Init

2024-10-12 14:08:09 +11:00 · 2024-10-12 14:08:09 +11:00 · 0029086b3f
commit 0029086b3f
148 changed files with 19047 additions and 0 deletions
--- a/packages/api/scripts/add-cognito-user.sh
+++ b/packages/api/scripts/add-cognito-user.sh
@ -0,0 +1,115 @@
+#!/usr/bin/env bash
+
+shopt -s failglob
+
+CURRENT_DIR="$(pwd -P)"
+PARENT_PATH="$(
+  cd "$(dirname "${BASH_SOURCE[0]}")" || exit
+  pwd -P
+)/.."
+cd "$PARENT_PATH" || exit
+
+STAGE=$1
+USER_EMAIL=$2
+USER_PASSWORD=$3
+
+# Sets REGION, APP_NAME, AWS_REGION, AWS_PROFILE
+. ../../scripts/project-variables.sh
+
+TABLE="${APP_NAME}-${STAGE}-admin"
+
+echo "Getting Cognito User Pool Id from [$STAGE]..."
+. ../../scripts/get-stack-outputs.sh "$STAGE" >/dev/null
+COGNITO_USER_POOL_ID="${UserPoolId:-}"
+if [ "$COGNITO_USER_POOL_ID" == "" ]; then
+  echo "Failed to get Cognito User Pool Id!"
+  echo 'Check your aws credentials are up to date, maybe run "npm run aws:profile"'
+  exit 1
+else
+  echo "Cognito Pool Id [$COGNITO_USER_POOL_ID]"
+fi
+
+if [ -z "$USER_EMAIL" ]; then
+  printf "Email: "
+  read -r USER_EMAIL
+fi
+
+if [ "$USER_EMAIL" == "" ]; then
+  echo "Error: No user email set"
+  exit 1
+fi
+
+if [ -z "$USER_PASSWORD" ]; then
+  echo
+  echo "Password Requirements:"
+  echo "- 8 character minimum length"
+  echo "- Contains at least 1 number"
+  echo "- Contains at least 1 lowercase letter"
+  echo "- Contains at least 1 uppercase letter"
+  echo "- Contains at least 1 special character"
+
+  printf "Password: "
+  read -sr USER_PASSWORD
+  echo ""
+fi
+
+if [ "$USER_PASSWORD" == "" ]; then
+  echo "Error: No user password set"
+  exit 1
+fi
+
+EXISTING_USER=$(aws cognito-idp admin-get-user \
+  --profile "${AWS_PROFILE}" \
+  --region "${REGION}" \
+  --user-pool-id "${COGNITO_USER_POOL_ID:-}" \
+  --username "${USER_EMAIL}")
+
+if [ "$EXISTING_USER" ]; then
+  echo "User already exists, will not modify password"
+  echo "Will attempt to add to DynamoDB"
+else
+  echo "Creating User..."
+
+  aws cognito-idp admin-create-user \
+    --profile "${AWS_PROFILE}" \
+    --region "${REGION}" \
+    --user-pool-id "${COGNITO_USER_POOL_ID:-}" \
+    --username "${USER_EMAIL:-}" \
+    --user-attributes Name=email,Value="${USER_EMAIL:-}" Name=email_verified,Value=true \
+    --message-action SUPPRESS >/dev/null
+
+  echo "Setting Password..."
+  aws cognito-idp admin-set-user-password \
+    --profile "${AWS_PROFILE}" \
+    --region "${REGION}" \
+    --user-pool-id "${COGNITO_USER_POOL_ID:-}" \
+    --username "${USER_EMAIL:-}" \
+    --password "${USER_PASSWORD:-}" \
+    --permanent >/dev/null
+fi
+
+USER_SUB=$(aws cognito-idp admin-get-user \
+  --profile "${AWS_PROFILE}" \
+  --region "${REGION}" \
+  --user-pool-id "${COGNITO_USER_POOL_ID:-}" \
+  --username "${USER_EMAIL}" |
+  jq '.["Username"]' |
+  tr -d '"')
+
+echo "User Sub: [${USER_SUB}]"
+
+if [ "$USER_SUB" ]; then
+  echo "Found user sub, attempting to create DynamoDB record"
+  aws dynamodb put-item \
+    --table-name "${TABLE}" \
+    --item \
+    "{\"userSub\": {\"S\": \"${USER_SUB}\"}, \"userEmail\": {\"S\": \"${USER_EMAIL}\"}}" \
+    --profile "${AWS_PROFILE}" \
+    --region "${REGION}"
+else
+  echo "User sub not found, cannot create DynamoDB record"
+fi
+
+echo "Done!"
