Dan Russell
01/12/2022, 4:57 PMconst authorizer = new HttpLambdaAuthorizer({
authorizerName: "QuizAuthorizer",
responseTypes: [HttpLambdaResponseType.IAM],
handler: new sst.Function(this, "Authorizer", {
handler: "src/authorizer.main",
}),
resultsCacheTtl: Duration.seconds(0)
});
const api = new sst.Api(this, `api`, {
defaultAuthorizationType: sst.ApiAuthorizationType.CUSTOM,
defaultAuthorizer: authorizer,
defaultFunctionProps: {
srcPath: "src/",
environment: {
NODE_ENV: process.env.NODE_ENV || 'development',
STAGE: scope.stage,
},
},
cors: {
allowHeaders: [
'X-Amz-Date',
'X-Api-Key',
'X-Amz-Security-Token',
'X-Requested-With',
'X-Auth-Token',
'Referer',
'User-Agent',
'Origin',
'Content-Type',
'Authorization',
'Accept',
'Access-Control-Allow-Methods',
'Access-Control-Allow-Origin',
'Access-Control-Allow-Headers'],
allowMethods: [
CorsHttpMethod.GET,
CorsHttpMethod.PUT,
<http://CorsHttpMethod.POST|CorsHttpMethod.POST>,
CorsHttpMethod.DELETE,
CorsHttpMethod.OPTIONS,
],
allowOrigins: ['<http://localhost:3000>'],
allowCredentials: true
},
routes: {
'ANY /quiz': {
authorizationType: sst.ApiAuthorizationType.NONE,
function: "lambda.handler",
},
'ANY /{proxy+}': "lambda.handler"
},
});
And the Axios call the /quiz/<id> route goes through the authorizer
const headers = {
Authorization: "Bearer 123",
"Access-Control-Allow-Origin": "*",
"Content-Type": "application/json",
};
export const getQuiz = async (id) => {
try {
const resp = await axios.get(
`${process.env.REACT_APP_API_URL}/quiz/${id}`,
{ headers }
);
return resp.data;
} catch (err) {
console.log(err);
return { error: err.message || "Unknown Error getting Quiz" };
}
};
Dan Russell
01/12/2022, 9:57 PMimport { HttpLambdaAuthorizer } from "@aws-cdk/aws-apigatewayv2-authorizers";
import { Function, Api } from "@serverless-stack/resources";
const authorizer = new Function(this, "AuthorizerFn", {
handler: "src/authorizer.main",
});
But the actual lambda authorizer code needs a configuration object like
const authorizer = new HttpLambdaAuthorizer({
authorizerName: "QuizAuthorizer",
responseTypes: [HttpLambdaResponseType.IAM],
handler: new sst.Function(this, "Authorizer", {
handler: "src/authorizer.main",
}),
resultsCacheTtl: Duration.seconds(0)
});
The authorizer also takes in a resultsCacheTtl that defaults to 300 seconds I believe and this threw me off. When I first tried my authentication Lambda the handler failed but then that result was cached and It took me awhile to realize thats why it wasn't calling the lambda.Frank
Frank
Frank
resultsCacheTtl
, we should probably mention that in the doc more clearly.Frank
Dan Russell
01/28/2022, 3:46 PMFrank
Frank