5

I would like to add some common authentication code to a collection of HttpTrigger Azure Functions (v3), which I'm using as an API. I know about the service-side auth associated with AuthorizationLevel.Function, but that won't work for me. The type of auth I need to do is relatively simple: just check a specific HTTP header for a specific value.

In ASP.NET, this kind of thing can be done in an HttpModule. Do Azure Functions have a similar request pipeline of some kind?

As far as I can tell from the documentation, it looks like new Function instances can call Startup.Configure() before calling the target method, if the project is appropriately configured. However, those calls are intended to support Dependency Injection, and don't have access to the HttpRequest object.

Obviously, I could just put an isAuthorized(request) call at the beginning of each API entry point, but that feels klunky, repetitive, and potentially error-prone. Is there a better way?

RickNZ
  • 18,448
  • 3
  • 51
  • 66
  • 1
    Although Function Filters (`IFunctionInvocationFilter`) initially seemed like the logical choice here, I don't see a good way for them to return an HTTP error code to the client without adding more code to the called method--which defeats the whole point of using them. – RickNZ Jun 22 '20 at 05:03
  • Yeah your `isAuthorized(request)` seems to be the solution for function app – Thomas Jun 22 '20 at 06:34

0 Answers0