Benson Macharia for AWS Community Builders

Posted on Nov 5, 2023 • Edited on Jan 8

Implementing Key and Token Authentication for a NodeJS API on AWS SAM

In this article, we will look at how to create a securely authenticated serverless NodeJs API leveraging on AWS API Gateway key and custom JWT token. AWS SAM (Serverless Application Model) creates secure, high-performing APIs and provides developers with a simplified development environment that allows them to solely focus on writing code without worrying about server management, infrastructure scaling, or hardware failures.

Designs

High-Level Architecture Diagram

The API calls from a mobile or web client are routed through an API Gateway to a Lambda function for processing. Data is persisted in a DynamoDb and logs stored on CloudWatch.

Sequence Diagram

The user first creates an account and then login using their credentials i.e. username and a password to get an access token. Making use of the access token, the user is then able to create a new event, update details and view all the events available.

Prerequisite

Basic skill in NodeJs
AWS Account
AWS CLI

Follow this guide (AWS CLI) to install.

$ aws --version aws-cli/2.7.32 Python/3.9.11 Darwin/23.0.0 exe/x86_64 prompt/off

SAM CLI

Follow this guide (SAM CLI) to install.

$ sam --version SAM CLI, version 1.73.0

Source
You can get the full source code here.

$ git clone https://github.com/bensonmacharia/sam-node-api.git

Let's Build

1. Environment Setup

Create the project folder and initialise the sam project.

$ mkdir sam-projects && cd sam-projects $ sam init -r nodejs18.x -d npm -n sam-node-api Which template source would you like to use? Choice: 1 Choose an AWS Quick Start application template Template: 6 Would you like to enable X-Ray tracing on the function(s) in your application? [y/N]: N Would you like to enable monitoring using CloudWatch Application Insights? [y/N]: N

We are specifying to use nodejs version 18, npm as the dependency manager for our Lambda runtime and sam-node-api as the name of our project. We have also chosen not to enable X-Ray tracing and CloudWatch Application Insights.

2. Let's do some clean up

Open the generated source code in your favourite IDE. In this case, vscode.

$ cd sam-node-api && code .

Delete the files that we will not be using.

$ rm -rf sam-node-dev events && rm -rf __tests__

3. Time now to edit the template.yaml file

In AWS SAM, template.yaml serves as the foundational configuration file for defining our serverless application. Clear the content on the template.yaml file and add the following below content.
AWSTemplateFormatVersion: Specifies the AWS CloudFormation template version. For SAM templates, this is usually set to '2010-09-09'.

AWSTemplateFormatVersion: 2010-09-09

Transform: Specifies the macro (transform) that AWS CloudFormation uses to process the template. For SAM templates, this should be set to 'AWS::Serverless-2016-10-31'.

- AWS::Serverless-2016-10-31

Description: Provides a description of the CloudFormation stack and the serverless application.

Description: >- sam-node-api

Resources: This section defines the AWS resources that make up your serverless application, such as AWS Lambda functions, API Gateway APIs, DynamoDB tables, and more. In this case we have an API Gateway, Secrets Manager, Lambda functions and DynamoDB as below.

API Gateway

Resources: # Create an API Gateway and add an API Key ApiGatewayEndpoint: Type: 'AWS::Serverless::Api' Properties: StageName: Prod Auth: # Require API Key for all endpoints ApiKeyRequired: true UsagePlan: CreateUsagePlan: PER_API UsagePlanName: GatewayAuthorization

Secret Manager

JWTUserTokenSecret: Type: AWS::SecretsManager::Secret Properties: Name: JWTUserTokenSecret Description: "This secret has a dynamically generated secret password." # Generate a random string 30 charatcers long for the JWT secret GenerateSecretString: GenerateStringKey: 'jwt_secret' PasswordLength: 30 ExcludeCharacters: '"@/\:;+*''' SecretStringTemplate: '{"secret_name": "sam-node-app-jwt-secret"}'

