Skip to content

casualuser/serverless-auth

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

functions

functions

 
 

lib

lib

 
 

.eslintignore

.eslintignore

 
 

.eslintrc.json

.eslintrc.json

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

package.json

package.json

 
 

secrets.json.example

secrets.json.example

 
 

serverless.yml

serverless.yml

 
 

yarn.lock

yarn.lock

 
 

Repository files navigation

Serverless Auth

Pangolins are a protected species!

Pangolins are protected species!

This is a serverless authorization example using JSON Web Tokens (JWTs.) It has three endpoints:

  • GET /cats is a public endpoint anyone can access.
  • GET /pangolins is a private endpoint, protected by an AWS Custom Authorizer.
  • POST /sessions is a login endpoint. Pass a valid username and password in a JSON request body to get a JWT (see /lib/users.js for valid combinations.) For example:
{
	"username": "Cthon98",
	"password": "hunter2"
}

In order to pass the authentication check, you will need to supply a valid JWT in your Authorization request header when making calls to a protected endpoint.

In order to pass the authorization check, you will need a JWT belonging to a user with valid permissions. For this example, the user Cthon98 is authorized to access GET /pangolins; AzureDiamond is not.

Setup

Prerequisites

Install dependencies

yarn

Running Tests

yarn test

Get Test coverage

yarn test:coverage

Lint

yarn eslint

Running locally

serverless offline start

Deploy

serverless deploy

About

Serverless Authorization example with JWT and AWS Custom Authorizers

leanpub.com/going-serverless

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 100.0%