Skip to content

Konstrictorman/menuApp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
.mvn/wrapper
.mvn/wrapper
 
 
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
mvnw
mvnw
 
 
mvnw.cmd
mvnw.cmd
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Security Workshop

PArt 1 - JWT

Aplicación para administrar menús para un restaurante



[GET] getItems

localhost:7000/api/menu/items

image

[GET] GetItemById

localhost:7000/api/menu/items/2

image



[POST] createItem

localhost:7000/api/menu/items

image



Whatabyte demo client

Can list menu items

image


Can not create new menu items

image



User configuration

image


Login in

image

Authenticated user

image

Creating new item

image

Item successfully added image

Part 2 - AWS serverless application model

Requirements

  • The application must allow users to register (create an account).
  • The application must allow users to authenticate using a password.
  • The application must use Cognito to manage user accounts.
  • The application must grant integrity and authorization.
  • The application implements a minimal facebook-like social network. Every connected user can post messages and every user will see the posted messages. Last posted message is shown on top.
  • The application must show how many users are currently connected.
  • The application must updated the post feed and the number of connected users in Real-time.
  • Access to WS must be secure. -Implement the simplest minimal application possible.

Components

  • First step should be implementing Lambda functions for user registration (account creation), authentication, posting and retrieve messages.
  • Let's use DyanmoDB as the application datasource.
  • Create a Cognito User Pool to manage user accounts, enabling username and password sign-up
  • Expose API REST via AP Gateway

Design

image

How authentication works

  1. A client first log in via Cognito
  2. After successful login, Cognito returns an id_token to the client;
  3. The client sends a request to the API Gateway with the received id_token;
  4. The API Gateway verifies in Cognito whether the id_token is valid;
  5. Cognito will return to API Gateway a success response when the id_token is valid;
  6. The API Gateway sends the request to the lambda function;
  7. The lambda function executes and sends its response to the API Gateway;
  8. The API Gateway sends the response to the client.

References

About

Aplicación para administrar menús para un restaurante

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages