🔐 API Access Keys & Original Resources Removed

aghosh0605 · aghosh0605 · commit b07be36a4c79 · 2023-03-21T17:58:36.000+05:30
diff --git a/src/handlers/auth.ts b/src/handlers/auth.ts
@@ -1,10 +1,14 @@
-import { APIGatewayProxyResult, APIGatewayEvent, Handler } from "aws-lambda";
+import {
+  APIGatewayProxyResult,
+  Handler,
+  APIGatewayProxyEvent,
+} from "aws-lambda";
 import { session } from "../services/auth/getSession.service";
 import { handleSignin } from "../services/auth/signin.service";
 import { handleSignout } from "../services/auth/signout.service";
 import { handleSignup } from "../services/auth/signup.service";
 
-type ProxyHandler = Handler<APIGatewayEvent, APIGatewayProxyResult>;
+type ProxyHandler = Handler<APIGatewayProxyEvent, APIGatewayProxyResult>;
 
 export const authRoutes: ProxyHandler = async (event, context) => {
   try {
@@ -15,7 +19,7 @@ export const authRoutes: ProxyHandler = async (event, context) => {
     } else if (event.path === "/auth/signout" && event.httpMethod === "GET") {
       return await handleSignout();
     } else if (event.path === "/auth/session" && event.httpMethod === "GET") {
-      return await session();
+      return await session(event);
     } else {
       return {
         statusCode: 403,
diff --git a/src/services/auth/getSession.service.ts b/src/services/auth/getSession.service.ts
@@ -1,8 +1,13 @@
 import { APIGatewayProxyResult, APIGatewayEvent, Handler } from "aws-lambda";
 import { connectSupabase as supabase } from "../../utils/supabase";
 
-export const session = async (): Promise<APIGatewayProxyResult> => {
-  const { data, error } = await supabase().auth.getSession();
+export const session = async (
+  event: APIGatewayEvent
+): Promise<APIGatewayProxyResult> => {
+  const {
+    data: { user },
+    error,
+  } = await supabase().auth.getUser("jwt-token-here");
 
   if (error) {
     throw {
@@ -11,12 +16,13 @@ export const session = async (): Promise<APIGatewayProxyResult> => {
       stack: error,
     };
   }
-
+  // Keep the response in main handler it's better.
+  // For this commit I am keeping it here
   return {
     statusCode: 201,
     body: JSON.stringify({
       message: "Session Collection Successful",
-      data: data,
+      data: user,
     }),
   };
 };
diff --git a/src/types/event.d.ts b/src/types/event.d.ts
@@ -0,0 +1,9 @@
+declare module "aws-lambda/trigger/api-gateway-proxy" {
+  interface APIGatewayProxyEventBase<TAuthorizerContext> {
+    user: Object;
+
+    // Hack so TAuthorizerContext is used, cannot prefix with _
+    // as it must match the interface exactly for interface merging
+    ___: TAuthorizerContext;
+  }
+}
diff --git a/src/utils/supabase.ts b/src/utils/supabase.ts
@@ -19,11 +19,7 @@ export const connectSupabase = (): SupabaseClient<any, string, any> => {
   if (!supabase) {
     console.log("New SupabaseClient Created!!");
 
-    supabase = createClient(
-      "https://mdeunrgwldikrpqvffht.supabase.co",
-      "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6Im1kZXVucmd3bGRpa3JwcXZmZmh0Iiwicm9sZSI6ImFub24iLCJpYXQiOjE2NzkyMjM3NDMsImV4cCI6MTk5NDc5OTc0M30.gItWH0cRS3QkyAZMMBJZDSsClAKmWNWz-xSMbLatpl8",
-      options
-    );
+    supabase = createClient("project-url", "anon-public-key", options);
   }
   console.log("SupabaseClient returned!!");
   return supabase;
diff --git a/template.yml b/template.yml
@@ -30,7 +30,7 @@ Resources:
       # Policies:
       #   # Give Lambda basic execution Permission to the function
       #   - AWSLambdaBasicExecutionRole
-      Role: arn:aws:iam::665123895031:role/lambda-role-recruitment-portal-v1
+      Role: arn:aws:iam::XXXXXXXXXXXXX:role/lambda-role-recruitment-portal-v1 #Role with LambdaBasicExecutionRole Policy
       Events:
         HealthCheckAPI:
           Type: Api
@@ -49,7 +49,7 @@ Resources:
       # Policies:
       #   # Give Lambda basic execution Permission to the function
       #   - AWSLambdaBasicExecutionRole
-      Role: arn:aws:iam::665123895031:role/lambda-role-recruitment-portal-v1
+      Role: arn:aws:iam::XXXXXXXXXXXXXX:role/lambda-role-recruitment-portal-v1 #Role with LambdaBasicExecutionRole Policy
       Events:
         SignUpAPI:
           Type: Api
@@ -61,6 +61,16 @@ Resources:
           Properties:
             Path: /auth/signin
             Method: post
+        GetSessionAPI:
+          Type: Api
+          Properties:
+            Path: /auth/session
+            Method: get
+        SignoutAPI:
+          Type: Api
+          Properties:
+            Path: /auth/signout
+            Method: get
 
 Outputs:
   RecruitmentPortalURL:
