Allow customization of authentication route verbs
It is currently possible to override the default authentication routes, but only the path can be set. It would be useful to be able to override the allowed verbs. I'd like to be able to prevent GET /auth/credentials, by limiting the endpoint to POSTs only. I've not been able to find any other ways of doing this.

Can use existing API’s.
-
George Hemmings commented
Thank you!
-
Apologies thought I left this as a public comment, but it looks like it was just saved as a private note, here's the existing code:
The AuthenticateService has a ValidateFn you can use to apply Custom Logic, e.g:
AuthenticateService.ValidateFn = (service, verb, requestDto) => {
if (verb != HttpMethods.Post)
throw HttpError.Forbidden("Only POST methods allowed");
};Otherwise you can just global request filter to short-circuit the response for `Authenticate` requests, e.g:
GlobalRequestFilters.Add((req, res, requestDto) => {
if (requestDto is Authenticate && req.Verb != HttpMethods.Post) {
res.StatusCode = (int)HttpStatusCode.Forbidden;
res.StatusDescription = ""Only POST methods allowed";
res.EndRequest();
}
}); -
George Hemmings commented
Are you able to point me in the right direction please? I've tried overriding GetRouteAttributes, but the route isn't configured at the point.