Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Serverless config with IP whitelist and fallback to basic auth #6795
Hello! I've been struggling with the following problem: how to configure serverless with IP whitelist authorizing and fallback to BasicAuth (to root path) if IP doesn't match to whitelist?
It's quite easy to add IP whitelist authorizing (https://github.com/0is1/nextjs-serverless-test/blob/master/serverless.yml#L23-L34). And it's also quite easy to add BasicAuth (or any Authorizer in general) to all other paths than your app root (like https://serverless.com/framework/docs/providers/aws/events/apigateway#http-endpoints-with-custom-authorizers). But how to combine those two with serverless + AWS CloudFormation configs?
It's also possible to add Authorizer manually to any resource method in Amazon API Gateway dashboard but I want to do that via serverless config (if it's possible?)
I've created test repo about the progress so far https://github.com/0is1/nextjs-serverless-test
There's next.js app "on the background" because that's the case with my actual project as well but it's not relevant in this context.
Thanks in advance for your help.
Edit: should I actually post this question to stackoverflow? Or what's the policy with questions in issues here?
@0is1 - have you already considered using an custom authorizer lambda function? https://serverless.com/framework/docs/providers/aws/events/apigateway#http-endpoints-with-custom-authorizers
@neverendingqs yes, but you can't configure your app root path with that logic. One of my questions is that is it possible to add authorizer for root path.
I mean this is not possible
EDIT: actually it seems that config above is possible but