AWSM Users is an example awsm module around the lifecycle of authentication.
Jaws 1.3+
- Custom API endpoint request templates.
- Additional Cloudformation Resources (DynamoDB) and IAM roles
- Shared library code in
lib
- JWT
- Other HTTP Api endpoint methods
In your JAWS project root directory, run:
npm install --save awsm-users
npm install
jaws postinstall awsm-users npm
jaws deploy resources
jaws dash
# Create a User with a POST to <endpoint>/users/create
curl -X POST -H "Content-Type: application/json" -H "Cache-Control: no-cache" -d '{
"email": "[email protected]",
"password": "password"
}' '<endpoint>/users/create'
# Authenticate a User with a POST to <endpoint>/users/authenticate. This returns a JWT token
curl -X POST -H "Content-Type: application/json" -H "Cache-Control: no-cache" -d '{
"email": "[email protected]",
"password": "password"
}' '<endpoint>/users/authenticate'
# Hit the List endpoint which is behind an authentication wall
curl -H "Authorization: <jwt token>" "<your endpoint>/users/list"
This will install the awsm modules into your project and save the resource creations into your cloudformation.
You will need to populate the environment variables provided by the jaws env list
command, here is an example:
~/t/j/myproject ❯❯❯ jaws env list dev us-east-1
JAWS: Getting ENV file from S3 bucket: jaws-project in us-east-1
JAWS: ENV vars for stage dev:
JAWS: ------------------------------
JAWS: us-east-1
JAWS: ------------------------------
JAWS_STAGE=dev
JAWS_DATA_MODEL_STAGE=dev
USERS_TABLE=jaws-users
JWT_SECRET=abcd
JWT_ISSUER=jacob
JAWS: awsm.json:lambda.envVars and regions where they are used (red means NOT defined in region):
JAWS: ------------------------------
JAWS: USERS_TABLE
JAWS: ------------------------------
JAWS: aws mods using: users/create/awsm.json,users/authenticate/awsm.json,users/list/awsm.json
JAWS: regions: us-east-1
JAWS: ------------------------------
JAWS: JWT_SECRET
JAWS: ------------------------------
JAWS: aws mods using: users/authenticate/awsm.json
JAWS: regions: us-east-1
JAWS: ------------------------------
JAWS: JWT_ISSUER
JAWS: ------------------------------
JAWS: aws mods using: users/authenticate/awsm.json
JAWS: regions: us-east-1
USERS_TABLE must be set to: jaws-users
(for now)
No
- Create Users
- List Users
- Authenticate Users
- Delete Users
Your API endpoint must pull out the Autheorization parameter and pass that through. Here is an example of a Request Template which pulls out the Auth token and sets it onto the event
. See list awsm.json
"RequestTemplates": {
"application/json": "{\"Authorization\":\"$input.params('Authorization')\"}"
}
Verify before doing any work in your Lambda, See list lambda as an example.
module.exports.run = function(event, context, cb) {
return verify(event.Authorization)
.then(action)
.then(function(result) {
cb(null, result);
})
.error(function(error) {
debug('List Users Failed: %s', JSON.stringify(error));
cb(error, null);
});
};