Get All Events Lambda Function

# This is a Lambda function config associated with the source code: get-all-events.js for getting all the Events. getAlleventsFunction: Type: AWS::Serverless::Function Properties: Handler: src/handlers/get-all-events.getAllEventsHandler Runtime: nodejs18.x Architectures: - x86_64 MemorySize: 128 Timeout: 100 Description: Includes a HTTP get method to get all events from a DynamoDB table. Policies: # Give Create/Read/Update/Delete Permissions to the EventsTable - DynamoDBCrudPolicy: TableName: !Ref EventsTable - AWSSecretsManagerGetSecretValuePolicy: SecretArn: !Ref JWTUserTokenSecret Environment: Variables: # Make table name accessible as environment variable from function code during execution SAMPLE_TABLE: !Ref EventsTable Events: Api: Type: Api Properties: RestApiId: Ref: ApiGatewayEndpoint # Expose the API through the path /v1/api/events Path: /v1/api/events Method: GET

Get Single Event By ID Lambda Function

# This is a Lambda function config associated with the source code: get-event.js for getting a single Event by its ID getEventByIdFunction: Type: AWS::Serverless::Function Properties: Handler: src/handlers/get-event.getEventByIdHandler Runtime: nodejs18.x Architectures: - x86_64 MemorySize: 128 Timeout: 100 Description: Includes a HTTP get method to get one event by id from a DynamoDB table. Policies: # Give Create/Read/Update/Delete Permissions to the EventsTable - DynamoDBCrudPolicy: TableName: !Ref EventsTable - AWSSecretsManagerGetSecretValuePolicy: SecretArn: !Ref JWTUserTokenSecret Environment: Variables: # Make table name accessible as environment variable from function code during execution SAMPLE_TABLE: !Ref EventsTable Events: Api: Type: Api Properties: RestApiId: Ref: ApiGatewayEndpoint # Expose the API through the path /v1/api/event/<id> Path: /v1/api/event/{id} Method: GET

Create an Event Lambda Function

# This is a Lambda function config associated with the source code: put-item.js for posting an Event into the database addEventFunction: Type: AWS::Serverless::Function Properties: Handler: src/handlers/add-event.addEventHandler Runtime: nodejs18.x Architectures: - x86_64 MemorySize: 128 Timeout: 100 Description: Includes a HTTP post method to add one event to a DynamoDB table. Policies: # Give Create/Read/Update/Delete Permissions to the EventsTable - DynamoDBCrudPolicy: TableName: !Ref EventsTable - AWSSecretsManagerGetSecretValuePolicy: SecretArn: !Ref JWTUserTokenSecret Environment: Variables: # Make table name accessible as environment variable from function code during execution SAMPLE_TABLE: !Ref EventsTable Events: Api: Type: Api Properties: RestApiId: Ref: ApiGatewayEndpoint # Expose the API through the path /v1/api/event Path: /v1/api/event Method: POST

User Registration Lambda Function

# This is a Lambda function config associated with the source code: user-register.js for adding a new user record into the database registerUserFunction: Type: AWS::Serverless::Function Properties: Handler: src/handlers/user-register.registerUserHandler Runtime: nodejs18.x Architectures: - x86_64 MemorySize: 128 Timeout: 100 Description: A HTTP post method to register a user and add record to a DynamoDB table. Policies: # Give Create/Read/Update/Delete Permissions to the UsersTable - DynamoDBCrudPolicy: TableName: !Ref UsersTable Environment: Variables: # Make table name accessible as environment variable from function code during execution USER_TABLE: !Ref UsersTable Events: Api: Type: Api Properties: RestApiId: Ref: ApiGatewayEndpoint # Expose the API through the path /v1/auth/user/register Path: /v1/auth/user/register Method: POST Auth: ApiKeyRequired: false

