Ideally I'd have something like a Netlify function run on every ... • Aaron Parecki

Jason Lengstorf https://twitter.com/jlengstorf • Jul 23
can you say more about what the ideal workflow is? if you can set a cookie, you can allow/deny access based on cookie presence https://docs.netlify.com/routing/redirects/redirect-options/#redirect-by-cookie-presence

Ideally I'd have something like a Netlify function run on every incoming request to check the presence of a cookie, validate it, and based on the result, either send an HTTP redirect to start an OIDC flow, or return the static file requested.

Portland, Oregon • 83°F

Fri, Jul 23, 2021 3:32pm -07:00

5 replies
Have you written a response to this? Let me know the URL:
- Jo Wouters twitter.com/jowouters
  
  No, don't think they have solved that yet... :-/ (I should have reread your original question completely "so that I can tie to an arbitrary OpenID Connect provider")
  
  Sun, Jul 25, 2021 8:49pm +00:00 (via brid.gy)
- Aaron Parecki twitter.com/aaronpk
  
  That's promising, but can I use an external OpenID Connect IDP for that? I don't want to manage users in Netlify
  
  Fri, Jul 23, 2021 11:03pm +00:00 (via brid.gy)
- Jo Wouters twitter.com/jowouters
  
  In that case you could move the whole static site to a specific directory that is protected via a _redirects definition ? Access is only granted to a specific role. docs.netlify.com/visitor-access… Roles can be set via Identity
  
  Fri, Jul 23, 2021 11:02pm +00:00 (via brid.gy)
- Aaron Parecki twitter.com/aaronpk
  
  That won't work, I need to prevent access to the files entirely if the user isn't logged in.
  
  Fri, Jul 23, 2021 10:37pm +00:00 (via brid.gy)
- Jo Wouters twitter.com/jowouters
  
  Have you tried Snippet Injection? docs.netlify.com/site-deploys/p… You could inject the Identity code in your static code identity.netlify.com
  
  Fri, Jul 23, 2021 10:35pm +00:00 (via brid.gy)

Posted in /replies using quill.p3k.io