forked from svdgraaf/serverless-basic-authentication
-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
108 lines (89 loc) · 3.8 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
'use strict'
const fs = require('fs');
const chalk = require('chalk');
class SetupBasicAuthentication {
constructor (serverless, options) {
// add the basic authentication function to the functions as soon as possible
injectBasicAuthFunction(serverless);
this.hooks = {
'before:package:initialize': function () {
// add our custom authenticator
addAuthFileToPackage(serverless);
addAuthorizerFunctionToPrivateFunctions(serverless);
},
'after:package:createDeploymentArtifacts': function () {
// remove the custom authenticator
removeFileFromPackage(serverless)
},
'before:deploy:deploy': function() {
// // add the basic authenticator function
// injectBasicAuthFunction(serverless);
// configure api gateway to check for the right place for the key
configureApiGatewayKeySource(serverless);
}
}
}
}
function removeFileFromPackage(serverless) {
serverless.cli.consoleLog('Basic Authentication: ' + chalk.yellow('Removing Symlink for Basic Authenticator'));
fs.unlinkSync(serverless.config.servicePath + "/basic_auth.py")
}
function addAuthFileToPackage(serverless) {
if(!serverless.package) {
serverless.package = {}
}
if(!serverless.package.include) {
serverless.package.include = []
}
serverless.cli.consoleLog('Basic Authentication: ' + chalk.yellow('Adding Symlink for Basic Authenticator'));
// @TODO: Make target filename randomized with something, to prevent overriding
// any files
// append our auth.py file to the package
serverless.package.include.push(__dirname + "/auth.py")
fs.symlinkSync(__dirname + "/basic_auth.py", serverless.config.servicePath + "/basic_auth.py")
}
function injectBasicAuthFunction (serverless) {
serverless.cli.consoleLog('Basic Authentication: ' + chalk.yellow('Adding function for Basic Authenticator'));
var basicAuthenticator = {
handler: 'basic_auth.basicAuth',
runtime: 'python3.6'
}
// add the basic authenticator function
serverless.service.functions.basicAuthenticator = basicAuthenticator;
}
function addAuthorizerFunctionToPrivateFunctions(serverless) {
// for each function which is marked as 'private', set the basic authenticator
// if it doesn't have a custom authenticator yet
for(let function_name in serverless.service.functions) {
// ignore our own function
if(function_name == 'basicAuthenticator') {
continue;
}
var fnctn = serverless.service.functions[function_name];
// check if any of the http events is marked as private, and if that event
// also doesn't have a custom authorizer already, apply our authenticator
for(let fnctn_event in fnctn['events']) {
if(
serverless.service.functions[function_name].events[fnctn_event].http.private == true &&
serverless.service.functions[function_name].events[fnctn_event].http.authorizer == null
) {
serverless.service.functions[function_name].events[fnctn_event].http.authorizer = {
name: 'basicAuthenticator',
identitySource: '', // this is only valid if we set cache ttl to 0
resultTtlInSeconds: 0,
type: 'REQUEST'
}
serverless.cli.consoleLog('Basic Authentication: ' + chalk.yellow('Enabled for ' + function_name));
}
}
}
}
function configureApiGatewayKeySource(serverless) {
var template = serverless.service.provider.compiledCloudFormationTemplate;
if(template.Resources.ApiGatewayRestApi != null) {
serverless.cli.consoleLog('Basic Authentication: ' + chalk.yellow('Configuring Api Gateway for Basic Authenticator'));
template.Resources.ApiGatewayRestApi.Properties.ApiKeySourceType = 'AUTHORIZER'
}
}
// now we need to make our plugin object available to the framework to execute
module.exports = SetupBasicAuthentication