-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathgoogle-auth.js
More file actions
122 lines (112 loc) · 5.15 KB
/
google-auth.js
File metadata and controls
122 lines (112 loc) · 5.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
const AWS = require('aws-sdk');
AWS.config.update({ region: 'us-west-1' });
const jwtDecode = require('jwt-decode');
const util = require('./util.js');
const dynamodb = new AWS.DynamoDB.DocumentClient();
const cognitoidentity = new AWS.CognitoIdentity();
const tableName = process.env.NOTES_TABLE;
const identityPoolId = "us-west-1:87b938db-00c9-4f1d-b259-81316da59e17";
exports.handler = async (event) => {
try {
// Get the JWT token from the Authorization header of the HTTP request
const id_token = util.getIdToken(event.headers);
// Use the token to retrieve the user's IdentityId and credentials
let params = {
IdentityPoolId: identityPoolId,
Logins: {
"accounts.google.com": id_token
}
};
// Below method is used to get the identity ID for the user based on the token
let data = await cognitoidentity.getId(params).promise();
params = {
IdentityId: data.IdentityId,
Logins: {
"accounts.google.com": id_token
}
};
//below method is used to get temporary credentials for the user.
data = await cognitoidentity.getCredentialsForIdentity(params).promise();
// Decode the JWT token to get the username
const decoded = jwtDecode(id_token);
const userName = decoded.name;
// Check if the username is present in the query string parameters of the HTTP request
if (event.queryStringParameters && event.queryStringParameters.username) {
const username = event.queryStringParameters.username;
// If the username in the query string matches the username in the JWT token, proceed with the request
if (username === userName) {
// Check the HTTP method of the request
switch (event.httpMethod) {
// If it's a GET request, retrieve the user's notes
case 'GET':
const notes = await getNotes(username);
return {
statusCode: 200,
headers: util.getResponseHeaders(),
body: JSON.stringify(notes)
};
// If it's a POST request, create a new note for the user
case 'POST':
const note = JSON.parse(event.body);
await createNote(username, note);
return {
statusCode: 201,
headers: util.getResponseHeaders(),
body: JSON.stringify({
message: 'Note created successfully'
})
};
// If it's a PUT request, update an existing note for the user
case 'PUT':
const noteId = event.pathParameters.id;
const updatedNote = JSON.parse(event.body);
await updateNote(username, noteId, updatedNote);
return {
statusCode: 200,
headers: util.getResponseHeaders(),
body: JSON.stringify({
message: 'Note updated successfully'
})
};
// If it's a DELETE request, delete an existing note for the user
case 'DELETE':
const id = event.pathParameters.id;
await deleteNote(username, id);
return {
statusCode: 200,
headers: util.getResponseHeaders(),
body: JSON.stringify({
message: 'Note deleted successfully'
})
};
default:
return {
statusCode: 400,
headers: util.getResponseHeaders(),
body: JSON.stringify({
message: 'Unsupported HTTP method'
})
};
}
} else {
return {
statusCode: 400,
headers: util.getResponseHeaders(),
body: JSON.stringify({
message: 'Missing username parameter'
})
};
}
}
} catch (err) {
console.log("Error", err);
return {
statusCode: err.statusCode ? err.statusCode : 500,
headers: util.getResponseHeaders(),
body: JSON.stringify({
error: err.name ? err.name : "Exception",
message: err.message ? err.message : "Unknown error"
})
};
}
}