Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KMS-514: Added authentication to CRUD apis #22

Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

KMS-514: Added authentication to CRUD apis #22

wants to merge 4 commits into from

Conversation

cgokey
Copy link
Contributor

@cgokey cgokey commented Mar 5, 2025
edited
Loading

Overview

What is the feature?

Adding authentication when creating, updating, deleting concepts.

What is the Solution?

Added edlAuthorizer to aws-functions.yml to any lambdas that write/delete data, this function will inspect the headers for a launchpad token and validate it against EDL.

What areas of the application does this impact?

Any operations that involve writing concepts will be authenticated now.

Testing

You'll need to comment out:
noAuth: true in serverless.yml
Restart serverless offline, make sure you have EDL_PASSWORD set in your env (same as MMT one).
Try hitting endpoints that require authentication, these should fail if you don't supply a token.
To supply a token, you'll need to pass -H "Authorization: $TOKEN" to your calls.

Attachments

Please include relevant screenshots or files that would be helpful in reviewing and verifying this change.

Checklist

  • I have added automated tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • My changes generate no new warnings

@cgokey cgokey requested review from htranho and mandyparson March 5, 2025 21:38
@codecov-commenter
Copy link

codecov-commenter commented Mar 5, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 99.54%. Comparing base (e70e88a) to head (be3c003).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main      #22      +/-   ##
==========================================
+ Coverage   99.52%   99.54%   +0.02%     
==========================================
  Files          67       72       +5     
  Lines         836      888      +52     
  Branches      183      190       +7     
==========================================
+ Hits          832      884      +52     
  Misses          4        4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

mandyparson
mandyparson reviewed Mar 7, 2025
View reviewed changes
serverless-configs/aws-functions.yml
name: edlAuthorizer
type: request
resultTtlInSeconds: 0
deleteAll:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove

mandyparson
mandyparson approved these changes Mar 7, 2025
View reviewed changes
serverless-configs/aws-functions.yml
recreateDatabase:
handler: serverless/src/recreateDatabase/handler.default
timeout: ${env:LAMBDA_TIMEOUT, '900'}
events:
- http:
method: delete
cors: ${file(./serverless-configs/${self:provider.name}-cors-configuration.yml)}
path: deleteAll
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@htranho htranho htranho approved these changes

@mandyparson mandyparson mandyparson approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@cgokey @codecov-commenter @htranho @mandyparson