User Login Lambda Function

# This is a Lambda function config associated with the source code: user-login.js for fetching a user record from the database loginUserFunction: Type: AWS::Serverless::Function Properties: Handler: src/handlers/user-login.loginUserHandler Runtime: nodejs18.x Architectures: - x86_64 MemorySize: 128 Timeout: 100 Description: A HTTP post method to login a user and fetch record from a DynamoDB table. Policies: # Give Create/Read/Update/Delete Permissions to the UsersTable - DynamoDBCrudPolicy: TableName: !Ref UsersTable - AWSSecretsManagerGetSecretValuePolicy: SecretArn: !Ref JWTUserTokenSecret Environment: Variables: # Make table name accessible as environment variable from function code during execution USER_TABLE: !Ref UsersTable Events: Api: Type: Api Properties: RestApiId: Ref: ApiGatewayEndpoint # Expose the API through the path /v1/auth/user/login Path: /v1/auth/user/login Method: POST Auth: ApiKeyRequired: false

Events DynamoDB Table

# DynamoDB table to store Event details EventsTable: Type: AWS::Serverless::SimpleTable Properties: PrimaryKey: Name: id Type: String ProvisionedThroughput: ReadCapacityUnits: 2 WriteCapacityUnits: 2

Users DynamoDB Table

 # DynamoDB table to store User details UsersTable: Type: AWS::Serverless::SimpleTable Properties: PrimaryKey: Name: username Type: String ProvisionedThroughput: ReadCapacityUnits: 2 WriteCapacityUnits: 2

Outputs: Specifies the values to be exported from the stack once it's created. Outputs can include endpoint URLs, resource IDs, or any other information you want to make accessible after the deployment.

Outputs: ApiGateway: Description: "The URL is:" Value: !Sub "https://${ApiGatewayEndpoint}.execute-api.${AWS::Region}.amazonaws.com/Prod/" ApiKey: Description: "You can find your API Key in the AWS console: (Put in the request HEADER as 'x-api-key')" Value: !Sub "https://console.aws.amazon.com/apigateway/home?region=${AWS::Region}#/api-keys/${ApiGatewayEndpointApiKey}"

4. Edit the Environment Variables

Modify the env.json file to define our variables for the database names as below.

{ "getAllEventsFunction": { "SAMPLE_TABLE": "EventsTable" }, "getEventByIdFunction": { "SAMPLE_TABLE": "EventsTable" }, "addEventFunction": { "SAMPLE_TABLE": "EventsTable" }, "registerUserFunction": { "USER_TABLE": "UsersTable" }, "loginUserFunction": { "USER_TABLE": "UsersTable" } }

5. Install Dependencies

# Install API Gateway SDK $ npm install @aws-sdk/client-api-gateway # Install Secrets Manager SDK $ npm install @aws-sdk/client-secrets-manager # Install jsonwebtoken package for generating JWT tokens $ npm install jsonwebtoken # Install bcryptjs package for password encryption $ npm install bcryptjs # Install uuid package for generating uuidv4 ids $ npm install uuid

6. Let's Handle User Registration

Create a new file user-register.mjs under sam-node-api/src/handlers

$ touch src/handlers/user-register.mjs

Add the user registration logic on user-register.mjs

// Import bcrypt for encrypting user password import bcrypt from 'bcryptjs'; // Import uuid for generating unique user ID import { v4 as uuidv4 } from 'uuid'; // Create a DocumentClient that represents the query to add an item import { DynamoDBClient } from '@aws-sdk/client-dynamodb'; import { DynamoDBDocumentClient, PutCommand } from '@aws-sdk/lib-dynamodb'; const client = new DynamoDBClient({}); const ddbDocClient = DynamoDBDocumentClient.from(client); // Get the DynamoDB table name from environment variables const tableName = process.env.USER_TABLE; /** * A HTTP post method to add one user to a DynamoDB table. */ export const registerUserHandler = async (event) => { if (event.httpMethod !== 'POST') { throw new Error(`postMethod only accepts POST method, you tried: ${event.httpMethod} method.`); } // All log statements are written to CloudWatch console.info('received:', event); // Get username and password from the body of the request const body = JSON.parse(event.body); // Use a random uuidv4 string as a User ID  const id = uuidv4(); const username = body.username; // Generate a hashed password string const password = bcrypt.hashSync(body.password, 8); // Creates a new user, or replaces an old user record with a new one var params = { TableName: tableName, Item: { id: id, username: username, password: password } }; try { const data = await ddbDocClient.send(new PutCommand(params)); console.log("Success - user registered or updated", data); } catch (err) { console.log("Error", err.stack); } const responseData = { message: "Registration successful. Proceed to login", username: body.username } const response = { statusCode: 201, body: JSON.stringify(responseData) }; // All log statements are written to CloudWatch console.info(`response from: ${event.path} statusCode: ${response.statusCode} body: ${response.body}`); return response; };

