Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/adnanrahic/a-crash-course-on-serverless-auth

A short and easy boilerplate showcasing JWT auth with Nodejs, the Serverless framework, MongoDB and AWS Lambda.
https://github.com/adnanrahic/a-crash-course-on-serverless-auth

aws-lambda mongodb mongoose nodejs serverless serverless-framework

Last synced: 12 days ago
JSON representation

A short and easy boilerplate showcasing JWT auth with Nodejs, the Serverless framework, MongoDB and AWS Lambda.

Host: GitHub
URL: https://github.com/adnanrahic/a-crash-course-on-serverless-auth
Owner: adnanrahic
Created: 2018-01-14T22:41:14.000Z (almost 7 years ago)
Default Branch: master
Last Pushed: 2023-01-03T21:42:43.000Z (almost 2 years ago)
Last Synced: 2024-10-19T01:59:49.126Z (21 days ago)
Topics: aws-lambda, mongodb, mongoose, nodejs, serverless, serverless-framework
Language: JavaScript
Homepage:
Size: 67.4 KB
Stars: 160
Watchers: 9
Forks: 41
Open Issues: 6
Metadata Files:
- Readme: readme.md

Awesome Lists containing this project

README

# A crash course on Serverless Authentication/Authorization
A short and easy boilerplate showcasing JWT auth with Nodejs, the Serverless framework, MongoDB and AWS Lambda.

- The `auth` folder has a `VerifyToken.js` file which is the base of the **authorizer** function.
- The `VerifyToken.auth` method is added to the **authorizer** field in the `serverless.yml` for API Gateway routes you wish to keep private. See the `me` function. `AuthHandler.me` uses `event.requestContext.authorizer.principalId` to access the `userId` of the user accessing the resource if the JWT is valid. Otherwise returns `'Unauthorized'`.

*Note: The concept of middlewares can be applied to this for understanding it easily.*