Update authorizer

jotacemarin · Sep 8, 2024 · f5fa6d3 · f5fa6d3
1 parent c387dfd
commit f5fa6d3
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 13 deletions.
diff --git a/mock_events/event_telegram_authorizer.json b/mock_events/event_telegram_authorizer.json
@@ -1,3 +1,3 @@
 {
-  "authorizationToken": "Basic S0dSYWZ2eVNxSTBoSm5vQVZuOHFqZzFRRkp3WEg4cFI6OjEyTUd6alhmeENEMmVTbGR3azdabXNiUWlRTHN6OTY1ZFhyZFJSSS0yR1U5V2kzdVpvLVY4bmN5Y3JFVEZLbEk="
+  "authorizationToken": "Basic MTM0NjU1NzA4NToyMmYzOTFkNS0xODcyLTRhZmItYTIxMS1hYjNiYmEyNGRlNjk="
 }
diff --git a/src/functions/telegram_authorizer/index.ts b/src/functions/telegram_authorizer/index.ts
@@ -2,7 +2,7 @@ import {
   APIGatewayAuthorizerResult,
   APIGatewayTokenAuthorizerEvent,
 } from "aws-lambda";
-import { AuthService } from "../../lib/services";
+import { UserDao } from "../../lib/dao/userDao";
 
 enum Effect {
   DENY = "Deny",
@@ -36,30 +36,27 @@ const extractToken = (authorizationToken: string) => {
   return { clientId, clientSecret };
 };
 
-const loginToAuth0 = async (
-  clientId: string | number,
-  clientSecret: string | number
+const login = async (
+  clientId: string,
+  clientSecret: string
 ): Promise<Effect> => {
   try {
-    AuthService.initInstance();
-    await AuthService.getToken(clientId, clientSecret);
-    return Effect.ALLOW;
+    await UserDao.initInstance();
+    const user = await UserDao.findByKey(clientId, clientSecret);
+    return Boolean(user) ? Effect.ALLOW : Effect.DENY;
   } catch (error) {
-    console.log(`${Effect.DENY}: ${error.message}`, error);
-    return Effect.ALLOW;
+    return Effect.DENY;
   }
 };
 
 export const telegramAuthorizer = async (
   event: APIGatewayTokenAuthorizerEvent
 ): Promise<APIGatewayAuthorizerResult> => {
   if (!event?.authorizationToken) {
-    console.log(`Effect: ${Effect.DENY}`);
     return buildPolicy(event.methodArn, Effect.DENY);
   }
 
   const { clientId, clientSecret } = extractToken(event.authorizationToken);
-  const effect = await loginToAuth0(clientId, clientSecret);
-  console.log(`Effect: ${effect}`);
+  const effect = await login(clientId, clientSecret);
   return buildPolicy(event.methodArn, effect);
 };
diff --git a/src/lib/dao/userDao.ts b/src/lib/dao/userDao.ts
@@ -75,6 +75,15 @@ export class UserDao {
     return null;
   }
 
+  public static async findByKey(id: string, key: string): Promise<User | null> {
+    const document = await UserDao.userModel.findOne({ id, key }).exec();
+    if (document) {
+      return { ...document.toObject() } as User;
+    }
+
+    return null;
+  }
+
   public static async save(user: User): Promise<User | null> {
     if (!user?.id) {
       throw new Error("id is missing");

diff --git a/src/lib/models/botnorrea.ts b/src/lib/models/botnorrea.ts
@@ -15,6 +15,7 @@ export interface User {
   firstname?: string;
   lastname?: string;
   qrPathId?: string;
+  key?: string;
   createdAt?: AtedAt | string;
   updatedAt?: AtedAt | string;
 }