Note: The backend for this project is built using the Serverless framework, and is built on top of their custom authorizers starter code. View the original repo here
This is an example of how to protect API endpoints with auth0, JSON Web Tokens (jwt) and a custom authorizer lambda function.
-
npm installjson web token dependencies -
Log into auth0 application for the project.
-
Get the
Client ID(underapplications->${YOUR_APP_NAME}->settings) and plugin yourAUTH0_CLIENT_IDin a new file calledsecrets_<STAGE>.json(based onsecrets.example.json). -
Get the
public key(underapplications->${YOUR_APP_NAME}->settings->Show Advanced Settings->Certificates->DOWNLOAD CERTIFICATE). Download it asPEMformat and save it as a new file calledpublic_key_<STAGE>
-
Check that the upload S3 bucket for the project exists in the AWS account. By default this will be named
upload-tool-bucket-<stage>. View details on bucket creation in main README.md -
Deploy the service with
serverless deploy --stage <stage-name>and grab the public and private endpoints. By default it will deploy to thedevstage. -
Upon successful deployment, in your console serverless will print the private HTTP endpoint. This endpoint will live in the config folder for the relevant stage as
uploadUrl.
This project uses custom authorizers functions which is executed before the upload function is executed and return an Error or a Policy document.
You can either test by 1) testing lambda directly in the AWS console, or 2) by sending a HTTP POST request to the /private endpoint.
When testing, you can generate an auth token by logging into auth0 and retrieving the token. This will be the JWT token used with the Bearer <TOKEN>.