Guidesmiths middleware authorization provider

This repo contains the middleware used in all Guidesmiths internal projects which verifies the authorization on login.

It uses a AWS lambda that checks the user identity via google oauth. The repository of the lambda can be found there: lambda repo

How to use

The middleware is deployed as npm package at: npm package

To integrate this middleware using systemic, follow the next steps in your express app repo:

1 Create components/auth/index.js file with the following code:

const System = require('systemic');
const initAuth = require('middleware-auth');

module.exports = new System({ name: 'auth' }).add('auth', initAuth()).dependsOn('config');

2 Save the lambda url on the config/default.js file.

module.exports = { auth: { url: process.env.LAMBDA_AUTH_URL } };

3 Use it as a regular middleware express in your routes folder folder as for instance on components/routes/api-routes.js like in this example:

module.exports = () => {
  const start = ({ app, controller, auth }) => {
    app.use(bodyParser.json());
    app.get('/api/v1/restaurants', auth.authenticate, async (req, res, next) => {
      try {
        const data = await controller.getAllRestaurants();
        res.json(data);
      } catch (error) {
        next(error);
      }
    });
    return Promise.resolve();
  };
  return { start };
};

3.1 In this step, the information of the user, including the appOrigin field will be stored at res.locals.userData

dev https://k6vswy7emc.execute-api.eu-west-1.amazonaws.com/dev/ prod https://nwcii8cind.execute-api.eu-west-1.amazonaws.com/production/

Maintenance

The Gitlab CI is configured to deploy on npm the package in each push to master, updating the patch version.

On the project’s Settings > CI/CD and expanding the Variables section you can find the Environment Variable called NPM_TOKEN that defines the NPM account where the package is uploaded.