7. Handle User Login

Create a new file user-login.mjs under sam-node-api/src/handlers

$ touch src/handlers/user-login.mjs

Add the user login logic on user-login.mjs

// Import bcrypt for encrypting user password and comparing the password hash import bcrypt from 'bcryptjs'; // Create a DocumentClient that represents the query to add an item import { DynamoDBClient } from '@aws-sdk/client-dynamodb'; import { DynamoDBDocumentClient, GetCommand } from '@aws-sdk/lib-dynamodb'; import { GetSecretValueCommand, SecretsManagerClient } from "@aws-sdk/client-secrets-manager"; // Import jwt for generating the user token import jwt from 'jsonwebtoken'; const client = new DynamoDBClient({}); const ddbDocClient = DynamoDBDocumentClient.from(client); const clientsecret = new SecretsManagerClient(); // Get the DynamoDB table name from environment variables const tableName = process.env.USER_TABLE; /** * A HTTP post method for user login. */ export const loginUserHandler = async (event) => { if (event.httpMethod !== 'POST') { throw new Error(`postMethod only accepts POST method, you tried: ${event.httpMethod} method.`); } // All log statements are written to CloudWatch console.info('received:', event); // Get username and password from the body of the request const body = JSON.parse(event.body); const username = body.username; const password = body.password; // Fetch the JWT secret string from AWS Secrets Manager  const secret_value = await clientsecret.send(new GetSecretValueCommand({ SecretId: "JWTUserTokenSecret", })); const jwt_secret = JSON.parse(secret_value.SecretString); var params = { TableName: tableName, Key: { username: username }, }; var token = ""; var message = ""; var status_code = 200; try { const data = await ddbDocClient.send(new GetCommand(params)); var item = data.Item; // Comprate a hash of the received password from the request body with the password hash from the database, if they match login the user and generate a JWT token if (bcrypt.compareSync(password, item.password)) { // create JWT token const jwttoken = jwt.sign( { userId: item.id, userName: body.username, }, jwt_secret.jwt_secret, { expiresIn: "1h" } ); message = "Login successful."; token = jwttoken; } else { status_code = 403; message = "Wrong password. Try again"; token = "NOT OKAY"; } } catch (err) { console.log("Error", err); } const responseData = { message: message, user: { username: body.username, token: token } } const response = { statusCode: status_code, body: JSON.stringify(responseData) }; // All log statements are written to CloudWatch console.info(`response from: ${event.path} statusCode: ${response.statusCode} body: ${response.body}`); return response; };

