Skip to content

#214 create shared auth utility#230

Open
tsudhakar87 wants to merge 4 commits into
mainfrom
214-shared-auth-utility
Open

#214 create shared auth utility#230
tsudhakar87 wants to merge 4 commits into
mainfrom
214-shared-auth-utility

Conversation

@tsudhakar87

@tsudhakar87 tsudhakar87 commented Jun 9, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

ℹ️ Issue

Closes #214

📝 Description

Write a short summary of what you added. Why is it important? Any member of C4C should be able to read this and understand your contribution -- not just your team members.

Briefly list the changes made to the code:

  1. Refactored duplicated auth logic into a shared package at shared/lambda-auth/
  2. Updated all five lambdas (users, donors, projects, expenditures, reports) to install and use @branch/lambda-auth instead of their own auth implementations
  3. Updated each lambda's Dockerfile to build the shared package from source before installing the lambda's dependencies
  4. Updated docker-compose.yml to use the monorepo root as the Docker build context (required to include shared/ in the build) and added missing COGNITO_USER_POOL_ID/COGNITO_CLIENT_ID env vars to the users and projects services
  5. Added a root .dockerignore
  6. Updated the lambda CLI (lambda-cli.js) to auto-generate the auth.ts wrapper on init-handler
  7. Moved shared/ into this repo directly instead of pointing it at the C4C shared submodule
  8. Updated the github workflows to build the auth package first before installing other deps / running tests

✔️ Verification

  1. Run make up
  2. Get access token via curl -X POST http://localhost:3006/auth/login -H "Content-Type: application/json" -d '{"email":"<your-email>","password":"<your-password>"}'
  3. Hit an authenticated endpoint, I used curl http://localhost:3003/donors -H "Authorization: Bearer <token>" (returns 200 with donor data)
  4. Hit the same endpoint without a token, returns 401
  5. Hit it with a garbage token (Authorization: Bearer abc), also returns 401

🏕️ (Optional) Future Work / Notes

Did you notice anything ugly during the course of this ticket? Any bugs, design challenges, or unexpected behavior? Write it down so we can clean it up in a future ticket!

Moved the shared directory into this repo, as I don't believe this lambda-auth utility needs to be shared across all of c4c, but let me know if there's another way I should go about this or if the shared submodule is needed

@tsudhakar87 tsudhakar87 marked this pull request as ready for review June 9, 2026 21:50
@github-actions github-actions Bot requested a review from mehanana June 9, 2026 21:51
github-actions Bot added a commit that referenced this pull request Jun 9, 2026
@github-actions
bot: assign reviewer for PR #230
5d525f9
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nourshoreibah nourshoreibah Awaiting requested review from nourshoreibah nourshoreibah is a code owner

@mehanana mehanana Awaiting requested review from mehanana

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Backend refactoring 2: Create shared auth utility

1 participant

@tsudhakar87