Static Web App Securing Routes with roles when routes have parameters in them

149 Views Asked by Hawkzey At 20 October 2024 at 03:38

I have build a react app ( Azure SWA), My API is linked to my web app and I am securing routes with roles (all works well):

 {
   "route": "/api/product",
   "allowedRoles": ["admin", "nonadmin"]
 },
 {
   "route": "/api/product/*/delete",
   "allowedRoles": ["admin"]
 },

I want only the admin role to be able to call the delete endpoint, but there is a guid that identifies the product and this route does not work when I do this, as wildcards are only supported at ends of routes:

Microsoft Wildcards

Surely there is a way of doing this? as URL parameters are very common, I can seem to find any material on how this is achieved.

Original Q&A

There are 1 best solutions below

Ryan Hill On 03 November 2023 at 22:47

EDIT 13 November 2023

I've just confirmed with the product group that this is not supported. Wildcard patterns only work at the end of the path.

Instead of doing /delete, I would attribute that method with the DELETE verb, that you can do

    {
      "route": "/api/profile*",
      "methods": ["DELETE"],
      "allowedRoles": ["admin"]
    },

Besides, using the HTTP verb is more aligned to RESTful principles.

Static Web App Securing Routes with roles when routes have parameters in them

There are 1 best solutions below

Related Questions in REACTJS

Related Questions in ASP.NET-APICONTROLLER

Related Questions in AZURE-STATIC-WEB-APP

Related Questions in AZURE-STATIC-WEBSITE-ROUTING

Trending Questions

Popular # Hahtags

Popular Questions