HMAC Token Authentication
This demo mirrors Option 1 from Cloudflare’s token authentication guide by generating and validating signed URLs at the edge. The signature covers the request pathname combined with a timestamp, matching the Worker example that integrates with WAF custom rules.
1. Generate a signed path
2. Verify a signed request
The symmetric key and TTL come from `HMAC_SECRET` and `HMAC_TOKEN_TTL` bindings (configured in `wrangler.toml`). Deploying this Next.js Pages project to Cloudflare automatically runs the same logic on the edge, matching the Worker-based Option 1 flow from the documentation.