Simple AWS Serverless (SAM) Blog

A simple AWS Serverless (SAM) blog created based on Amazon DynamoDB Blog API using .NETCore 2.0

To Get Started

NOTE This template will generate an AWS API Gateway and its lambda methods. However, it does not set the lambda authorizer, so anyone with your URL would be able to create a post/user

NOTE-2 Currently, the user's password will be stored as email + password + secret. So, don't use it as production or implement a better crypt. (I'll do that later on.)

• Install .NETCore 2.0
• Install AWS SDK for .NET
• Install AWS Templates for .NET
  • dotnet new -i Amazon.Lambda.Templates::*

And, change serverless.template parameters

Parameters:
  BlogTableName:
    Default: # blog table name
  UserTableName:
    Default: # user table name
  Salt:
    Default: # unique salt phrase
  Issuer:
    Default: # some issuer string
  Audience:
    Default: # some audience string
  Secret:
    Default: # some secret to create JWT

To publish, execute

dotnet lambda deploy-serverless -sn <name of the new CloudFormation stack> -sb <An S3 bucket> --region <any-aws-region>

Once published, you'are all set almost done.

• Go to your AWS Api Gateway Console > [api name] > Authorizers,

• Create a new *Authorizer

  • Name: Authorizer's Name
  • Lambda Function: choose [AuthLambda] function
  • Lambda Invoke Role: [leave it blank]
  • Lambda Event Payload: Token
  • Token Source: Auth # The Blog uses this

• Go to Resources :

  and for each of these: /blogs [DELETE, POST], /me [GET] /users [DELETE, POST, GET, POST]

  • Open [method]'s Method Request
  • Choose [AuthorizerName] as your Authorization
  • Choose Validate body, query string parameters, and headers for Request Validator
  • In HTTP Request Headers, input Auth as a new Header and, set it as Required

• Once the you finish the requests setup, go to:

  for each resource [/...]

  • Actions > Deploy API > [choose a stage name]

• Now you are done!

Who came first, the 🐥 or the 🥚 ?

Before you set an Authorizer for /users [POST], it is recommended to create an Admin user.

POST /prod/users HTTP/1.1
Host: <your api url>
Content-Type: application/json
Cache-Control: no-cache
Postman-Token: 25d0a1c0-7476-c8f8-5671-a4b5a9140eb4
{
  "name": "Felipe Correa",
  "email": "felipe.correa (at) (google's Mail).com",
  "password": "my secure passwrod",
  "isAdmin": true
}

Here are some steps to follow to get started from the command line:

Once you have edited your template and code you can use the following command lines to deploy your application from the command line (these examples assume the project name is EmptyServerless):

Restore dependencies

    cd "BlogApi"
    dotnet restore

Deploy application

    cd "BlogApi/src/BlogApi"
    dotnet lambda deploy-serverless