Open tenongene opened 6 months ago
===================== configured a function URL that will serve as the endpoint for the API
Prepared a lambda layer with all the node modules and dependencies for access by the lambda function
Added the environment variables for the lambda function.
Wrote an Express/JS API with REST API methods and routes that create a user (POST /user/signup), login a user(POST /user/login), add a new drug (PATCH /user/add), edit an existing drug (PATCH /user/edit), and deletes an existing drug (PATCH /user/delete).
The patch methods were used because each item in the DynamoDB table represents a unique user, so adding to attributes which represented their drug lists involved modifying attributes.
The code was converted to a lambda function code and a new lambda function was created on AWS.
========================= const serverless = require('serverless-http'); const express = require('express'); const morgan = require('morgan'); const cors = require('cors'); const jwt = require('jsonwebtoken'); const _ = require('lodash'); const bcrypt = require('bcrypt'); const { randomInt } = require('node:crypto'); const validator = require('validator'); const { DynamoDBClient } = require('@aws-sdk/client-dynamodb'); const { DynamoDBDocumentClient, UpdateCommand, QueryCommand, PutCommand } = require('@aws-sdk/lib-dynamodb'); const ACCESS_KEY = process.env.ACCESS_KEY; const SECRET = process.env.SECRET; const REGION = process.env.REGION; const TABLE_NAME = process.env.TABLE_NAME; const TABLE_GSI = process.env.TABLE_GSI; const client = new DynamoDBClient({ region: REGION, accessKeyId: ACCESS_KEY, secretAccessKey: SECRET, }); const ddb = DynamoDBDocumentClient.from(client);
const app = express(); //JWT issue function const createToken = (id) => { return jwt.sign({ id }, process.env.JWT_SECRET, { expiresIn: process.env.EXP }); }; //hash function const hashPass = async (password) => { try { const salt = await bcrypt.genSalt(15); const hash = await bcrypt.hash(password, salt); return hash; } catch (err) { console.log(err.message); } }; //randomid generator for userId const id = () => { return randomInt(1000000); }; //auth middleware const requireAuth = (req, res, next) => { //verify console.log(req.headers); const authHeader = req.headers.authorization || req.headers.Authorization; if (!authHeader || !authHeader?.startsWith('Bearer ')) { return res.status(401).json({ error: 'Authorization token required' }); } const bearerToken = authHeader.split(' ')[1]; try { const { id } = jwt.verify(bearerToken, process.env.JWT_SECRET); req.id = id; } catch (error) { console.log(error.message); res.status(401).json({ error: 'Request not authorized', msg: error.message }); } next(); }; //middleware app.use(cors(), function (req, res, next) { res.header('Access-Control-Allow-Origin', 'https://medtracker.d2va14boe1rzgf.amplifyapp.com'); res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization'); res.header('Access-Control-Allow-Credentials', 'true'); next(); }); app.use(express.json()); app.use(morgan('common'));
//signup app.post('/user/signup', async (req, res) => { const { email, password, firstName } = req.body; const jwtoken = createToken({ password }); const h_pass = await hashPass(password); const userModel = { TableName: TABLE_NAME, ConditionExpression: 'attribute_not_exists(email)', Item: { password:
${h_pass}
, email:${email}
, firstName:${_.capitalize(firstName)}
, id:${id()}
, drugList: [], }, };});
//login app.post('/user/login', async (req, res) => { const { email, password } = req.body;
});
// app.use(requireAuth());
//get app.get('/user/:id', async (req, res) => { try { const response = await ddb.send( new QueryCommand({ TableName: TABLE_NAME, IndexName: TABLE_GSI, KeyConditionExpression: 'id = :idvalue', ExpressionAttributeValues: { ':idvalue':
${req.params.id}
, },});
//Add user drug app.patch('/user/add', async (req, res) => { const { newDrug, email } = req.body;
});
//Edit user drug app.patch('/user/edit', async (req, res) => { const { drugIndex, email, updatedDrug } = req.body;
});
//Delete user drug app.patch('/user/delete', async (req, res) => { const { drugIndex, email } = req.body;
});
//export lambda function module.exports.handler = serverless(app);
===========================================