@revenuejuice/api-gateway-auth NPM

@revenuejuice/api-gateway-auth

A lambda function to allow passing of Api Gateway keys via a query string. Useful for avoiding CORS when making "simple" web requests cross domain. To meet the requirements of a "simple request" we cannot add the x-api-key header without triggering a CORS preflight request. With this custom authorizer (deployed as a lambda function) you can pass the query string apikey with your request. You must enable the authorizer in API gateway.

Alternatively you may also add a stage variable apikey and use that to authorize your api. This is useful if you want the fine grained rate limiting control of an apikey without needing to provide it from external requests.

Use

npm install --save @revenuejuice/api-gateway-auth

Create an index.js file.

exports.handler = require("@revenuejuice/api-gateway-auth");

Build with webpack

var path = require("path");
var webpack = require("webpack");

module.exports = {
    entry: {
        auth: path.join(__dirname, "/index.js")
    },
    output: {
        path: path.join(__dirname, "dist"),
        filename: "auth-lambda.js",
        libraryTarget: "commonjs"
    },
    target: "node"
};

Deploy and configure in AWS.

Reference

Simple requests: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#Simple_requests

Adding custom authorizer to API gateway: https://docs.aws.amazon.com/apigateway/latest/developerguide/configure-api-gateway-lambda-authorization-with-console.html

@infinitebrahmanuniverse/nolb-_rev @everything-registry/sub-chunk-778 @zalastax/nolb-_rev

1.0.0

6 years ago