Vishal Vijay
08/01/2021, 7:12 AMAshishkumar Pandey
08/01/2021, 10:11 AMsst.Api
construct you could achieve this using HttpLambdaAuthorizer
as given in the example here - https://docs.serverless-stack.com/constructs/Api#adding-lambda-authorization. You could set the HttpLambdaAuthorizer
’s response type to SIMPLE
to authorize requests by just returning a boolean. For reference check this out - https://docs.aws.amazon.com/cdk/api/latest/docs/aws-apigatewayv2-authorizers-readme.html#lambda-authorizers.Ashishkumar Pandey
08/01/2021, 10:12 AMVishal Vijay
08/01/2021, 10:14 AMVishal Vijay
08/01/2021, 10:16 AMAshishkumar Pandey
08/01/2021, 10:23 AMRestApi
, here’s how you can do that using the cdk - https://docs.aws.amazon.com/cdk/api/latest/docs/aws-apigateway-readme.html#usage-plan--api-keys. You’ll have to use the sst.ApiGatewayV1
construct for this though. HTTP APIs i.e. sst.Api
doesn’t support usage plans.Vishal Vijay
08/01/2021, 10:25 AMFrank
Api
and manage the API keys urself inside a Lambda - https://docs.serverless-stack.com/constructs/Api#adding-lambda-authorizationFrank
export const main = async (event) => {
const authHeader = event.headers.authorization;
const apiKey = ...; // parse api key from auth header
const isAuthorized = ...; // check ie. against DynamoDB and see if the key is valid
return { isAuthorized };
};
Vishal Vijay
08/01/2021, 6:36 PMFrank
sst.ApiGatewayV1Api
for that.Vishal Vijay
08/01/2021, 7:18 PMTomasz Michalak
08/02/2021, 10:51 AMimport {
APIGatewayRequestAuthorizerEventHeaders,
Handler
} from 'aws-lambda';
interface APIGatewaySimpleAuthorizerEvent {
headers: APIGatewayRequestAuthorizerEventHeaders | null;
}
interface APIGatewaySimpleAuthorizerResult {
isAuthorized: boolean
}
/**
* @link <https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-lambda-authorizer.html>
*/
export const handler: Handler<APIGatewaySimpleAuthorizerEvent, APIGatewaySimpleAuthorizerResult> = async (event) => {
return handleLogic(event);
};
export function handleLogic(event: APIGatewaySimpleAuthorizerEvent) {
// your logic here
}
Tomasz Michalak
08/02/2021, 10:51 AM