From 68330728085db67530c20f19682a5a5f3e1d8086 Mon Sep 17 00:00:00 2001 From: Davin Glynn <99268114+dg25moravian@users.noreply.github.com> Date: Thu, 24 Apr 2025 22:10:20 -0400 Subject: [PATCH] Fix prod fixes prod --- endpoints/app.py | 80 ++++++++++++++++++++++-------------------------- 1 file changed, 37 insertions(+), 43 deletions(-) diff --git a/endpoints/app.py b/endpoints/app.py index 6cbe87f..70aa9f5 100644 --- a/endpoints/app.py +++ b/endpoints/app.py @@ -2,74 +2,68 @@ import json def lambda_handler(event, context): - """Sample pure Lambda function - - Parameters - ---------- - event: dict, required - API Gateway Lambda Proxy Input Format - - Event doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html#api-gateway-simple-proxy-for-lambda-input-format - - context: object, required - Lambda Context runtime methods and attributes - - Context doc: https://docs.aws.amazon.com/lambda/latest/dg/python-context-object.html - - Returns - ------ - API Gateway Lambda Proxy Output Format: dict - - Return doc: https://docs.aws.amazon.com/apigateway/latest/developerguide/set-up-lambda-proxy-integrations.html - """ PARAMETER_NAME = "searchTerm" - # These headers are always included to fix the CORS Issues + # Initialize default response object response = { - 'headers': { - 'Access-Control-Allow-Headers': '*', - 'Access-Control-Allow-Origin': '*', - 'Access-Control-Allow-Methods': '*' + "statusCode": 200, + "headers": { + "Access-Control-Allow-Headers": "Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,Accept,Origin,session-id", + "Access-Control-Allow-Methods": "GET,OPTIONS", + "Access-Control-Allow-Origin": "*" # This will be updated dynamically }, + "body": "" } - if 'queryStringParameters' not in event or event['queryStringParameters'] == None or PARAMETER_NAME not in event['queryStringParameters']: + # Determine the origin for CORS + origin = event['headers'].get("origin", "*") + if origin in ["https://mirrulations.com", "https://mirrulations.org"]: + allow_origin = origin + else: + allow_origin = "https://mirrulations.com" + response["headers"]["Access-Control-Allow-Origin"] = allow_origin + + # Handle CORS preflight request + if event['httpMethod'] == 'OPTIONS': + return response + + # Validate query parameters + if 'queryStringParameters' not in event or event['queryStringParameters'] is None or PARAMETER_NAME not in event['queryStringParameters']: response["statusCode"] = 400 - response['body'] = {"error": f"Bad request: Missing query parameter '{PARAMETER_NAME}'"} + response["body"] = json.dumps({"error": f"Bad request: Missing query parameter '{PARAMETER_NAME}'"}) return response - if event['headers'] == None: + if event['headers'] is None: response["statusCode"] = 400 - response['body'] = {"error": "Bad request: missing header"} + response["body"] = json.dumps({"error": "Bad request: Missing headers"}) return response query_parameters = event['queryStringParameters'] header = event['headers'] try: - session_id = header["Session-Id"] - except: - session_id = header["session-id"] + session_id = header.get("Session-Id", header.get("session-id")) + except Exception: + response["statusCode"] = 400 + response["body"] = json.dumps({"error": "Bad request: Session-ID header not found"}) + return response + input_json = { - "searchTerm": query_parameters["searchTerm"], - "pageNumber": query_parameters["pageNumber"], - "refreshResults": query_parameters["refreshResults"], + "searchTerm": query_parameters.get("searchTerm"), + "pageNumber": query_parameters.get("pageNumber"), + "refreshResults": query_parameters.get("refreshResults"), "sessionID": session_id, - "sortParams": query_parameters["sortParams"], - "filterParams": query_parameters["filterParams"] + "sortParams": query_parameters.get("sortParams"), + "filterParams": query_parameters.get("filterParams") } try: response_body = search(input_json) - except Exception as e: print(f"Exception in database query: {e}") response["statusCode"] = 500 - response['body'] = {"error": "Internal Server Error"} + response["body"] = json.dumps({"error": "Internal Server Error"}) return response - - - response["statusCode"] = 200 - response['body'] = json.dumps(response_body) + response["body"] = json.dumps(response_body) return response