8. Add Events Logic

Rename the file put-item.mjs in sam-node-api/src/handlers to add-event.mjs

$ mv src/handlers/put-item.mjs src/handlers/add-event.mjs

Edit the add-event.mjs file

// Create a DocumentClient that represents the query to add an item import { DynamoDBClient } from '@aws-sdk/client-dynamodb'; import { DynamoDBDocumentClient, PutCommand } from '@aws-sdk/lib-dynamodb'; import { GetSecretValueCommand, SecretsManagerClient } from "@aws-sdk/client-secrets-manager"; // Import jwt for validating the user token import jwt from 'jsonwebtoken'; const client = new DynamoDBClient({}); const ddbDocClient = DynamoDBDocumentClient.from(client); const clientsecret = new SecretsManagerClient(); // Get the DynamoDB table name from environment variables const tableName = process.env.SAMPLE_TABLE; /** * A HTTP post method to add one Event item to a DynamoDB table. */ export const addEventHandler = async (event) => { if (event.httpMethod !== 'POST') { throw new Error(`postMethod only accepts POST method, you tried: ${event.httpMethod} method.`); } // All log statements are written to CloudWatch console.info('received:', event); // Get token from the authorization header const token = await event.headers.Authorization.split(" ")[1]; if (!token) { throw new Error(`Authorization token required.`); } // Get Event id, title and description from the body of the request const body = JSON.parse(event.body); const id = body.id; const title = body.title; const description = body.description; // Fetch the JWT secret string from AWS Secrets Manager  const secret_value = await clientsecret.send(new GetSecretValueCommand({ SecretId: "JWTUserTokenSecret", })); const jwt_secret = JSON.parse(secret_value.SecretString); //Check if the token is valid const decodedToken = jwt.verify(token, jwt_secret.jwt_secret); if (!decodedToken) { throw new Error(`Authorization token invalid or it has expired.`); } // Decode the JWT token to get user data const userID = decodedToken.userId; const userName = decodedToken.userName; console.info('decode-username:', userName); console.info('decode-userid:', userID); // Creates a new Event item, or replaces an old item with a new item var params = { TableName : tableName, Item: { id : id, title: title, description: description, added_by: userName, added_by_id: userID} }; try { const data = await ddbDocClient.send(new PutCommand(params)); console.log("Success - event added successfully", data); } catch (err) { console.log("Error", err.stack); } const response = { statusCode: 200, body: JSON.stringify(body) }; // All log statements are written to CloudWatch console.info(`response from: ${event.path} statusCode: ${response.statusCode} body: ${response.body}`); return response; };

9. View All Events Login

Rename the file get-all-items.mjs in sam-node-api/src/handlers to get-all-events.mjs

$ mv src/handlers/get-all-items.mjs src/handlers/get-all-events.mjs

Edit the get-all-events.mjs file

import { DynamoDBClient } from '@aws-sdk/client-dynamodb'; import { DynamoDBDocumentClient, ScanCommand } from '@aws-sdk/lib-dynamodb'; import { GetSecretValueCommand, SecretsManagerClient } from "@aws-sdk/client-secrets-manager"; // Import jwt for validating the user token import jwt from 'jsonwebtoken'; const client = new DynamoDBClient({}); const ddbDocClient = DynamoDBDocumentClient.from(client); const clientsecret = new SecretsManagerClient(); // Get the DynamoDB table name from environment variables const tableName = process.env.SAMPLE_TABLE; /** * A HTTP get method to get all events from a DynamoDB table. */ export const getAllEventsHandler = async (event) => { if (event.httpMethod !== 'GET') { throw new Error(`getAllItems only accept GET method, you tried: ${event.httpMethod}`); } // All log statements are written to CloudWatch console.info('received:', event); // Get token from the authorization header const token = await event.headers.Authorization.split(" ")[1]; if (!token) { throw new Error(`Authorization token required.`); } // Fetch the JWT secret string from AWS Secrets Manager  const secret_value = await clientsecret.send(new GetSecretValueCommand({ SecretId: "JWTUserTokenSecret", })); const jwt_secret = JSON.parse(secret_value.SecretString); //Check if the token is valid const decodedToken = jwt.verify(token, jwt_secret.jwt_secret); if (!decodedToken) { throw new Error(`Authorization token invalid or it has expired.`); } // Get all items from the table (only first 1MB data, you can use `LastEvaluatedKey` to get the rest of data) var params = { TableName : tableName }; try { const data = await ddbDocClient.send(new ScanCommand(params)); var items = data.Items; } catch (err) { console.log("Error", err); } const response = { statusCode: 200, body: JSON.stringify(items) }; // All log statements are written to CloudWatch console.info(`response from: ${event.path} statusCode: ${response.statusCode} body: ${response.body}`); return response; }

