Docs
Authorizing callers

Authorizing your functions

By default, Celest Functions are deny-by-default, meaning only you as the author and administrator of your project can access them.

To change the access level, you can use one of the following annotations:

  • @public — Grants access to anyone on the Internet, making your function publicly accessible.
  • @authenticated — Grants access to only authenticated users. (Requires an auth provider)

When using Celest Auth, you have the ability to restrict access to your functions to only authenticated users. That is, those users who have signed up and are logged in.

This is done by adding the @authenticated annotation to your function. When someone calls this function, either via the Celest client or directly via HTTP, Celest will check if the user is authenticated before allowing the function to run.

celest/lib/src/functions/greeting.dart
import 'package:celest/celest.dart';
 
@cloud
@authenticated
Future<String> sayHello() async {
  return 'Hello, valued customer!';
}

Public functions

If you want to make a function public, you can use the @public annotation. This will all authorization middleware from the function and allow anyone on the Internet to call it.

celest/lib/src/functions/greeting.dart
import 'package:celest/celest.dart';
 
@cloud
@public
Future<String> sayHello() async {
  return 'Hello, world!';
}

Accessing user information

To get the calling user's information, you can use the @principal annotation in your function and Celest will inject the caller's information automatically for each request.

celest/lib/src/functions/greeting.dart
import 'package:celest/celest.dart';
 
@cloud
@authenticated
Future<String> sayHello({
  @principal required User user,
}) async {
  return 'Hello, ${user.displayName}!';
}

You can do this for @public functions as well since, in that case, there may be a user that Celest knows about. For @public functions, the injected User parameter must be nullable to account for both scenarios.

celest/lib/src/functions/greeting.dart
import 'package:celest/celest.dart';
 
@cloud
@public
Future<String> sayHello({
  // User must be nullable here for `@public` functions
  @principal User? user,
}) async {
  if (user == null) {
	  return 'Hello, stranger!';
  }
  return 'Hello, ${user.displayName}!';
}