Proxy and route-handler protection for App Router and middleware-heavy request paths. Choose the wrapper when the framework owns route resolution, hooks, loaders, or middleware order. The page should help you choose this surface deliberately, compare it against its lane neighbors, and keep operator proof in reach while you wire the integration.

lane family

App framework

package line

@cosantoir/next

contract vars

Shared across wrappers and native SDKs

operator lanes

Plus 2 native package families

@cosantoir/next@cosantoir/astro@cosantoir/nuxt@cosantoir/sveltekit@cosantoir/node@cosantoir/cli@cosantoir/mcpCOSANTOIR_GATEWAY_URLCOSANTOIR_API_KEYCOSANTOIR_SITE_IDpip install cosantoircosantoir logincosantoir-mcp@cosantoir/next@cosantoir/astro@cosantoir/nuxt@cosantoir/sveltekit@cosantoir/node@cosantoir/cli@cosantoir/mcpCOSANTOIR_GATEWAY_URLCOSANTOIR_API_KEYCOSANTOIR_SITE_IDpip install cosantoircosantoir logincosantoir-mcp

Surface fit

Choose this surface when the boundary is real, not convenient.

A better docs system tells you why this lane exists, what makes it distinct, and how it hands off to the rest of the platform.

Use this when

Choose the wrapper when the framework owns route resolution, hooks, loaders, or middleware order.

Package line

@cosantoir/next

The install and contract line should stay recognizable even when the request lifecycle changes.

First proof

Protect one real route, loader, or handler first, then read the resulting headers and decision state before broadening the rollout.

Install line

Next.js package install

bash

01pnpm add @cosantoir/next @cosantoir/node

Install the surface that actually owns the request path. Do not start with a prettier abstraction and retrofit the boundary later.

Shared contract

Runtime identity

env

01COSANTOIR_GATEWAY_URL=http://localhost:4000
02COSANTOIR_API_KEY=dp_live_example
03COSANTOIR_SITE_ID=site_prod_web

These values should stay stable across framework wrappers, native SDKs, CLI probes, and MCP tools.

Contract discipline

The framework changes. The contract should not.

This is the point where the left rail, page body, and right rail need to agree: the package can change, but the gateway origin, runtime key, site id, and proof loop stay the same.

COSANTOIR_GATEWAY_URL

Keep this value aligned across application middleware, direct SDK probes, and operator tooling so the same request path stays explainable.

COSANTOIR_API_KEY

Keep this value aligned across application middleware, direct SDK probes, and operator tooling so the same request path stays explainable.

COSANTOIR_SITE_ID

Keep this value aligned across application middleware, direct SDK probes, and operator tooling so the same request path stays explainable.

Lane neighbors

Neighbor surfaces

A mature docs system makes adjacent choices visible. If this page is not the right boundary, the best alternative should already be in front of you.

App framework

Astro

SSR middleware entry point for Astro request handling.

@cosantoir/astro

App framework

Nuxt

Server middleware surface for Nuxt application routes.

@cosantoir/nuxt

App framework

SvelteKit

Hook-based enforcement for SvelteKit routes and endpoints.

@cosantoir/sveltekit

App framework

SolidStart

Middleware surface for SolidStart request handling.

@cosantoir/solid-start

App framework

Remix

Loader and action control for Remix applications.

@cosantoir/remix

App framework

React Router

Data-router protection for route loaders and actions.

@cosantoir/react-router

Handoff

Node.js

Direct evaluator client for custom servers, bespoke middleware order, and exact transport control.

@cosantoir/node

Handoff

CLI

Terminal lane for login, request probes, and telemetry-backed operator workflows.

@cosantoir/cli

Handoff

MCP

Model-facing tool server for safe policy and evaluator access.

@cosantoir/mcp

Launch route

Quickstart

Wire a first protected request and stop only when the receipt is explainable.

Control map

Architecture

Trace how the wrapper, gateway, evaluator, and dashboard stay on the same contract line.

Operator lane

CLI

Bootstrap credentials, run probes, and inspect runtime decisions without leaving the terminal.

Agent lane

MCP

Expose bounded runtime tools to model workflows without widening system reach.

Detailed guide

Next.js page guide

The framework-specific instructions live below, but they now sit inside a stronger system: lane fit above, contract line beside, neighbors nearby.

# Next.js Integration Cosantoir ships a dedicated Next.js middleware adapter with request IP helpers and route-handler context builders. ## Installation ``bash npm install @cosantoir/next @cosantoir/node`## Middleware Example Createmiddleware.tsin your Next.js root:`ts import { createCosantoir } from '@cosantoir/node'; import { createMiddleware, readNextRequestIp } from '@cosantoir/next'; const client = createCosantoir({ baseUrl: process.env.COSANTOIR_GATEWAY_URL!, apiKey: process.env.COSANTOIR_API_KEY!, siteId: process.env.COSANTOIR_SITE_ID!, }); export const middleware = createMiddleware({ client, failOpen: true, ip: (request) => readNextRequestIp(request as any) ?? '127.0.0.1', }); export const config = { matcher: ['/api/:path*'], };`## Route Handler Pattern Use the same client inside Route Handlers when you need direct WAF, bot, or signup decisions.`ts export async function GET(request: Request) { const ip = request.headers.get('x-forwarded-for') ?? '127.0.0.1'; const waf = await client.waf.evaluate({ ip, method: request.method, path: new URL(request.url).pathname, }); if (waf.result?.action === 'block') { return new Response('Forbidden', { status: 403 }); } return new Response('Secure next route'); }``

Last updated Mar 24, 2026

Deployment Models

Express