10. View Event By ID Login

Rename the file get-by-id.mjs in sam-node-api/src/handlers to get-event.mjs

$ mv src/handlers/get-by-id.mjs src/handlers/get-event.mjs

Edit the get-event.mjs file

import { DynamoDBClient } from '@aws-sdk/client-dynamodb'; import { DynamoDBDocumentClient, GetCommand } from '@aws-sdk/lib-dynamodb'; import { GetSecretValueCommand, SecretsManagerClient } from "@aws-sdk/client-secrets-manager"; // Import jwt for validating the user token import jwt from 'jsonwebtoken'; const client = new DynamoDBClient({}); const ddbDocClient = DynamoDBDocumentClient.from(client); const clientsecret = new SecretsManagerClient(); // Get the DynamoDB table name from environment variables const tableName = process.env.SAMPLE_TABLE; /** * A HTTP get method to get one Event item by id from a DynamoDB table. */ export const getEventByIdHandler = async (event) => { if (event.httpMethod !== 'GET') { throw new Error(`getMethod only accept GET method, you tried: ${event.httpMethod}`); } // All log statements are written to CloudWatch console.info('received:', event); // Get the token from the authorization header const token = await event.headers.Authorization.split(" ")[1]; if (!token) { throw new Error(`Authorization token required.`); } // Fetch the JWT secret string from AWS Secrets Manager  const secret_value = await clientsecret.send(new GetSecretValueCommand({ SecretId: "JWTUserTokenSecret", })); const jwt_secret = JSON.parse(secret_value.SecretString); //Check if the token is valid const decodedToken = jwt.verify(token, jwt_secret.jwt_secret); if (!decodedToken) { throw new Error(`Authorization token invalid or it has expired.`); } // Get id from pathParameters from APIGateway because of `/{id}` at template.yaml const id = event.pathParameters.id; // Get the item from the table var params = { TableName : tableName, Key: { id: id }, }; var scode = 200; var bdy = ""; try { const data = await ddbDocClient.send(new GetCommand(params)); var item = data.Item; bdy = JSON.stringify(item); if (!bdy) { scode = 404; bdy = JSON.stringify("Event details not found."); } } catch (err) { console.log("Error", err); scode = 400; bdy = err; } const response = { statusCode: scode, body: bdy }; // All log statements are written to CloudWatch console.info(`response from: ${event.path} statusCode: ${response.statusCode} body: ${response.body}`); return response; }

11. Build and Deploy the API

Build the SAM App

$ sam build Build Succeeded Built Artifacts : .aws-sam/build Built Template : .aws-sam/build/template.yaml

Deploy the SAM App

$ sam deploy --guided Stack Name [sam-app]: sam-node-app AWS Region [us-east-1]: us-east-1 #Shows you resources changes to be deployed and require a 'Y' to initiate deploy Confirm changes before deploy [y/N]: y #SAM needs permission to be able to create roles to connect to the resources in your template Allow SAM CLI IAM role creation [Y/n]: Y #Preserves the state of previously provisioned resources when an operation fails Disable rollback [y/N]: N Save arguments to configuration file [Y/n]: Y SAM configuration file [samconfig.toml]: SAM configuration environment [default]: Deploy this changeset? [y/N]: y CloudFormation outputs from deployed stack --------------- Outputs --------------- Key ApiKey Description You can find your API Key in the AWS console: (Put in the request HEADER as 'x-api-key') Value https://console.aws.amazon.com/apigateway/home?region=us-east-1#/api-keys/w22y9chd81 Key ApiGateway Description The URL is: Value https://d2io9v58l4.execute-api.us-east-1.amazonaws.com/Prod/ ----------------- Successfully created/updated stack - sam-node-app in us-east-1

12. Test the API

Test user registration

$ curl -X POST --header "Content-Type: application/json" --data '{"username":"bmacharia", "password":"pAssW0rd@s3cr3t"}' https://d2io9v58l4.execute-api.us-east-1.amazonaws.com/Prod/v1/auth/user/register HTTP/1.1 200 OK {"message":"Registration successful. Proceed to login","username":"bmacharia"}%

