first commit

sqreen · Dec 18, 2019 · f5d4574 · f5d4574
commit f5d4574
Show file tree

Hide file tree

Showing 9 changed files with 89 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+node_modules
+package-lock.json
+.idea
diff --git a/functions/authenticated-route.js b/functions/authenticated-route.js
@@ -0,0 +1,8 @@
+const authWrapper = require('../utils/authenticate-wrapper');
+
+exports.handler = authWrapper(function (event, context, callback) {
+    callback(null, {
+        statusCode: 200,
+        body: "You can edit our amazing products"
+    });
+})
diff --git a/functions/login.js b/functions/login.js
@@ -0,0 +1,10 @@
+const jwt = require('jsonwebtoken');
+
+exports.handler = function(event, context, callback) {
+    jwt.sign({ foo: 'bar' }, 'mySecret', function(err, token) {
+        callback(null, {
+            statusCode: 200,
+            body: token
+        });
+    });
+};
diff --git a/functions/unauthenticated-route.js b/functions/unauthenticated-route.js
@@ -0,0 +1,6 @@
+exports.handler = function(event, context, callback) {
+    callback(null, {
+        statusCode: 200,
+        body: "You can see our amazing products"
+    });
+};
diff --git a/netlify.toml b/netlify.toml
@@ -0,0 +1,3 @@
+[build]
+  functions = "functions"
+  publish = "src/"
diff --git a/package.json b/package.json
@@ -0,0 +1,14 @@
+{
+  "name": "sqreenity-auth-func",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "jsonwebtoken": "^8.5.1"
+  }
+}
diff --git a/readme.md b/readme.md
@@ -0,0 +1,10 @@
+# Netlify function JWT authentication example
+
+This repo is a code example repo related to this article.
+
+It shows using function wrappers in order to authenticate specific netlify functions.
+
+
+
+Try me live!
+[![Deploy to Netlify](https://www.netlify.com/img/deploy/button.svg)](https://app.netlify.com/start/deploy?repository=https://github.com/sqreen/article-serverless-auth-example)
diff --git a/src/index.html b/src/index.html
@@ -0,0 +1,11 @@
+<div>
+    <div>
+        <a href="/.netlify/functions/login">Get JWT token</a>
+    </div>
+    <div>
+        <a href="/.netlify/functions/unauthenticated-route">Go to an unauthenticated route</a>
+    </div>
+    <div>
+        <a href="/.netlify/functions/authenticated-route">Go to an authenticated route</a>
+    </div>
+</div>
diff --git a/utils/authenticate-wrapper.js b/utils/authenticate-wrapper.js
@@ -0,0 +1,24 @@
+const jwt = require('jsonwebtoken');
+
+module.exports = fn => (...args) => {
+    const [context] = args;
+    // using context.queryStringParameters.token as a token holder is for the sake of the demo.
+    // use cookies or an authorization header if you want to use it in prod
+    if(!context.queryStringParameters.token) {
+        return unauthResp(...args);
+    }
+    jwt.verify(context.queryStringParameters.token, 'mySecret', function(err, decoded) {
+        if(err) {
+            return unauthResp(...args);
+        }
+        return fn(...args)
+    });
+};
+
+
+const unauthResp = (event, context, callback) => {
+    callback(null, {
+        statusCode: 400,
+        body: 'Not authenticated',
+    });
+};