Edge Developer Platform
  • Edge Functions
    • Overview
    • Getting Started
    • Operation Guide
      • Function Management
      • Function Trigger
    • Runtime APIs
      • addEventListener
      • Cache
      • Cookies
      • Encoding
      • Fetch
      • FetchEvent
      • Headers
      • Request
      • Response
      • Streams
        • ReadableStream
        • ReadableStreamBYOBReader
        • ReadableStreamDefaultReader
        • TransformStream
        • WritableStream
        • WritableStreamDefaultWriter
      • Web Crypto
      • Web standards
      • Images
        • ImageProperties
    • Sample Functions
      • Returning an HTML Page
      • Returning a JSON Object
      • Fetch Remote Resources
      • Authenticating a Request Header
      • Modifying a Response Header
      • Performing an A/B Test
      • Setting Cookies
      • Performing Redirect Based on the Request Location
      • Using the Cache API
      • Caching POST Requests
      • Responding in Streaming Mode
      • Merging Resources and Responding in Streaming Mode
      • Protecting Data from Tampering
      • Rewriting a m3u8 File and Configuring Authentication
      • Adaptive Image Resize
      • Image Adaptive WebP
      • Customize Referer restriction rules
      • Remote Authentication
      • HMAC Digital Signature
      • Naming a Downloaded File
      • Obtaining Client IP Address
    • Best Practices
      • Adaptive Image Format Conversion via Edge Functions

Remote Authentication

In order to avoid customers' resources being accessed by illegal users, this example transmits the request to the customer-specified remote authentication server. The authentication server verifies the user's request, and the Edge functions decide whether to allow access to the target resources based on the check result returned by the remote authentication server. If the authentication fails, the client will be responded with a 403 status code.
async function handleRequest(request) {
// Remote authentication API address
const checkAuthUrl = 'https://www.example.com/';
// Initiate remote authentication
const checkAuthRes = await fetch(checkAuthUrl);

// Authentication passed, normal access to resources
if (checkAuthRes.status === 200) {
return fetch(request, {
headers: request.headers,
});
}
// Authentication failed, prohibit access to resources
return new Response(null, {
status: 403
});
}

addEventListener('fetch', e => {
e.respondWith(handleRequest(e.request));
});

Example preview

Enter the URL that matches the triggering rules of the Edge functions in the address bar of the browser on both PC and mobile (e.g., https://example.com/app/index.html) to preview the example effect.
Authentication passed, normal access to resources.



Authentication failed, prohibit access to resources.




Related references