I have a static web app that consists solely of a collection of static html which I am generating using the bookdown package.
I'd like to restrict usage to only those users that I've invited using the Role management blade in the static app's portal page.
I have the following routes.json configuration:
{
"routes": [
{
"route": "/",
"serve": "/index.html",
"allowedRoles": [
"authenticated"
]
},
{
"route": "/login",
"serve": "/.auth/login/github"
}
],
"platformErrorOverrides": [
{
"errorType": "NotFound",
"serve": "/custom-404.html"
},
{
"errorType": "Unauthenticated",
"statusCode": "301",
"serve": "/login"
}
]
}
This seems to work but it 1. allows anyone with a github account to login, not just those that have been invited through the Role management invitations 2. Allows user to bypass login byt directly hitting one of the sub-pages, i.e., <domain-name>/index.html
json
"routes": [
{
"route": "/*",
"serve": "/index.html",
"allowedRoles": [
"authenticated"
]
/login, i.e. I'd like something along the lines ofjson
"serve": ["/.auth/login/github", "/.auth/login/aad"]
Sorry for the uninformed questions! I'm quite illiterate with static sites and auth in general 馃槦
Hi @akzaidi,
First of all, thank you for trying out Azure Static Web Apps!
{
"route": "/.auth/login/twitter",
"statusCode": "404"
}
Further, "authenticated" is the role that a user has when they just log in. If you want to restrict a path to the users you invite, include the role the invitation link is made with in the "allowedRoles section".
Lastly, the error you experienced about one route being covered up is because of the ordering. Move the /login rule above the /* (wildcard) rule and that error should disappear.
Each rule can only have one serve path. So "serve": ["/.auth/login/github", "/.auth/login/aad"] won't be possible, but perhaps what you are looking for is the blocking providers option, which I have linked and detailed with 1.
The quota of 25 is at level of the static web app.
Thank you @mkarmark for the super helpful and speedy reply!
After re-ordering the routes it looks like I'm good to go! I ended up defining a routes schema that looks like the following, and looks like it's working!
{
"routes": [
{
"route": "/login",
"serve": "/.auth/login/github"
},
{
"route": "/login/aad",
"serve": "/.auth/login/aad"
},
{
"route": "/.auth/login/twitter",
"statusCode": "401"
},
{
"route": "/.auth/login/facebook",
"statusCode": "401"
},
{
"route": "/.auth/login/google",
"statusCode": "401"
},
{
"route": "/*",
"serve": "/index.html",
"allowedRoles": [
"reader",
"contributor"
]
}
]
}
Any recommendations on how to make static web apps available to more than 25 invited users? Our goal is to make the webpages available for our entire team, which has around 120 people. I could potentially create multiple static apps but then will have to set up some synchronization mechanism and manage the URL list. Any chance the quota will be increased in the future after preview?
We appreciate the feedback! We are using restricted quotas during preview to try and gauge customer need. These quotas may change during preview based on the needs we see, so thanks for your feedback!
Thanks for the reply! I'll reach out again if I can't find a workaround for the quota.
Really happy with the service so far!
When will static web app be available for production usage ?
@drckriebel Working hard to add requested features and get the service to general availability. No ETA yet but should be in the first half of 2021.
Most helpful comment
@drckriebel Working hard to add requested features and get the service to general availability. No ETA yet but should be in the first half of 2021.