Skip to content

feat(cors): implement CORS handling across multiple Lambda functions #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Stivenjs merged 1 commit into from
Jun 1, 2025
Merged

feat(cors): implement CORS handling across multiple Lambda functions #61

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
52 changes: 19 additions & 33 deletions amplify/functions/LambdaEncryptKeys/handler.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import { getAmplifyDataClientConfig } from '@aws-amplify/backend/function/runtim
import { env } from '$amplify/env/apiKeyManager'
import { type Schema } from '../../data/resource'
import crypto from 'crypto'

import { getCorsHeaders } from '../shared/cors'
const { resourceConfig, libraryOptions } = await getAmplifyDataClientConfig(env)
Amplify.configure(resourceConfig, libraryOptions)

Expand Down Expand Up @@ -44,6 +44,16 @@ function decrypt(encryptedText: string): string {
}

export const handler = async (event: any) => {
const origin = event.headers?.origin || event.headers?.Origin

// Manejar peticiones OPTIONS (preflight CORS)
if (event.httpMethod === 'OPTIONS') {
return {
statusCode: 200,
headers: getCorsHeaders(origin),
body: '',
}
}
try {
const {
storeId,
Expand All @@ -61,20 +71,14 @@ export const handler = async (event: any) => {
return {
statusCode: 200,
body: JSON.stringify({ success: true, decryptedKey }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
} catch (error) {
console.error('Error al descifrar la clave:', error)
return {
statusCode: 400,
body: JSON.stringify({ success: false, message: 'Error al descifrar la clave' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}
}
Expand All @@ -84,10 +88,7 @@ export const handler = async (event: any) => {
return {
statusCode: 400,
body: JSON.stringify({ success: false, message: 'Faltan parámetros requeridos' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}

Expand All @@ -97,10 +98,7 @@ export const handler = async (event: any) => {
return {
statusCode: 200,
body: JSON.stringify({ success: true, encryptedKey }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}

Expand All @@ -113,10 +111,7 @@ export const handler = async (event: any) => {
return {
statusCode: 404,
body: JSON.stringify({ success: false, message: 'Tienda no encontrada' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}

Expand Down Expand Up @@ -196,10 +191,7 @@ export const handler = async (event: any) => {
return {
statusCode: 400,
body: JSON.stringify({ success: false, message: 'Tipo de clave API no soportado' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}

Expand All @@ -212,20 +204,14 @@ export const handler = async (event: any) => {
return {
statusCode: 200,
body: JSON.stringify({ success: true, encryptedKey }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
} catch (error) {
console.error('Error en apiKeyManager:', error)
return {
statusCode: 500,
body: JSON.stringify({ success: false, message: 'Error interno del servidor' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}
}
37 changes: 21 additions & 16 deletions amplify/functions/cancelPlan/handler.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
import axios from 'axios'
import { Amplify } from 'aws-amplify'
import { generateClient } from 'aws-amplify/data'
import { getCorsHeaders } from '../shared/cors'
import { getAmplifyDataClientConfig } from '@aws-amplify/backend/function/runtime'
import { env } from '$amplify/env/hookPlan'
import { type Schema } from '../../data/resource'
Expand All @@ -12,20 +13,24 @@ Amplify.configure(resourceConfig, libraryOptions)
// Inicializar el cliente para DynamoDB (Amplify Data)
const clientSchema = generateClient<Schema>()

// Definir cabeceras CORS para testing
const corsHeaders = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': '*',
}

export const handler = async (event: any) => {
const origin = event.headers?.origin || event.headers?.Origin

// Manejar peticiones OPTIONS (preflight CORS)
if (event.httpMethod === 'OPTIONS') {
return {
statusCode: 200,
headers: getCorsHeaders(origin),
body: '',
}
}
try {
// 1. Extraer parámetros necesarios
const { preapproval_id, user_id } = JSON.parse(event.body)
if (!preapproval_id || !user_id) {
return {
statusCode: 400,
headers: corsHeaders,
headers: getCorsHeaders(origin),
body: JSON.stringify({ message: 'Faltan parámetros' }),
}
}
Expand Down Expand Up @@ -65,9 +70,9 @@ export const handler = async (event: any) => {
if (response.status !== 200 && response.status !== 400) {
return {
statusCode: response.status,
headers: corsHeaders,
headers: getCorsHeaders(origin),
body: JSON.stringify({
message: data.message || 'Error al cancelar la suscripción',
message: data.message || 'Error at cancel plan',
}),
}
}
Expand All @@ -77,9 +82,9 @@ export const handler = async (event: any) => {
if (!endDate) {
return {
statusCode: 500,
headers: corsHeaders,
headers: getCorsHeaders(origin),
body: JSON.stringify({
message: 'No se pudo obtener la fecha de finalización',
message: 'Error at get end date',
}),
}
}
Expand All @@ -101,19 +106,19 @@ export const handler = async (event: any) => {

