If you use action drawings to automatically route URLs for a custom controller action, these actions will respond to GET , PUT , POST , DELETE and PATCH by default. If you prefer to control which methods are allowed, you have several options:
Disable specific methods using custom routes in the config / routes.js file . For example, if you have a foo action in UserController.js that you do not want to allow GET requests for, you can add the following custom route:
"GET /user/foo": {response: 'forbidden'}
to automatically redirect it to a "forbidden" answer (same as doing res.forbidden() in the controller)
Test req.method inside the action itself and return the earliest methods you don't want to handle:
if (req.method.toUpperCase() == 'GET') {return res.forbidden();}
Disable action routes by setting actions to false in the config / blueprints.js file . Then you will need to configure all your routes manually in the config / routes.js file .