{"id":25195724,"url":"https://github.com/fjoppe/websocket_lambda_authorizer","last_synced_at":"2026-04-07T22:32:22.699Z","repository":{"id":275784673,"uuid":"927143398","full_name":"fjoppe/websocket_lambda_authorizer","owner":"fjoppe","description":"This is a portfolio project to demostrate the author's skills","archived":false,"fork":false,"pushed_at":"2025-02-04T14:53:04.000Z","size":228,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-11-01T14:02:53.522Z","etag":null,"topics":["api-gateway","bash","development-container","lambda-authoriser","lambda-functions","react","s3-bucket","tailwind","terraform","typescript","websockets"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fjoppe.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2025-02-04T13:31:32.000Z","updated_at":"2025-02-04T14:56:37.000Z","dependencies_parsed_at":"2025-02-04T15:43:50.490Z","dependency_job_id":"a15388e3-aaac-44fd-91d7-c914fabf974d","html_url":"https://github.com/fjoppe/websocket_lambda_authorizer","commit_stats":null,"previous_names":["fjoppe/websocket_lambda_authorizer"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/fjoppe/websocket_lambda_authorizer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fjoppe%2Fwebsocket_lambda_authorizer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fjoppe%2Fwebsocket_lambda_authorizer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fjoppe%2Fwebsocket_lambda_authorizer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fjoppe%2Fwebsocket_lambda_authorizer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fjoppe","download_url":"https://codeload.github.com/fjoppe/websocket_lambda_authorizer/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fjoppe%2Fwebsocket_lambda_authorizer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31532311,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-07T16:28:08.000Z","status":"ssl_error","status_checked_at":"2026-04-07T16:28:06.951Z","response_time":105,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api-gateway","bash","development-container","lambda-authoriser","lambda-functions","react","s3-bucket","tailwind","terraform","typescript","websockets"],"created_at":"2025-02-10T01:28:20.859Z","updated_at":"2026-04-07T22:32:22.674Z","avatar_url":"https://github.com/fjoppe.png","language":"TypeScript","readme":"# NextJS with AWS Api Gateway secured WebSocket\n\nWarning:\nThis repo does not consider AWS free-tier constraints and may induce costs when using it.\n\n## Introduction\n\nThis is a portfolio project in which a NextJS web client opens a secured WebSocket on AWS Api Gateway and receives messages.\n\nThe main functionalities presented in this repository are:\n\n- Build and deploy AWS backend infrastructure;\n- Run the NextJS client application which connects to the secure WebSocket;\n- Send messages from frontend to backend - which are echod back to the frontend;\n- Send messages from the backend to the client application;\n\nTech used:\n\n- bash scripts and AWS CLI for build/deploy/destroy/sendmessages and run;\n- terraform as IaC to deploy backend to AWS;\n- Lambda's and Api Gateway V2 for backend functionalities;\n- Lambda authorizer to secure the WebSocket;\n- NextJS, React, Typescript and client-side WebSocket to run the client application;\n- VS Code Development Containers - to install the environment required for this repo.\n\n## High Level Architecture\n\nThe architecture of this setup:\n\n![image info](./docs/architecture.png)\n\n## Prerequisites:\n\n- Make sure your environment is setup correctly, [see documentation](docs/setup_development_container.md)\n- AWS account required;\n- Setup a non-root IAM user and create/download csv with access keys, see [ref-1](https://docs.aws.amazon.com/IAM/latest/UserGuide/access-key-self-managed.html), [ref-2](https://docs.aws.amazon.com/IAM/latest/UserGuide/access-keys-admin-managed.html#admin-create-access-key);\n- Using the access keys, configure AWS CLI from a bash terminal, [see example](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/configure/index.html#examples)\n\n## WebSocket Security\n\nOne of the main focusses of this project is to secure the WebSocket with a Lambda Authorizer. This is not a trivial task and unfortunately, the internet, nor AI's were able to supply the right configuration settings in an easy way. However, the Lambda Authorizer in this repo works!\n\nThe standard WebSocket component in a webbrowser does not allow HTTP-headers. A security-token (like JWT) should therefore be send to the socket by queryparameter in the connection-string. The Lambda Authorizer is then able to validate the token and respond with an Allow or Deny policy. Validation is not in scope for this project and the Lambda Authorizer always responds with \"Allow\".\n\n## How to run\n\nFollow these main steps:\n\n1. Build backend, see [docs in backend folder](backend/README.md);\n2. Deploy infra, see [docs in infra folder](infra/README.md);\n3. Run client application and send messages, see [docs in nextjs folder](nextjs/README.md);\n\nWhen finished, run the `destroy.sh` script in the `infra` folder to clean-up.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffjoppe%2Fwebsocket_lambda_authorizer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffjoppe%2Fwebsocket_lambda_authorizer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffjoppe%2Fwebsocket_lambda_authorizer/lists"}