WHAT: AWS Lambda, Serverless and AWS Cognito
WHY: Easy. Vendor agnostic. No framework (Now, Netlify, Apex's Up, etc.)
WHO: Anyone building an API using AWS, Serverless & Node
Method | Endpoint | Users with access | Header | Body |
---|---|---|---|---|
GET | api/get/public |
All | No | No |
POST | api/mock/post/login |
All | No | Yes |
GET | api/get/protected |
alechp |
Authorization |
No |
{
"username": "alechp",
"password": "123456"
}
-
Login to get JWT (POST
api/mock/post/login
)In order to pass the authentication check, you will need to supply a valid JWT in your
Authorization
request header when making calls to a protected endpoint. -
Access authorized route (GET
api/get/protected
)In order to pass the authorization check, you will need a JWT belonging to a user with valid permissions. For this example, the user
alechp
is authorized to accessapi/get/protected
. Unprivileged is not.
You can test locally thanks to serverless-offline
npm start
- Start Server
npm run slsoff
- Import Postman Collection
- Run tests
Currently disabled
To enable eslint, remove these from .eslintignore
tests/
utils/
api/
Forked from @yosriad/serverless-auth