initial commit
This commit is contained in:
@@ -0,0 +1,55 @@
|
||||
import hashlib
|
||||
import os
|
||||
|
||||
|
||||
#region = os.environ['region']
|
||||
#account_id = os.environ['account_id']
|
||||
#api_id = os.environ['api_id']
|
||||
pw_hash = os.environ['pw_hash']
|
||||
#resource_arn = f"arn:aws:execute-api:{region}:{account_id}:{api_id}:/*/*/" # based on observed routeArn in event
|
||||
|
||||
def lambda_handler(event, context):
|
||||
# debug
|
||||
# print(f"Event received: {event}")
|
||||
# print(f"resource_arn: {resource_arn}")
|
||||
|
||||
# Extract the token from headers
|
||||
token = event['headers'].get('authorization', '')
|
||||
|
||||
# Check token validity
|
||||
is_authorized = token == pw_hash
|
||||
|
||||
# Log for debugging
|
||||
print(f"Authorization status: {is_authorized}. Authorization token: {'*' * len(token)}")
|
||||
|
||||
# Simple response
|
||||
return {
|
||||
"isAuthorized" : is_authorized
|
||||
}
|
||||
|
||||
# IAM policy response, which is overkilled with no added benefit
|
||||
# to use IAM policy response, your api needs to have "enableSimpleResponses" : false
|
||||
# if is_authorized:
|
||||
# return {
|
||||
# "principalId" : "demo",
|
||||
# "policyDocument": {
|
||||
# "Version": "2012-10-17",
|
||||
# "Statement": [{
|
||||
# "Action": "execute-api:Invoke",
|
||||
# "Effect": "Allow",
|
||||
# "Resource": event["routeArn"]
|
||||
# }]
|
||||
# }
|
||||
# }
|
||||
# else:
|
||||
# return {
|
||||
# "principalId" : "demo",
|
||||
# "policyDocument": {
|
||||
# "Version": "2012-10-17",
|
||||
# "Statement": [{
|
||||
# "Action": "*",
|
||||
# "Effect": "Deny",
|
||||
# "Resource": "*"
|
||||
# }]
|
||||
# }
|
||||
# }
|
||||
Reference in New Issue
Block a user