reason-serverless-echo/auth.re at master · connorbrathwaite/reason-serverless-echo · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
/* TODO */
let generatePolicy =
    (~context=?, ~principalId, ~effect, ~resource, ())
    : AwsLambda.APIGatewayAuthorizer.Result.t =>
  AwsLambda.APIGatewayAuthorizer.(
    Result.make(
      ~policyDocument=
        PolicyDocument.make(
          ~statement=[|
            Statement.make(
              ~action=[|"execute-api:Invoke"|],
              ~effect,
              ~resource,
            ),
          |],
          ~version="2012-10-17",
        ),
      ~principalId,
      ~context?,
      (),
    )
  );

let handle: AwsLambda.APIGatewayAuthorizer.handler =
  (event, _context, cb) => {
    open AwsLambda.APIGatewayAuthorizer;
    let token =
      event
      |. Event.queryStringParametersGet
      |> Js.Option.andThen((. params) => Js.Dict.get(params, "token"));
    switch (token) {
    | Some("secrettoken") =>
      cb(
        Js.null,
        Js.Nullable.return(
          generatePolicy(
            ~principalId="myuser",
            ~effect="Allow",
            ~resource=[|event |. Event.methodArnGet|],
            (),
          ),
        ),
      );
      Js.Promise.resolve();
    | _ =>
      cb(Js.Null.return("Unauthorized"), Js.Nullable.null);
      Js.Promise.resolve();
    };
  };