | Type | Description | Defined in |
|---|---|---|---|
<a id="property-address"></a> address? | SubjectSource | Pull a Bitcoin address from the request. | types.ts:54 |
<a id="property-attestationid"></a> attestationId? | SubjectSource | Pull an attestation ID (SHA-256 hex) from the request. | types.ts:56 |
<a id="property-cachemax"></a> cacheMax? | number | Max cache entries. Default 1_000. | types.ts:66 |
<a id="property-cachettlms"></a> cacheTtlMs? | number | In-process cache TTL for lookup results. Default 60_000 ms. | types.ts:64 |
<a id="property-exposesubject"></a> exposeSubject? | boolean | Include the resolved subject / subjectKind in the default 403 body. Default false — echoing a cookie-bound address discloses it to anyone who can hit the endpoint. Flip to true only when the subject was already caller-supplied (e.g., from: 'header'). | types.ts:100 |
<a id="property-failopen"></a> failOpen? | boolean | If the OrangeCheck lookup throws (relays unreachable, etc.), let the request through. Default false — degraded-mode should be explicit. | types.ts:72 |
<a id="property-identity"></a> identity? | SubjectSource | Pull an identity binding from the request in protocol:identifier form, e.g. github:alice. | types.ts:61 |
<a id="property-lookuptimeoutms"></a> lookupTimeoutMs? | number | Hard deadline for the upstream lookup. Default 5_000 ms. Beyond this the gate returns lookup_error (fail-closed unless failOpen is set). | types.ts:81 |
<a id="property-mindays"></a> minDays? | number | Minimum days unspent. Default 0. | types.ts:51 |
<a id="property-minsats"></a> minSats? | number | Minimum sats bonded. Default 0 (any proof passes on stake). | types.ts:49 |
<a id="property-onblocked"></a> onBlocked? | (req: MinimalReq, res: MinimalRes, decision: GateDecision) => void | Custom "blocked" handler. If omitted, the gate sends a 403 JSON body. | types.ts:110 |
<a id="property-ondecision"></a> onDecision? | (req: MinimalReq, decision: GateDecision) => void | Called with the decision before the response is sent. Use for logging. | types.ts:105 |
<a id="property-relays"></a> relays? | string[] | Override the Nostr relays used for discovery. | types.ts:75 |
<a id="property-trustunsafesources"></a> trustUnsafeSources? | boolean | header / query / cookie / body subject sources are untrusted by default — anyone can set them. Passing trustUnsafeSources: true acknowledges that your application verified the address some other way (e.g., from a signed session cookie), or that you're OK with letting callers self-declare. The gate will still log a startup warning unless this flag is set on an explicitly-untrusted source. Custom from functions are always considered trusted (you wrote them). | types.ts:92 |