Authorizing your functions
By default, Celest Functions are deny-by-default, meaning only you as the author and administrator of your project can access them.
To change the access level, you can use one of the following annotations:
@public
— Grants access to anyone on the Internet, making your function publicly accessible.@authenticated
— Grants access to only authenticated users. (Requires an auth provider)
When using Celest Auth, you have the ability to restrict access to your functions to only authenticated users. That is, those users who have signed up and are logged in.
This is done by adding the @authenticated
annotation to your function. When someone calls this function, either via the Celest client
or directly via HTTP, Celest will check if the user is authenticated before allowing the function to run.
import 'package:celest/celest.dart';
@cloud
@authenticated
Future<String> sayHello() async {
return 'Hello, valued customer!';
}
Public functions
If you want to make a function public, you can use the @public
annotation. This will all authorization middleware from the function
and allow anyone on the Internet to call it.
import 'package:celest/celest.dart';
@cloud
@public
Future<String> sayHello() async {
return 'Hello, world!';
}
Accessing user information
To get the calling user's information, you can use the @principal
annotation in your function and Celest will inject the caller's
information automatically for each request.
import 'package:celest/celest.dart';
@cloud
@authenticated
Future<String> sayHello({
@principal required User user,
}) async {
return 'Hello, ${user.displayName}!';
}
You can do this for @public
functions as well since, in that case, there may be a user that Celest knows about.
For @public
functions, the injected User
parameter must be nullable to account for both scenarios.
import 'package:celest/celest.dart';
@cloud
@public
Future<String> sayHello({
// User must be nullable here for `@public` functions
@principal User? user,
}) async {
if (user == null) {
return 'Hello, stranger!';
}
return 'Hello, ${user.displayName}!';
}