Edge Developer Platform
  • Edge Functions
    • Overview
    • Getting Started
    • Operation Guide
      • Function Management
      • Function Trigger
    • Runtime APIs
      • addEventListener
      • Cache
      • Cookies
      • Encoding
      • Fetch
      • FetchEvent
      • Headers
      • Request
      • Response
      • Streams
        • ReadableStream
        • ReadableStreamBYOBReader
        • ReadableStreamDefaultReader
        • TransformStream
        • WritableStream
        • WritableStreamDefaultWriter
      • Web Crypto
      • Web standards
      • Images
        • ImageProperties
    • Sample Functions
      • Returning an HTML Page
      • Returning a JSON Object
      • Fetch Remote Resources
      • Authenticating a Request Header
      • Modifying a Response Header
      • Performing an A/B Test
      • Setting Cookies
      • Performing Redirect Based on the Request Location
      • Using the Cache API
      • Caching POST Requests
      • Responding in Streaming Mode
      • Merging Resources and Responding in Streaming Mode
      • Protecting Data from Tampering
      • Rewriting a m3u8 File and Configuring Authentication
      • Adaptive Image Resize
      • Image Adaptive WebP
      • Customize Referer restriction rules
      • Remote Authentication
      • HMAC Digital Signature
      • Naming a Downloaded File
      • Obtaining Client IP Address
    • Best Practices
      • Adaptive Image Format Conversion via Edge Functions
이 페이지는 현재 영어로만 제공되며 한국어 버전은 곧 제공될 예정입니다. 기다려 주셔서 감사드립니다.
Docs Overview/
Edge Developer Platform/
Edge Functions/
Sample Functions/
Remote Authentication/

Remote Authentication

In order to avoid customers' resources being accessed by illegal users, this example transmits the request to the customer-specified remote authentication server. The authentication server verifies the user's request, and the Edge functions decide whether to allow access to the target resources based on the check result returned by the remote authentication server. If the authentication fails, the client will be responded with a 403 status code.
async function handleRequest(request) {
  // Remote authentication API address
  const checkAuthUrl = 'https://www.example.com/';
  // Initiate remote authentication
  const checkAuthRes = await fetch(checkAuthUrl);

  // Authentication passed, normal access to resources
  if (checkAuthRes.status === 200) {
    return fetch(request, {
      headers: request.headers,
    });
  }
  
  // Authentication failed, prohibit access to resources
  return new Response(null, {
    status: 403
  });
}

addEventListener('fetch', e => {
  e.respondWith(handleRequest(e.request));
});

Example preview

Enter the URL that matches the triggering rules of the Edge functions in the address bar of the browser on both PC and mobile (e.g., https://example.com/app/index.html) to preview the example effect.
Authentication passed, normal access to resources.



Authentication failed, prohibit access to resources.




Related references

Runtime APIs: Fetch
Runtime APIs: Response