Merge pull request serverless#363 from kalinchernev/master

eahefnawy · web-flow · commit 6e2ad885a973 · 2019-02-22T17:21:27.000+03:00
Add example: aws-node-signed-uploads
diff --git a/README.md b/README.md
@@ -75,6 +75,7 @@ serverless install -u https://github.com/serverless/examples/tree/master/folder-
 | [Aws Node Serverless Gong](https://github.com/serverless/examples/tree/master/aws-node-serverless-gong) <br/> A simple serverless gong using GitHub webhooks and a Slack app | nodeJS |
 | [Aws Node Ses Receive Email Body](https://github.com/serverless/examples/tree/master/aws-node-ses-receive-email-body) <br/> Receive an email, store in S3 bucket, trigger a lambda function. | nodeJS |
 | [Aws Node Ses Receive Email Header](https://github.com/serverless/examples/tree/master/aws-node-ses-receive-email-header) <br/> Receive an email, trigger a lambda function to process header. | nodeJS |
+| [Aws Node Singned Uploads](https://github.com/serverless/examples/tree/master/aws-node-signed-uploads) <br/> Serverless example for S3 signed uploads | nodeJS |
 | [Aws Serve Simple Http Endpoint](https://github.com/serverless/examples/tree/master/aws-node-simple-http-endpoint) <br/> Example demonstrates how to setup a simple HTTP GET endpoint | nodeJS |
 | [Aws Node Simple Transcribe S3](https://github.com/serverless/examples/tree/master/aws-node-simple-transcribe-s3) <br/> Example demonstrates how to setup a lambda function to transcribe audio file | nodeJS |
 | [Aws Single Page App Via Cloudfront](https://github.com/serverless/examples/tree/master/aws-node-single-page-app-via-cloudfront) <br/> Demonstrating how to deploy a Single Page Application with Serverless | nodeJS |
@@ -176,6 +177,7 @@ serverless install -u https://github.com/author/project -n my-project
 | **[Stack Overflow Monitor](https://github.com/picsoung/stackoverflowmonitor)** <br/> Monitor Stack Overflow questions and post them in a Slack channel | [picsoung](http://github.com/picsoung) |
 | **[Adoptable Pet Bot](https://github.com/lynnaloo/adoptable-pet-bot)** <br/> Tweets adoptable pets using Serverless (Node.js) and AWS Lambda | [lynnaloo](http://github.com/lynnaloo) |
 | **[Aws Mfa Enforce](https://github.com/Chan9390/aws-mfa-enforce)** <br/> Serverless function to automate enforcement of Multi-Factor Authentication (MFA) to all AWS IAM users with access to AWS Management Console. | [Chan9390](http://github.com/Chan9390) |
+| **[Aws Node Signed Uploads](https://github.com/kalinchernev/aws-node-signed-uploads)** <br/> Upload files larger than 10MB with AWS Lambda and API Gateway. Can be developed and tested locally. | [kalinchernev](http://github.com/kalinchernev) |
 | **[Aws Ses Serverless Example](https://github.com/lakshmantgld/aws-ses-serverless-example)** <br/> AWS SES example in NodeJS using lambda | [lakshmantgld](http://github.com/lakshmantgld) |
 | **[Bablebot](https://github.com/abiglobalhealth/babelbot)** <br/> Lambda + API Gateway: Zero-to-chatbot in <10 lines of JS. Built-in integrations for Messenger, Telegram, Kik, Line, Twilio, Skype, and Wechat. Or roll your own! | [abiglobalhealth](http://github.com/abiglobalhealth) |
 | **[Bittman](https://github.com/rhlsthrm/bittman)** <br/> A serverless project that follows a stock trading algorithm and uses scheduled functions to save data to DynamoDB and send emails through Mailgun. | [rhlsthrm](http://github.com/rhlsthrm) |
diff --git a/aws-node-signed-uploads/.babelrc b/aws-node-signed-uploads/.babelrc
@@ -0,0 +1,14 @@
+{
+  "presets": [
+    [
+      "env",
+      {
+        "targets": {
+          "node": "8.10"
+        },
+        "modules": false,
+        "loose": true
+      }
+    ]
+  ]
+}
diff --git a/aws-node-signed-uploads/.eslintrc b/aws-node-signed-uploads/.eslintrc
@@ -0,0 +1,6 @@
+---
+  root: true
+  extends:
+    - airbnb-base
+  env:
+    node: true
diff --git a/aws-node-signed-uploads/.gitignore b/aws-node-signed-uploads/.gitignore
@@ -0,0 +1,6 @@
+coverage
+.serverless
+.webpack
+node_modules
+*.log
+config.json
diff --git a/aws-node-signed-uploads/README.md b/aws-node-signed-uploads/README.md
@@ -0,0 +1,89 @@
+# AWS Node Signed Uploads
+
+## Requirements
+
+* Node.js (version 8 is best at the moment)
+* npm which comes with Node.js
+* yarn
+
+## Introduction
+
+The approach implemented in this service is useful when you want to use [Amazon API Gateway](https://aws.amazon.com/api-gateway/) and you want to solve the 10MB payload limit.
