Closed
Description
It looks like I can use the routes.json file to add auth to my azure functions routes, so I think it makes sense to specify which methods the routes.json rules would apply to.
In my scenario, I have a route called api/catalog-items
, and I would like to only allow POST, PUT and DELETE for authenticated users, but GET request have no auth rules. I'm thinking an array would be the best data type, and GET would be the default value for unspecified route objects.
Example:
{
"routes": [
{
"route": "/api/catalog-items",
"allowedRoles": ["authenticated"],
"methods": ["POST","PUT","DELETE"]
}
]
}
Are there any plans to support this?