This project is a Sample Serverless Contract Management API built with Node.js, TypeScript, Serverless Framework, AWS Lambda, and DynamoDB. The API allows users to create and read contracts in a secure way using JWT Authorization to ensures that only authorized users can access the Lambda functions.
The main purpose of this sample project is to demonstrate how to create a secure Serverless API using API Gateway Lambda authorizer.
A Lambda authorizer is an API Gateway feature that uses a Lambda function to control access to your API.
In this project I used token-based Lambda authorizer which receives the caller's identity in a bearer JSON Web Token (JWT).
You will need the following packages installed locally,
- AWS CLI
- NodeJS (14.18.0 or higher)
- NPM
First, run the following commands in the same order
npm install -g serverless
npm install
npm run dynamodb:installTo start lambda functions and DynamoDB locally in the offline mode use the following command:
npm run sls:offline
To deploy the lambda functions to AWS run the following command:
npm run deploy
To remove all resources created on AWS run the following command:
npm run remove
For POST requests make sure to include `"Content-Type": "application/json" in the header.
POST signup -
http://localhost:3000/dev/signup
Example request body:
{
"username": "testUser",
"email": "testuser@gmail.com",
"password": "testPassword"
}
POST login -
http://localhost:3000/dev/login
Example request body:
{
"email": "testuser@gmail.com",
"password": "testPassword"
}
POST create contract -
http://localhost:3000/dev/contracts/create
Example request body:
{
"userId": “123rfedwsf3w45r342w”,
"name: “Contract Name”,
"templateId": “123rfedwsf3w45r342w”
}
GET get contracts ids -
http://localhost:3000/dev/contracts
GET get contract by id -
http://localhost:3000/dev/contracts/{id}
To run tests
npm run test
I added only few unit tests due to time constrains and the simplicty of the project. Future work is to add more tests and even integration tests.