Refactor auth*

geovanisouza92 · Jun 18, 2017 · c42faa3 · c42faa3
1 parent 8205a2a
commit c42faa3
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 19 deletions.
diff --git a/aws/api.js b/aws/api.js
@@ -1,15 +1,28 @@
 'use strict'
 
 const adapter = require('aws-serverless-express')
+const middleware = require('aws-serverless-express/middleware')
 const apiFactory = require('../lib/api')
 const repoFactory = require('./dynamodb_repo')
 
 // Build a concrete repository (DynamoDB as storage)
 const repo = repoFactory()
 
+const middlewares = [
+  middleware.eventContext(),
+  /* get userId from event */ (req, res, next) => {
+    try {
+      req.userId = req.apiGateway.event.requestContext.authorizer.sub
+    } catch (err) {
+      req.userId = null
+      console.warn(err.stack || err)
+    }
+    next()
+  }
+]
+
 // Create a server for a API instance
-const userIdGetter = req => req.requestContext.authorizer.claims.sub
-const server = adapter.createServer(apiFactory(repo, userIdGetter))
+const server = adapter.createServer(apiFactory(repo, middlewares))
 
 module.exports.handler = (event, context, callback) => {
   // NOTE: aws-serverless-express uses context.succeed, but AWS already

diff --git a/aws/authorization.js b/aws/authorization.js
@@ -21,9 +21,12 @@ module.exports.handler = (event, context, callback) => {
   const token = event.authorizationToken && event.authorizationToken.split(' ')[1]
 
   // Verify token
-  if (authorization.isValid(token)) {
-    callback(null, generatePolicy('user', 'Allow', event.methodArn))
-  } else {
-    callback(null, generatePolicy('user', 'Deny', event.methodArn))
-  }
+  const effect = authorization.isValid(token)
+    ? 'Allow'
+    : 'Deny'
+
+  const policy = generatePolicy('user', effect, event.methodArn)
+  policy.context = authorization.getSession(token)
+
+  callback(null, policy)
 }
diff --git a/lib/api/index.js b/lib/api/index.js
@@ -2,20 +2,10 @@
 const express = require('express')
 const bodyParser = require('body-parser')
 
-function apiFactory (repo, userIdGetter) {
+function apiFactory (repo, middlewares) {
   const api = express()
   api.use(bodyParser.json())
-  api.use(/* get userId from request */ (req, res, next) => {
-    var userId = null
-    try {
-      userId = userIdGetter(req)
-    } catch (err) {
-      console.warn(err.stack || err)
-    }
-
-    req.userId = userId
-    next()
-  })
+  middlewares.forEach(m => api.use(m))
 
   // Create
   api.post('/n/', (req, res) => {

diff --git a/lib/auth/authorization.js b/lib/auth/authorization.js
@@ -10,3 +10,8 @@ module.exports.isValid = token => {
     return false
   }
 }
+
+module.exports.getSession = token => {
+  if (!token) return {}
+  return jwt.decode(token)
+}