+
+The service is based on the [serverless](https://serverless.com/) framework. The service is uploading objects to a specific S3 bucket using a [pre-signed URL](http://docs.aws.amazon.com/AmazonS3/latest/dev/PresignedUrlUploadObject.html). Implemented in node.js runtime using [getSignedUrl](http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#getSignedUrl-property) method.
+
+The package is targeting the latest runtime of AWS Lambda. ([8.10](https://aws.amazon.com/blogs/compute/node-js-8-10-runtime-now-available-in-aws-lambda/))
+
+## Settings
+
+If you prefer to use a different region or stage, change these:
+
+```sh
+$ export AWS_STAGE=
+$ export AWS_REGION=
+```
+
+Defaults are `dev` and `eu-central-1`.
+
+Change name of upload bucket:
+
+```yaml
+bucketName: testBucket
+```
+
+### File name to sign
+
+The file you want to upload is signed via `x-amz-meta-filekey` header.
+
+### How to use
+
+Get dependencies with `yarn` or `npm install`. The following examples will assume the usage of `yarn`.
+
+Issue a `GET` request to get the signed URL:
+
+```sh
+curl --request GET \
+  --url https://{serviceID}.execute-api.{region}.amazonaws.com/dev/upload \
+  --header 'x-amz-meta-filekey: the-road-to-graphql.pdf'
+```
+
+If your bucket is called `foo`, and you upload `the-road-to-graphql`, after receiving the signed URL, issue a `PUT` request with the information you have signed:
+
+```sh
+curl --request PUT \
+  --url 'https://foo.s3.eu-central-1.amazonaws.com/the-road-to-graphql.pdf?X-Amz-SignedHeaders=host&X-Amz-Signature=the-signature&X-Amz-Security-Token=the-token&X-Amz-Expires=30&X-Amz-Date=20181210T113015Z&X-Amz-Credential=something10%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Algorithm=AWS4-HMAC-SHA256' \
+  --data 'somemething-awesome'
+```
+
+### Integrations
+
+Here's a short list of possible integrations I found making a quick Google search:
+
+* [Using pre-signed URLs to upload a file to a private S3 bucket](https://sanderknape.com/2017/08/using-pre-signed-urls-upload-file-private-s3-bucket/)
+* [react-s3-uploader](https://www.npmjs.com/package/react-s3-uploader)
+
+### Develop locally
+
+Starting a local dev server and its endpoint for receiving uploads:
+
+```bash
+$ yarn start
+```
+
+### Linter
+
+Starting the linter tasks:
+
+```bash
+$ yarn lint
+```
+
+### Deployment
+
+[Setup your AWS credentials](https://serverless.com/framework/docs/providers/aws/guide/credentials/).