Test user login

$ curl -X POST --header "Content-Type: application/json" --data '{"username":"bmacharia", "password":"pAssW0rd@s3cr3t"}' https://d2io9v58l4.execute-api.us-east-1.amazonaws.com/Prod/v1/auth/user/login HTTP/1.1 200 OK {"message":"Login successful.","user":{"username":"bmacharia","token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI4NDMxMTU5Ny05YTlkLTQ2NDEtYjBjMS1mYTUzMGIzNTkwNzYiLCJ1c2VyTmFtZSI6ImJtYWNoYXJpYSIsImlhdCI6MTY5ODk2MjM2OSwiZXhwIjoxNjk4OTY1OTY5fQ.keoma2P6fdXnkrRklWX1vVoyaUXB_G06p6gvQLyOHHY"}}%

Test creating event

$ curl -X POST --header "Content-Type: application/json" --header "x-api-key: Laqoh0N6kCao2yw4SeDxCa9pwRdjxwra267VGjMH" --header "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI4NDMxMTU5Ny05YTlkLTQ2NDEtYjBjMS1mYTUzMGIzNTkwNzYiLCJ1c2VyTmFtZSI6ImJtYWNoYXJpYSIsImlhdCI6MTY5ODk2MjM2OSwiZXhwIjoxNjk4OTY1OTY5fQ.keoma2P6fdXnkrRklWX1vVoyaUXB_G06p6gvQLyOHHY" --data '{"id":"2", "title":"Cybersecurity Summit", "description":"Downtown Hotel, 31st December 2023"}' https://d2io9v58l4.execute-api.us-east-1.amazonaws.com/Prod/v1/api/event HTTP/1.1 200 OK {"id":"2","title":"Cybersecurity Summit","description":"Downtown Hotel, 31st December 2023"}%

Test getting all events

$ curl --header "Content-Type: application/json" --header "x-api-key: Laqoh0N6kCao2yw4SeDxCa9pwRdjxwra267VGjMH" --header "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI4NDMxMTU5Ny05YTlkLTQ2NDEtYjBjMS1mYTUzMGIzNTkwNzYiLCJ1c2VyTmFtZSI6ImJtYWNoYXJpYSIsImlhdCI6MTY5ODk2MjM2OSwiZXhwIjoxNjk4OTY1OTY5fQ.keoma2P6fdXnkrRklWX1vVoyaUXB_G06p6gvQLyOHHY" https://d2io9v58l4.execute-api.us-east-1.amazonaws.com/Prod/v1/api/events HTTP/1.1 200 OK [{"description":"Downtown Hotel, 31st December 2023","id":"2","title":"Cybersecurity Summit","added_by":"bmacharia","added_by_id":"84311597-9a9d-4641-b0c1-fa530b359076"},{"description":"Whitesands Hotel, 1st January 2024","id":"1","title":"GRC Conference","added_by":"bmacharia","added_by_id":"84311597-9a9d-4641-b0c1-fa530b359076"}]%

Get Event By ID

$ curl --header "Content-Type: application/json" --header "x-api-key: Laqoh0N6kCao2yw4SeDxCa9pwRdjxwra267VGjMH" --header "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiI4NDMxMTU5Ny05YTlkLTQ2NDEtYjBjMS1mYTUzMGIzNTkwNzYiLCJ1c2VyTmFtZSI6ImJtYWNoYXJpYSIsImlhdCI6MTY5ODk2MjM2OSwiZXhwIjoxNjk4OTY1OTY5fQ.keoma2P6fdXnkrRklWX1vVoyaUXB_G06p6gvQLyOHHY" https://d2io9v58l4.execute-api.us-east-1.amazonaws.com/Prod/v1/api/event/1 HTTP/1.1 200 OK {"description":"Whitesands Hotel, 1st January 2024","id":"1","title":"GRC Conference","added_by":"bmacharia","added_by_id":"84311597-9a9d-4641-b0c1-fa530b359076"}%

13. Clean Up

Delete the SAM App

$ sam delete --stack-name sam-node-app Are you sure you want to delete the stack sam-node-app in the region us-east-1 ? [y/N]: y Are you sure you want to delete the folder sam-node-app in S3 which contains the artifacts? [y/N]: y Deleted successfully

Top comments (1)

Emanuele Colonnelli • Jan 20 '24

Much better and useful than mostly all official docs :)