Middleware (guards)
Path: hono-backend/src/middleware/
Middleware = bouncer that runs before your route handler.
Request → middleware → middleware → route handler → Response| File | Question it answers |
|---|---|
| request-id | Tag this request with a correlation id (X-Request-Id) |
| rate-limit | Is this caller within their per-policy quota? |
| auth | Is there a valid logged-in user? |
| admin | Is this user allowed to do admin things? |
| internal-key | Is this call from our worker with the secret key? |
If middleware returns a response (401 / 403 / 429), the route never runs.
Order in index.ts (global mounts)
cors(...)— origin gaterequestIdMiddleware— assign / echoX-Request-IdrateLimitMiddleware— quota check (fails open if the limiter itself errors)
The remaining middleware (auth, admin, internal-key) is mounted per router as needed.
Last updated on