diff --git a/README.md b/README.md index 6bf6e75..c872a98 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # API - +**Authors:** Seth Coleman, Davin Glynn, Trevor Gray, Nathan Hajel, Terrell Nelson, Giovanny Teran, and Brandon Yang ## How to run the API for testing ### Installing AWS and SAM @@ -80,3 +80,17 @@ The `samconfig.toml` file stores configuration parameters for SAM CLI deployment This README has been adapted to utilize the automated deployment features of AWS SAM, making it easier and faster to manage your deployments. For more detailed information, refer to this [AWS Tutorial](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-getting-started-hello-world.html#serverless-getting-started-hello-world-delete). + +### How To create a Github actions workflow: + +- It is important to note now and for the future that when making changes to github actions you must **push directly to upstream**. This is typically bad practice but is required for github actions to work. Need more information? Check out the [Discord](https://discord.com/channels/1332506599020822620/1333536321515290646/1336078961943380030). +- Create a directory ./github/workflows in the main repository. +- Create a .yml file which will contain the actions you want to complete. Check out the template [here](https://github.com/mirrulations/CIWebTest/blob/main/.github/workflows/github-actions-demo.yml). + - These commands are run from an ubuntu terminal by a “runner” created by github for this purpose +- Create a github secret to store AWS credentials, this is accomplished in the following steps + - Click _**Settings**_ + - Under _**Secrets and Variables**_ click _**Actions**_ + - Click _**New repository secret**_ and add the secret name and data + - Remember to create a secret for both the access key and the secret access key + +After all this is done your github actions file is complete, you can test it by pushing some minor change or with this [repo](https://github.com/nektos/act) found by our teammate Owen. diff --git a/endpoints/app.py b/endpoints/app.py index 6cbe87f..beb9a81 100644 --- a/endpoints/app.py +++ b/endpoints/app.py @@ -2,74 +2,68 @@ import json def lambda_handler(event, context): - """Sample pure Lambda function - - Parameters - ---------- - event: dict, required - API Gateway Lambda Proxy Input Format - - Event doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html#api-gateway-simple-proxy-for-lambda-input-format - - context: object, required - Lambda Context runtime methods and attributes - - Context doc: https://docs.aws.amazon.com/lambda/latest/dg/python-context-object.html - - Returns - ------ - API Gateway Lambda Proxy Output Format: dict - - Return doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html - """ PARAMETER_NAME = "searchTerm" - # These headers are always included to fix the CORS Issues + # Initialize default response object response = { - 'headers': { - 'Access-Control-Allow-Headers': '*', - 'Access-Control-Allow-Origin': '*', - 'Access-Control-Allow-Methods': '*' + "statusCode": 200, + "headers": { + "Access-Control-Allow-Headers": "Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Accept,Origin,session-id", + "Access-Control-Allow-Methods": "GET,OPTIONS", + "Access-Control-Allow-Origin": "*" # This will be updated dynamically }, + "body": "" } - if 'queryStringParameters' not in event or event['queryStringParameters'] == None or PARAMETER_NAME not in event['queryStringParameters']: + # Determine the origin for CORS + origin = event['headers'].get("origin", "*") + if origin in ["https://mirrulations.com", "https://mirrulations.org"]: + allow_origin = origin + else: + allow_origin = "https://mirrulations.com" + response["headers"]["Access-Control-Allow-Origin"] = allow_origin + + # Handle CORS preflight request + if event['httpMethod'] == 'OPTIONS': + return response + + # Validate query parameters + if 'queryStringParameters' not in event or event['queryStringParameters'] is None or PARAMETER_NAME not in event['queryStringParameters']: response["statusCode"] = 400 - response['body'] = {"error": f"Bad request: Missing query parameter '{PARAMETER_NAME}'"} + response["body"] = json.dumps({"error": f"Bad request: Missing query parameter '{PARAMETER_NAME}'"}) return response - if event['headers'] == None: + if event['headers'] is None: response["statusCode"] = 400 - response['body'] = {"error": "Bad request: missing header"} + response["body"] = json.dumps({"error": "Bad request: Missing headers"}) return response query_parameters = event['queryStringParameters'] header = event['headers'] try: - session_id = header["Session-Id"] - except: - session_id = header["session-id"] + session_id = header.get("Session-Id", header.get("session-id")) + except Exception: + response["statusCode"] = 400 + response["body"] = json.dumps({"error": "Bad request: Session-ID header not found"}) + return response + input_json = { - "searchTerm": query_parameters["searchTerm"], - "pageNumber": query_parameters["pageNumber"], - "refreshResults": query_parameters["refreshResults"], + "searchTerm": query_parameters.get("searchTerm"), + "pageNumber": query_parameters.get("pageNumber"), + "refreshResults": query_parameters.get("refreshResults"), "sessionID": session_id, - "sortParams": query_parameters["sortParams"], - "filterParams": query_parameters["filterParams"] + "sortParams": query_parameters.get("sortParams"), + "filterParams": query_parameters.get("filterParams") } try: response_body = search(input_json) - except Exception as e: print(f"Exception in database query: {e}") response["statusCode"] = 500 - response['body'] = {"error": "Internal Server Error"} + response["body"] = json.dumps({"error": "Internal Server Error"}) return response - - - response["statusCode"] = 200 - response['body'] = json.dumps(response_body) - return response + response["body"] = json.dumps(response_body) + return response \ No newline at end of file diff --git a/samconfig.toml b/samconfig.toml index a1fe67b..aeb7c3c 100644 --- a/samconfig.toml +++ b/samconfig.toml @@ -5,7 +5,7 @@ version = 0.1 [default.deploy.parameters] stack_name = "api-dev" region = "us-east-1" -confirm_changeset = false +confirm_changeset = true capabilities = "CAPABILITY_IAM" disable_rollback = false # Example: Allow more tolerance in dev for errors diff --git a/template.yaml b/template.yaml index 44b958b..046b89f 100644 --- a/template.yaml +++ b/template.yaml @@ -8,6 +8,42 @@ Globals: AllowMethods: "'*'" Resources: + AmplifyApp: + Type: AWS::Amplify::App + Properties: + Name: amplify-sam-demo-app + Repository: https://github.com/mirrulations/mirrulations-website.git + AccessToken: '{{resolve:secretsmanager:github-token}}' + IAMServiceRole: !GetAtt AmplifyRole.Arn + # EnvironmentVariables: + # Name: ENDPOINT + # Value: !Sub "https://${MyApi}.execute-api.${AWS::Region}.amazonaws.com/${Stage}/" + AmplifyRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: 2012-10-17 + Statement: + - Effect: Allow + Principal: + Service: + - amplify.amazonaws.com + Action: + - sts:AssumeRole + Policies: + - PolicyName: Amplify + PolicyDocument: + Version: 2012-10-17 + Statement: + - Effect: Allow + Action: "amplify:*" + Resource: "*" + AmplifyBranch: + Type: AWS::Amplify::Branch + Properties: + BranchName: main + AppId: !GetAtt AmplifyApp.AppId + EnableAutoBuild: true ApiGatewayApi: Type: AWS::Serverless::Api Properties: