
Hi! I'm interested in leveraging Cloudflare workers to run certain functions, but I also want to restrict access to these functions to only logged in users. These functions are entirely independent of any database connection and solely serve as REST APIs to fetch data from other APIs. Is it possible to validating appwrite Auth tokens on Cloudflare Workers to make the functions only available to logged in users?

Maybe with JWT? https://appwrite.io/docs/products/auth/jwt

You can't restrict completely the access to the workers, but once they're executed you can check if the user has or not a valid JWT and their permissions. Then make something based on that.
If you use Appwrite functions instead, you can restrict their execution to specific users or teams

It seems that running the Appwrite Node.js server SDK on Cloudflare workers isn't feasible due to Cloudflare's limited support for Node.js APIs and we need to use 'jose' (github.com/panva/jose) for this purpose. However, it requires the JWT secret key to verify the signed JWT tokens. Any ideas on how to obtain the Appwrite JWT secret key?

if you're on Appwrite version 1.5, you can use https://www.npmjs.com/package/node-appwrite/v/12.1.0-rc.4

@Steven I was able to successfully install the version you sent on a worker, but I'm not sure how I can validate the received token using the Client instance (https://appwrite.io/docs/products/auth/jwt). Also, I was wondering if the validation will be done locally on the worker, or if it sends a request to my appwrite server every time I initiate a new client instance on worker? Thanks
Recommended threads
- Mariadb keeps Restarting / Fails to init...
Ive just setup Appwrite on my docker compose host using the supplied Docker compose commands. My issue is that the mariadb container keeps restarting and fails...
- upsert_documents is not work with jwt cl...
client.set_jwt(jwt) databases = Databases(client) databases.upsert_documents(General, Pallets, [{"$id": "684aeb3e0021e64c10f1", "name": 'тест '}]) This code al...
- Redirect URL sends HTTP instead of HTTPS...
I am not sure since when this issue is present, but my Google and Apple redirect URI are no longer pointing to the HTTPS redirect URI when I try to use OAuth. ...
