Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix dbAuth on AWS Lambda #5474

Merged
merged 8 commits into from
Jun 2, 2022
Merged

Fix dbAuth on AWS Lambda #5474

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
8bb6151
queryStringParameters can be null in AWS Lambda
jonasoberschweiber May 9, 2022
8077b12
Allow cookie to be capitalized
jonasoberschweiber May 9, 2022
678967d
Make cookie vs. Cookie distinction once in DbAuthHandler
jonasoberschweiber May 13, 2022
bf05307
Extract header handling into separate function
jonasoberschweiber May 19, 2022
afc3e83
Missed another semicolon...
jonasoberschweiber May 19, 2022
98aac14
Fix linter errors, add extractCookie in one more place
jonasoberschweiber May 23, 2022
371c4ba
Merge branch 'main' into fix-dbauth-with-lambda
cannikin May 23, 2022
4d1421d
Merge branch 'main' into fix-dbauth-with-lambda
cannikin May 31, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions packages/api/src/functions/dbAuth/DbAuthHandler.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ import {
import { normalizeRequest } from '../../transforms'

import * as DbAuthError from './errors'
import { decryptSession, getSession } from './shared'
import { decryptSession, extractCookie, getSession } from './shared'

interface DbAuthHandlerOptions {
/**
Expand Down Expand Up @@ -156,6 +156,7 @@ export class DbAuthHandler {
event: APIGatewayProxyEvent
context: LambdaContext
options: DbAuthHandlerOptions
cookie: string | undefined
params: Params
db: PrismaClient
dbAccessor: any
Expand Down Expand Up @@ -220,6 +221,7 @@ export class DbAuthHandler {
this.event = event
this.context = context
this.options = options
this.cookie = extractCookie(this.event)

this._validateOptions()

Expand All @@ -237,9 +239,7 @@ export class DbAuthHandler {
}

try {
const [session, csrfToken] = decryptSession(
getSession(this.event.headers['cookie'])
)
const [session, csrfToken] = decryptSession(getSession(this.cookie))
this.session = session
this.sessionCsrfToken = csrfToken
} catch (e) {
Expand Down Expand Up @@ -791,8 +791,7 @@ export class DbAuthHandler {
// figure out which auth method we're trying to call
_getAuthMethod() {
// try getting it from the query string, /.redwood/functions/auth?method=[methodName]
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
let methodName = this.event.queryStringParameters!.method as AuthMethodNames
let methodName = this.event.queryStringParameters?.method as AuthMethodNames

if (!DbAuthHandler.METHODS.includes(methodName) && this.params) {
// try getting it from the body in JSON: { method: [methodName] }
Expand Down
10 changes: 8 additions & 2 deletions packages/api/src/functions/dbAuth/shared.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,12 @@ import CryptoJS from 'crypto-js'

import * as DbAuthError from './errors'

// Extracts the cookie from an event, handling lower and upper case header
// names.
export const extractCookie = (event: APIGatewayProxyEvent) => {
return event.headers.cookie || event.headers.Cookie
}

// decrypts the session cookie and returns an array: [data, csrf]
export const decryptSession = (text: string | null) => {
if (!text || text.trim() === '') {
Expand Down Expand Up @@ -44,9 +50,9 @@ export const getSession = (text?: string) => {
// Convenience function to get session, decrypt, and return session data all
// at once. Accepts the `event` argument from a Lambda function call.
export const dbAuthSession = (event: APIGatewayProxyEvent) => {
if (event.headers.cookie) {
if (extractCookie(event)) {
const [session, _csrfToken] = decryptSession(
getSession(event.headers.cookie)
getSession(extractCookie(event))
)
return session
} else {
Expand Down