JSPM

justauthenticateme-apigateway-auth

1.0.1
    • ESM via JSPM
    • ES Module Entrypoint
    • Export Map
    • Keywords
    • License
    • Repository URL
    • TypeScript Types
    • README
    • Created
    • Published
    • Downloads 3
    • Score
      100M100P100Q49233F
    • License MIT

    AWS API Gateway Custom Authorizer for https://www.justauthenticate.me

    Package Exports

    • justauthenticateme-apigateway-auth

    This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (justauthenticateme-apigateway-auth) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

    Readme

    JustAuthenticateMe logo

    code style: prettier types: typescript

    JustAuthenticateMe AWS API Gateway Custom Authorizer Function

    Introduction

    JustAuthenticateMe offers simple magic link based authentication as a service for web apps. This is a AWS API Gateway Custom Authorizer function that you can drop into your serverless backend to authenticate incoming requests. It uses the JustAuthenticateMe Node SDK under the hood to verify incoming requests and pass the user's email on to your endpoint handler.

    If you're using the Serverless Framework, you can get started using JustAuthenticateMe even faster with the Serverless JustAuthenticateMe Plugin.

    Getting Started

    Installing via npm or yarn

    npm install --save justauthenticateme-apigateway-auth
yarn add justauthenticateme-apigateway-auth

    Generating the Authorizer

    Pass your App ID from the JustAuthenticateMe dashboard to the function. The result is your JustAuthenticateMe authorizer lambda!

    import authHandler from "justauthenticateme-apigateway-auth";
const appId = "dcd6555e-edff-4f3d-83c9-3af79ea8f895";
export const handler = authHandler(appId);

    Using the Authorizer

    Configuring

    You'll then want to configure this handler as a Lambda Authorizer for any of your API Gateway Endpoints that you'd like to only be accessible by authenticated users.

    When configuring the authorizer, be sure to select the REQUEST type.

    Sending requests

    When sending requests to endpoints that are protected by this authorizer, include the ID token you get from JustAuthenticateMe in the Authorization header after the keyword Bearer. It should look something like this:

    Authorization: Bearer eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6IjJlYjQwMTA0LWRjNDUtNGYzNy1iNjljLTkzN2I2Mzg2YjlmNiJ9.eyJlbWFpbCI6InN1cHBvcnRAanVzdGF1dGhlbnRpY2F0ZS5tZSIsInN1YiI6InN1cHBvcnRAanVzdGF1dGhlbnRpY2F0ZS5tZSIsImF1ZCI6ImIxOWEyMWI0LWFkOWQtNGZkNy04OGMxLTFiNjhiODI1YzY3MSIsImlzcyI6Imh0dHBzOi8vZGV2LWFwaS5qdXN0YXV0aGVudGljYXRlLm1lL2IxOWEyMWI0LWFkOWQtNGZkNy04OGMxLTFiNjhiODI1YzY3MSIsImp0aSI6IjZhMjJjOTEyLWYwMzYtNGU0Mi1iZjM5LTQ3N2ZhM2ExOGY2ZCIsInRva2VuX3VzZSI6ImlkIiwiaWF0IjoxNTgzNjk1NDM5LCJuYmYiOjE1ODM2OTU0MzksImV4cCI6MTU4MzY5NzIzOX0.AZqvVWSXn4zwP4WhYOL-nQEDDEMa4Cmpyx8HGJ-6uc3wLeZVfvil6RyAlUExnd6JpteaAImOrKo5fnv93SSGkP-eAN9igGRg0GmXpIeGno_sY_4rMLXDa6RtABL1lz5LCYMxD79oIYIflWJ-LVqmCF90msq-PysFZcgKVLa8oki8ZlKI

    Handling requests

    When a request is authenticated successfully, this lambda returns a policy allowing the user access to any resource protected by this authorizer. It also passes along the email address of the authenticated user to the handler of the API endpoint.

    Specifically, a lambda handling an endpoint protected by this authorizer can access the user's email at event.requestContext.authorizer.email.

    License

    MIT