fix(): add missing bits to serverless yml including esbuild config, m…

…axDateRange, etc; add header-based authorization to POST requests and query param-based authorization to GET requests

README.md

@@ -139,7 +139,7 @@ The below commands are the most critical ones. See `package.json` for more comma
 #### Required
 
 - `custom.config.accountNumber`: Your AWS account number.
-- `custom.config.authToken`: The "API key" or authorization token you want to use to secure your service. You will use this when getting data from the service.
+- `custom.config.authToken`: The "API key" or authorization token you want to use to secure your service.
 
 Note that all unit tests use a separate authorization token that you don't have to care about in regular use.
 
@@ -210,8 +210,6 @@ All GET requests require that same token but in a more practical `Authorization`
 
 This approach adds a minimal security measure but is flexible enough to also work effortlessly with any integration tests you might want to run. At the end of the day an acceptable compromise solution, I hope.
 
-_Consider making a pull request, starting an Issue, or otherwise informing of your interest in this, if it's important to you or if you have ideas for resolving this in a good way._
-
 ## Using the service
 
 _Remember to pass your authorization token in the `Authorization` header!_

package.json

@@ -1,7 +1,7 @@
 {
   "name": "gitmetrix",
   "description": "Helps you find your team-level engineering metrics",
-  "version": "2.0.1",
+  "version": "2.0.2",
   "author": "Mikael Vesavuori",
   "license": "MIT",
   "keywords": [

serverless.yml

@@ -30,8 +30,9 @@ package:
 
 custom:
   config:
-    authToken: 'something' # Your choice, see for example https://www.uuidgenerator.net for getting a UUID v4
-    accountNumber: '876265053232'
+    authToken: something # Your choice, see for example https://www.uuidgenerator.net for getting a UUID v4
+    accountNumber: 123412341234
+    maxDateRange: 30
     tableName: gitmetrix
   aws:
     databaseArn: 'arn:aws:dynamodb:${self:provider.region}:${self:custom.config.accountNumber}:table/${self:custom.config.tableName}'
@@ -40,80 +41,74 @@ custom:
       dev: 0
       test: 0
     apiGatewayCachingTtlValue: ${self:custom.aws.apiGatewayCachingTtl.${self:provider.stage}, self:custom.aws.apiGatewayCachingTtl.test} # See: https://forum.serverless.com/t/api-gateway-custom-authorizer-caching-problems/4695
+  esbuild:
+    bundle: true
+    minify: true
 
 functions:
-  AuthorizerGet:
-    handler: src/infrastructure/authorizers/Authorizer.handler
-    description: ${self:service} authorizer for getting metrics
-    environment:
-      AUTH_TOKEN: ${self:custom.config.authToken}
   AuthorizerAdd:
-    handler: src/infrastructure/authorizers/Authorizer.handler
+    handler: src/infrastructure/adapters/web/Authorizer.handler
     description: ${self:service} authorizer for adding metrics
     environment:
       AUTH_TOKEN: ${self:custom.config.authToken}
-  GetMetrics:
-    handler: src/infrastructure/adapters/web/GetMetrics.handler
-    description: Get metrics from Gitmetrix
+  AuthorizerGet:
+    handler: src/infrastructure/adapters/web/Authorizer.handler
+    description: ${self:service} authorizer for getting metrics
+    environment:
+      AUTH_TOKEN: ${self:custom.config.authToken}
+  AddMetrics:
+    handler: src/infrastructure/adapters/web/AddMetrics.handler
+    description: Add a metric into Gitmetrix
     events:
       - http:
-          method: GET
+          method: POST
           path: /metrics
           authorizer:
-            name: AuthorizerGet
+            name: AuthorizerAdd
             resultTtlInSeconds: ${self:custom.aws.apiGatewayCachingTtlValue}
-            identitySource: method.request.header.Authorization
+            identitySource: method.request.querystring.authorization
             type: request
-          cors:
-            origin: '*'
-            methods:
-              - GET
-            headers:
-              - Content-Type
-              - Authorization
-              - Access-Control-Allow-Origin
-              - Access-Control-Allow-Credentials
-              - Vary
     iamRoleStatements:
       - Effect: 'Allow'
         Action:
           - dynamodb:PutItem
-          - dynamodb:Query
+          - dynamodb:UpdateItem
         Resource: ${self:custom.aws.databaseArn}
     environment:
       REGION: ${self:provider.region}
       TABLE_NAME: ${self:custom.config.tableName}
-  AddMetrics:
-    handler: src/infrastructure/adapters/web/AddMetrics.handler
-    description: Add a metric into Gitmetrix
+      MAX_DATE_RANGE: ${self:custom.config.maxDateRange}
+  GetMetrics:
+    handler: src/infrastructure/adapters/web/GetMetrics.handler
+    description: Get metrics from Gitmetrix
     events:
       - http:
-          method: POST
+          method: GET
           path: /metrics
           authorizer:
-            name: AuthorizerAdd
+            name: AuthorizerGet
             resultTtlInSeconds: ${self:custom.aws.apiGatewayCachingTtlValue}
-            identitySource: method.request.querystring.authorization
+            identitySource: method.request.header.Authorization
             type: request
           cors:
             origin: '*'
             methods:
-              - POST
+              - GET
             headers:
               - Content-Type
               - Authorization
               - Access-Control-Allow-Origin
               - Access-Control-Allow-Credentials
-              - Vary
     iamRoleStatements:
       - Effect: 'Allow'
         Action:
           - dynamodb:PutItem
-          - dynamodb:UpdateItem
+          - dynamodb:Query
         Resource: ${self:custom.aws.databaseArn}
     environment:
       REGION: ${self:provider.region}
       TABLE_NAME: ${self:custom.config.tableName}
+      MAX_DATE_RANGE: ${self:custom.config.maxDateRange}
 
 resources:
   Resources:

src/infrastructure/authorizers/Authorizer.ts → src/infrastructure/adapters/web/Authorizer.ts

@@ -1,4 +1,4 @@
-import { authorize } from '../../usecases/authorize';
+import { authorize } from '../../../usecases/authorize';
 
 /**
  * @description Lambda handler function to run our authorization use case.