wip middleware
This commit is contained in:
@@ -6,6 +6,8 @@ from aws_lambda_powertools.event_handler.middlewares import (
|
||||
BaseMiddlewareHandler,
|
||||
NextMiddleware,
|
||||
)
|
||||
from layercake.dateutils import now, ttl
|
||||
from layercake.dynamodb import ComposeKey, DynamoDBCollection, KeyPair
|
||||
from pydantic import UUID4, BaseModel, Field
|
||||
|
||||
|
||||
@@ -21,7 +23,7 @@ class AuthorizerMiddleware(BaseMiddlewareHandler):
|
||||
|
||||
if 'user' in authorizer:
|
||||
user = authorizer['user']
|
||||
app.append_context(user=AuthenticatedUser(**user))
|
||||
app.append_context(authenticated_user=AuthenticatedUser(**user))
|
||||
|
||||
return next_middleware(app)
|
||||
|
||||
@@ -32,3 +34,35 @@ class AuthenticatedUser(BaseModel):
|
||||
email: str
|
||||
email_verified: bool
|
||||
sub: UUID4
|
||||
|
||||
|
||||
class AuditLogMiddleware(BaseMiddlewareHandler):
|
||||
def __init__(self, action: str, /, collect: DynamoDBCollection) -> None:
|
||||
self.action = action
|
||||
self.collect = collect
|
||||
|
||||
def handler(
|
||||
self,
|
||||
app: APIGatewayHttpResolver,
|
||||
next_middleware: NextMiddleware,
|
||||
) -> Response:
|
||||
response = next_middleware(app)
|
||||
auth_user = app.context.get('authenticated_user')
|
||||
request_ctx = app.current_event.request_context
|
||||
ip_addr = request_ctx.http.source_ip
|
||||
|
||||
# Successful request
|
||||
if 200 <= response.status_code < 300 and auth_user:
|
||||
now_ = now()
|
||||
|
||||
self.collect.put_item(
|
||||
key=KeyPair(
|
||||
pk=ComposeKey(auth_user.id, prefix='logs'),
|
||||
sk=now_.isoformat(),
|
||||
),
|
||||
action=self.action,
|
||||
ip=ip_addr,
|
||||
ttl=ttl(start_dt=now_, days=365 * 2),
|
||||
)
|
||||
|
||||
return response
|
||||
|
||||
Reference in New Issue
Block a user