return {
statusCode: 200,
headers: corsHeaders,
headers: getCorsHeaders(origin),
body: JSON.stringify({
message: 'Suscripción cancelada, cambio pendiente',
message: 'Plan cancelled, pending change',
endDate,
}),
}
} catch (error: any) {
console.error('❌ Error en la función Lambda:', error)
console.error('❌ Error at cancel plan:', error)
return {
statusCode: 500,
headers: corsHeaders,
headers: getCorsHeaders(origin),
body: JSON.stringify({
message: 'Error interno',
message: 'Internal error',
error: error instanceof Error ? error.message : 'Unknown error',
}),
}
Expand Down
25 changes: 13 additions & 12 deletions amplify/functions/checkStoreDomain/handler.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import { Amplify } from 'aws-amplify'
import { generateClient } from 'aws-amplify/data'
import { getAmplifyDataClientConfig } from '@aws-amplify/backend/function/runtime'
import { env } from '$amplify/env/checkStoreDomain'
import { getCorsHeaders } from '../shared/cors'
import { type Schema } from '../../data/resource'

const { resourceConfig, libraryOptions } = await getAmplifyDataClientConfig(env)
Expand All @@ -10,16 +11,22 @@ Amplify.configure(resourceConfig, libraryOptions)
const clientSchema = generateClient<Schema>()

export const handler = async (event: any) => {
const origin = event.headers?.origin || event.headers?.Origin
const domainName = event.queryStringParameters?.domainName

if (event.httpMethod === 'OPTIONS') {
return {
statusCode: 200,
headers: getCorsHeaders(origin),
body: '',
}
}

if (!domainName) {
return {
statusCode: 400,
headers: getCorsHeaders(origin),
body: JSON.stringify({ message: 'Domain name is required' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
}
}

Expand All @@ -34,20 +41,14 @@ export const handler = async (event: any) => {
available: !(stores && stores.length > 0),
exists: stores && stores.length > 0,
}),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
} catch (error) {
console.error('Error checking domain availability:', error)
return {
statusCode: 500,
body: JSON.stringify({ message: 'Error checking domain availability' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}
}
17 changes: 5 additions & 12 deletions amplify/functions/checkStoreName/handler.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ import { Amplify } from 'aws-amplify'
import { generateClient } from 'aws-amplify/data'
import { getAmplifyDataClientConfig } from '@aws-amplify/backend/function/runtime'
import { env } from '$amplify/env/checkStoreName'
import { getCorsHeaders } from '../shared/cors'
import { type Schema } from '../../data/resource'

// Configurar Amplify para acceso a datos
Expand All @@ -12,16 +13,14 @@ Amplify.configure(resourceConfig, libraryOptions)
const clientSchema = generateClient<Schema>()

export const handler = async (event: any) => {
const origin = event.headers?.origin || event.headers?.Origin
const storeName = event.queryStringParameters?.storeName

if (!storeName) {
return {
statusCode: 400,
body: JSON.stringify({ message: 'Store name is required' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}

Expand All @@ -33,20 +32,14 @@ export const handler = async (event: any) => {
return {
statusCode: 200,
body: JSON.stringify({ exists: stores && stores.length > 0 }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
} catch (error) {
console.error('Error checking store name:', error)
return {
statusCode: 500,
body: JSON.stringify({ message: 'Error checking store name' }),
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
},
headers: getCorsHeaders(origin),
}
}
}
22 changes: 14 additions & 8 deletions amplify/functions/createSubscription/handler.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,21 @@
import { APIGatewayProxyHandler } from 'aws-lambda'
import { getCorsHeaders } from '../shared/cors'
import { env } from '$amplify/env/createSubscription'

const MERCADOPAGO_API_URL = 'https://api.mercadopago.com/preapproval'

export const handler: APIGatewayProxyHandler = async event => {
const origin = event.headers?.origin || event.headers?.Origin

// Manejar peticiones OPTIONS (preflight CORS)
if (event.httpMethod === 'OPTIONS') {
return {
statusCode: 200,
headers: getCorsHeaders(origin),
body: '',
}
}

try {
const body = JSON.parse(event.body || '{}')
const { userId, plan } = body
Expand Down Expand Up @@ -38,10 +50,7 @@ export const handler: APIGatewayProxyHandler = async event => {

return {
statusCode: 200,
headers: {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': '*',
},
headers: getCorsHeaders(origin),
body: JSON.stringify({
checkoutUrl: subscription.init_point,
}),
Expand All @@ -51,10 +60,7 @@ export const handler: APIGatewayProxyHandler = async event => {

return {
statusCode: 500,
headers: {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': '*',
},
headers: getCorsHeaders(origin),
body: JSON.stringify({
error: 'Error creando suscripción',
details: error instanceof Error ? error.message : 'Error desconocido',
Expand Down
Loading