Caching Access Controlled Content?

We would like to leverage Cloudflare’s cache for content that is access controlled on the origin.

We are planning to build a gateway in Cloudflare Workers that will validate a JWT token from our web application and based on that, allow/disallow the user to request the source content from the origin. The Cloudflare worker will have full access to the origin, with no access controls. (It’s just a object storage blob.) If the user is authenticated for access, we would like Cloudflare to cache the content for some period of time.

However, we’re unsure if:

  1. This will allow Cloudflare to cache the content whatsoever, or just break it completely.
  2. If the content is cached, is there a way for an unauthenticated user to read the Cloudflare cache directly without using the URL that forces them to the origin resource through our gateway?

Thanks for any help and guidance you can provide.

  1. You can use workers to directly cache content. Docs
  2. If you put the JWT auth check before any content is served then it will not load any content if the auth check fails.

This is perfect, thank you @Jake1st.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.