npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

serverless-justauthenticateme-plugin

v1.0.1

Published

Serverless Framework Plugin for https://www.justauthenticate.me

Downloads

15

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

orndorffgrantorndorffgrant

Keywords

justauthenticatemeauthenticationauthserverlessapigatewaylambda

Readme

Introduction

JustAuthenticateMe offers simple magic link based authentication as a service for web apps. This is a serverless plugin that automatically authenticates your serverless endpoints using JustAuthenticateMe. It uses the JustAuthenticateMe API Gateway Custom Authorizer to verify incoming requests and pass the user's email on to your endpoint handler.

Supported Platforms

Currently, this plugin only supports AWS lambdas behind an API Gateway.

Getting Started

Installing via npm or yarn

justauthenticateme-apigateway-auth is a peer dependency so you'll have install it as well.

npm install --save serverless-justauthenticateme-plugin justauthenticateme-apigateway-auth
yarn add serverless-justauthenticateme-plugin justauthenticateme-apigateway-auth

Adding to your serverless.yml

Step 1: Add the plugin

plugins:
  - serverless-justauthenticateme-plugin

Step 2: Configure the plugin

You'll need your App ID from the JustAuthenticateMe console.

Static App ID
custom:
  justauthenticateme:
    appId: 01234567-89ab-cdef-0123-4567890abcde
App ID per Stage
custom:
  justauthenticateme:
    appId:
      production: 01234567-89ab-cdef-0123-4567890abcde
      staging: 456789ab-cdef-0123-4567-89abcdef0123
      dev: 890abcde-f012-3456-789a-bcdef1234567

Step 3: Specify Authenticated Endpoints

For each endpoint that should only be accessible by authenticated users, specify the authorizer as the keyword justauthenticateme like so:

functions:
  getBooks:
    handler: src/getBooks.handler
    events:
      - http:
          path: "api/books"
          method: get
          authorizer: justauthenticateme
          request:
            parameters:
              headers:
                Authorization: true

Using the Authorizer

Sending requests

When sending requests to endpoints that are protected by this authorizer, include the ID token you get from JustAuthenticateMe in the Authorization header after the keyword Bearer. It should look something like this:

Authorization: Bearer eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCIsImtpZCI6IjJlYjQwMTA0LWRjNDUtNGYzNy1iNjljLTkzN2I2Mzg2YjlmNiJ9.eyJlbWFpbCI6InN1cHBvcnRAanVzdGF1dGhlbnRpY2F0ZS5tZSIsInN1YiI6InN1cHBvcnRAanVzdGF1dGhlbnRpY2F0ZS5tZSIsImF1ZCI6ImIxOWEyMWI0LWFkOWQtNGZkNy04OGMxLTFiNjhiODI1YzY3MSIsImlzcyI6Imh0dHBzOi8vZGV2LWFwaS5qdXN0YXV0aGVudGljYXRlLm1lL2IxOWEyMWI0LWFkOWQtNGZkNy04OGMxLTFiNjhiODI1YzY3MSIsImp0aSI6IjZhMjJjOTEyLWYwMzYtNGU0Mi1iZjM5LTQ3N2ZhM2ExOGY2ZCIsInRva2VuX3VzZSI6ImlkIiwiaWF0IjoxNTgzNjk1NDM5LCJuYmYiOjE1ODM2OTU0MzksImV4cCI6MTU4MzY5NzIzOX0.AZqvVWSXn4zwP4WhYOL-nQEDDEMa4Cmpyx8HGJ-6uc3wLeZVfvil6RyAlUExnd6JpteaAImOrKo5fnv93SSGkP-eAN9igGRg0GmXpIeGno_sY_4rMLXDa6RtABL1lz5LCYMxD79oIYIflWJ-LVqmCF90msq-PysFZcgKVLa8oki8ZlKI

Handling requests

When a request is authenticated successfully, this lambda returns a policy allowing the user access to any resource protected by this authorizer. It also passes along the email address of the authenticated user to the handler of the API endpoint.

Specifically, a lambda handling an endpoint protected by this authorizer can access the user's email at event.requestContext.authorizer.email.

License

MIT