+
+Run the following the fire the deployment:
+
+```bash
+$ yarn deploy
+```
diff --git a/aws-node-signed-uploads/package.json b/aws-node-signed-uploads/package.json
@@ -0,0 +1,26 @@
+{
+  "private": true,
+  "name": "aws-node-singned-uploads",
+  "description": "Serverless example for S3 signed uploads",
+  "version": "1.0.0",
+  "scripts": {
+    "deploy": "serverless deploy -v",
+    "lint": "eslint .",
+    "start": "serverless offline start"
+  },
+  "devDependencies": {
+    "aws-sdk": "2.223.1",
+    "babel-core": "6.26.0",
+    "babel-loader": "7.1.4",
+    "babel-preset-env": "1.6.1",
+    "eslint": "4.19.1",
+    "eslint-config-airbnb-base": "12.1.0",
+    "eslint-plugin-import": "2.10.0",
+    "serverless": "1.26.1",
+    "serverless-offline": "3.20.1",
+    "serverless-webpack": "5.1.1",
+    "webpack": "4.5.0"
+  },
+  "author": "Kalin Chernev <kalin.chernev@gmail.com>",
+  "license": "MIT"
+}
diff --git a/aws-node-signed-uploads/serverless.yml b/aws-node-signed-uploads/serverless.yml
@@ -0,0 +1,61 @@
+service: aws-node-singned-uploads
+
+plugins:
+  - serverless-webpack
+  - serverless-offline #serverless-offline needs to be last in the list
+
+custom:
+  bucketName: testbucket123notaken
+  webpack:
+    webpackConfig: 'webpack.config.js'
+    includeModules: true
+    packager: 'yarn'
+  serverless-offline:
+    port: 4000
+
+provider:
+  name: aws
+  runtime: nodejs8.10
+  stage: ${opt:stage, env:AWS_STAGE, 'dev'}
+  region: ${opt:region, env:AWS_REGION, 'eu-central-1'}
+  environment:
+    REGION: ${self:provider.region}
+    BUCKET: { Ref: Uploads }
+  versionFunctions: false
+  iamRoleStatements:
+  -  Effect: "Allow"
+     Action:
+       - "s3:*"
+     Resource: "*"
+
+functions:
+  upsert-objects:
+    handler: src/upload.handler
+    name: ${self:provider.stage}-${self:service}-upload
+    memorySize: 128
+    events:
+      - http:
+          path: upload
+          method: get
+          cors: true
+
+resources:
+  Resources:
+    Uploads:
+      Type: AWS::S3::Bucket
+      Properties:
+        BucketName: ${self:custom.bucketName}
+        CorsConfiguration:
+          CorsRules:
+            - AllowedHeaders:
+                - "Authorization"
+              AllowedMethods:
+                - GET
+              AllowedOrigins:
+                - "*"
+            - AllowedHeaders:
+                - "*"
+              AllowedMethods:
+                - PUT
+              AllowedOrigins:
+                - "*"
diff --git a/aws-node-signed-uploads/src/upload.js b/aws-node-signed-uploads/src/upload.js
@@ -0,0 +1,51 @@
+import AWS from 'aws-sdk'; // eslint-disable-line import/no-extraneous-dependencies
+
+export const handler = async event => {
+  const { REGION: region, BUCKET: bucket } = process.env;
+
+  if (!region || !bucket) {
+    throw new Error('REGION and BUCKET environment variables are required!');
+  }
+
+  const S3 = new AWS.S3({ signatureVersion: 'v4', region });
+
+  const file =
+    event.headers && event.headers['x-amz-meta-filekey']
+      ? event.headers['x-amz-meta-filekey']
+      : undefined;
+
+  if (!file) {
+    return {
+      statusCode: 400,
+      body: JSON.stringify({
+        message: 'Missing x-amz-meta-filekey in the header of the request.',
+      }),
+    };
+  }
+
+  const params = {
+    Bucket: bucket,
+    Key: file,
+    Expires: 30,
+  };
+
+  try {
+    const url = await S3.getSignedUrl('putObject', params);
+
+    return {
+      statusCode: 200,
+      headers: {
+        'Access-Control-Allow-Origin': '*', // Required for CORS support to work
+        'Access-Control-Allow-Credentials': true, // Required for cookies, authorization headers with HTTPS
+      },
+      body: JSON.stringify(url),
+    };
+  } catch (error) {
+    return {
+      statusCode: 400,
+      body: JSON.stringify(error),
+    };
+  }
+};
+
+export default handler;
diff --git a/aws-node-signed-uploads/webpack.config.js b/aws-node-signed-uploads/webpack.config.js
@@ -0,0 +1,23 @@
+const slsw = require('serverless-webpack');
+const path = require('path');
+
+module.exports = {
+  entry: slsw.lib.entries,
+  target: 'node',
+  externals: [{ 'aws-sdk': true }],
+  module: {
+    rules: [
+      {
+        test: /\.js$/,
+        include: __dirname,
+        exclude: /node_modules/,
+        use: [{ loader: 'babel-loader' }],
+      },
+    ],
+  },
+  output: {
+    libraryTarget: 'commonjs',
+    path: path.join(__dirname, '.webpack'),
+    filename: '[name].js',
+  },
+};
diff --git a/aws-node-signed-uploads/yarn.lock b/aws-node-signed-uploads/yarn.lock
diff --git a/community-examples.json b/community-examples.json
