Azure - Execute some code before each request to Function app

Question

I have created an azure function app and created few functions into it. I wanted to check if the user is authorized to access the route or not (from my DB). I need to check this before the request execution. How can I achieve this in function app?

Ivan Glasenberg · Answer 1 · 2019-10-18T05:59:05.133

If you're using function v2 with c#, then you can write your own Startup class and register it with your function. The Startup class always executes prior to the function executes.

Please also make sure you're using the latest version of Microsoft.NET.Sdk.Functions nuget package(the latest version is 1.0.29 as of now)

Here is a sample code, and please feel free to modify it as per your need:

using Microsoft.Azure.WebJobs;
using Microsoft.Azure.WebJobs.Hosting;
using Microsoft.Extensions.Logging;
using System.IO;

[assembly: WebJobsStartup(typeof(FunctionApp16.MyStartup))]
namespace FunctionApp16
{
    public static class Function1
    {
        [FunctionName("Function1")]
        public static void Run("your parameters")
        {
            //your code here
        }
    }

    public class MyStartup : IWebJobsStartup
    {
        public void Configure(IWebJobsBuilder builder)
        {
            //write your code here, it will executes prior to the function method.
        }
    }

}

@MILJOJOHN, for node.js, I just found this [issue](https://stackoverflow.com/questions/48815835/azure-function-run-code-on-startup-for-node?answertab=active#tab-top), you can see if it can help or not. — Ivan Glasenberg, Oct 21 '19 at 08:44
@MILJOJOHN, can you solve your issue as per the link I provided in comment? — Ivan Glasenberg, Nov 06 '19 at 06:21

score 0 · Answer 2 · answered May 14 '20 at 16:30

Azure API Management services enables JWT validation on all incoming requests.

The validate-jwt policy enforces existence and validity of a JWT extracted from either a specified HTTP Header or a specified query parameter.

Among enforcing other security and authorization use cases, this is very useful for checking for permissions in claims. You can read more in the documentation here. While this won't query your DB for user permissions, it is a very effective way to achieve your goal.

Here's the syntax from the documentation.

  <required-claims>
    <claim name="name of the claim as it appears in the token" match="all|any" separator="separator character in a multi-valued claim">
      <value>claim value as it is expected to appear in the token</value>
      <!-- if there is more than one allowed values, then add additional value elements -->
    </claim>
    <!-- if there are multiple possible allowed values, then add additional value elements -->
  </required-claims>

Here's how you could implement it.

  <required-claims>
    <claim name="FirstRoute" match="any">
      <value>true</value>
    </claim>
    <claim name="SecondRoute" match="any">
      <value>false</value>
    </claim>
  </required-claims>

Azure - Execute some code before each request to Function app

2 Answers2