Node Lambda Authorizer 🔗 λ 👮‍♀️

Table of Contents

• Overview
• Setup
• Usage
• CI

Overview

An authorizer lambda library to use in serverless node.js projects. This authorizer is based on the authorization service in the W2-documents-api, shout-out to @bjpirt @mmmmillar. Built with the intention to reuse this Authorizer package across multiple services.

Setup

1. Run npm install
2. Run npm test to run all the tests
3. Run npm run test-coverage to see the test coverage
4. Run npm run lint to run the linter

Usage

Add the package into your package.json file:

  "dependencies": {
    "node-lambda-authorizer": "LBHackney-IT/node-lambda-authorizer.git#master"
  },

Initialize the service with your secret and user groups in authorizer file e.g: authorizer.js

const authorizer = require('node-lambda-authorizer')({
    jwtSecret: process.env.JWTSecret,
    allowedGroups: process.env.ALLOWEDGROUP.split(",")
});

exports.handler = authorizer.handler;

Custom Authorization

Optionally you can pass in your own custom authorisation function. It should take a decodedToken and the authorisationEvent as parameters. e.g.

const authoriser = require('node-lambda-authorizer'){
    jwtSecret: process.env.JWTSecret,
    customAuthorize: (decodedToken, authorizerEvent) => {
        if ([CUSTOM CONDITION]) return true;
        return false;
    }
};

exports.handler = authoriser.handler;

CI

• Tests are automated using GitHub Actions on pull requests