Skip to content

Task 7 #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Lunarr0 wants to merge 10 commits into
base: main
Choose a base branch
from
Open

Task 7 #5

Lunarr0 wants to merge 10 commits into from

Conversation

@Lunarr0
Copy link
Owner

@Lunarr0 Lunarr0 commented Mar 19, 2025
edited
Loading

Pull Request: Add Authorization Service with Basic Authorizer Lambda

Description
This PR implements the following tasks as part of the backend project:

Task 7.1

  • Created a new service called authorization-service at the same level as product-service and import-service.
  • Developed a Lambda function named basicAuthorizer under the authorization-service. This function:
    • Reads environment variables from a .env file using the dotenv package.
    • Checks the Basic Authorization token provided in the request.
    • Returns:
      • 403 HTTP Status if the user access is denied (invalid authorization token).
      • 401 HTTP Status if the Authorization header is not provided.
      • IAM policy upon successful authorization, enabling invocation of the desired method.

Task 7.2

  • Added Lambda authorization to the /import path of the Import Service API Gateway, using the basicAuthorizer Lambda as the authorizer.

Task 7.3

  • Updated the client application to send a Basic Authorization header in requests to the /import path: 
    Authorization: Basic {authorization_token}
    The authorization_token is a base64-encoded string of {your_github_account_login}:TEST_PASSWORD, which is retrieved from the browser's localStorage: 
    const authorization_token = localStorage.getItem('authorization_token');

Steps to test

Open the Application Tab in browser

  • And set the token in the local storage 
        authorization_token = THVuYXJyMD1URVNUX1BBU1NXT1JE
  • Then go to the manage product and send your csv file

OR

Using Curl

curl -X GET "https://tpv5ydqmbg.execute-api.us-east-1.amazonaws.com/prod/import?name=test_copy.csv" \
  -H "Authorization: Basic THVuYXJyMD1URVNUX1BBU1NXT1JE"

Additional Information

  • The .env file is included to store credentials securely and is added to .gitignore to prevent it from being pushed to GitHub.
  • Wrote Unit Test for Test Authorization

Links

Screenhots

Screenshot 2025-03-21 at 05 45 52 Screenshot 2025-03-21 at 07 48 36

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Lunarr0