+
+cd "$CURRENT_DIR" || exit
--- a/packages/api/scripts/deploy.sh
+++ b/packages/api/scripts/deploy.sh
@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+CURRENT_DIR="$(pwd -P)"
+PARENT_PATH="$(
+    cd "$(dirname "${BASH_SOURCE[0]}")" || exit
+    pwd -P
+)/.."
+cd "$PARENT_PATH" || exit
+
+STAGE=$1
+
+. ../../scripts/project-variables.sh
+. ../../scripts/get-stack-outputs.sh "$STAGE" >/dev/null
+npx serverless deploy --verbose --stage "$STAGE" --region "$REGION"
+
+# check if npx serverless deploy was successful
+if [ $? -eq 0 ]; then
+    echo "Deploy successful"
+else
+    echo "Deploy failed"
+    cd "$CURRENT_DIR" || exit
+    exit 1
+fi
+
+cd "$CURRENT_DIR" || exit
--- a/packages/api/scripts/run-api-local-debug.sh
+++ b/packages/api/scripts/run-api-local-debug.sh
@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+CURRENT_DIR="$(pwd -P)"
+PARENT_PATH="$(
+    cd "$(dirname "${BASH_SOURCE[0]}")" || exit
+    pwd -P
+)/.."
+cd "$PARENT_PATH" || exit
+
+# Sets REGION, APP_NAME, AWS_REGION, AWS_PROFILE
+. ../../scripts/project-variables.sh
+
+echo "Testing AWS Keys..."
+IAM_RESULT=$(aws sts get-caller-identity --query "Account" --output text --profile "$AWS_PROFILE")
+if [ "$IAM_RESULT" ]; then
+    echo "AWS Credentials work!"
+else
+    printf "\033[31mAWS Keys did not work!\033[39m\n"
+    exit
+fi
+
+# Set the user that will be used for private authorised endpoints - the user that logs in on the client will be ignored.
+# AUTHORIZER is a value detected by serverless offline https://github.com/dherault/serverless-offline#remote-authorizers
+# This user is and can be linked in local seed data so that there is user specific relationships.
+# Restart the API when this is changed.
+export AUTHORIZER='{"claims":{"email":"example@devika.com", "sub":"ed805890-d66b-4126-a5d9-0b22e70fce80"}}'
+
+# Required to install/use local DynamoDB
+pnpm run install:dynamodb
+
+# Doesn't seem compatible with debug mode
+# Provides stack trace using source map so the correct file and line numbers are shown
+# export NODE_OPTIONS=--enable-source-maps
+
+# Start the API with serverless
+export SLS_DEBUG="*" && node --inspect ./node_modules/serverless/bin/serverless offline start --stage local --region "$REGION" --httpPort 4000 --verbose "$@"
+
+cd "$CURRENT_DIR" || exit
--- a/packages/api/scripts/run-api-local.sh
+++ b/packages/api/scripts/run-api-local.sh
@ -0,0 +1,48 @@
+#!/usr/bin/env bash
+
+CURRENT_DIR="$(pwd -P)"
+PARENT_PATH="$(
+    cd "$(dirname "${BASH_SOURCE[0]}")" || exit
+    pwd -P
+)/.."
+cd "$PARENT_PATH" || exit
+
+# Sets REGION, APP_NAME, AWS_REGION, AWS_PROFILE
+. ../../scripts/project-variables.sh
+
+echo "Testing AWS Keys..."
+IAM_RESULT=$(aws sts get-caller-identity --query "Account" --output text --profile "$AWS_PROFILE")
+if [ "$IAM_RESULT" ]; then
+    echo "AWS Credentials work!"
+else
+    printf "\033[31mAWS Keys did not work!\033[39m\n"
+    printf "Would you like to continue anyway (y/N)? "
+    old_stty_cfg=$(stty -g)
+    stty raw -echo
+    answer=$(head -c 1)
+    stty "$old_stty_cfg"
+    if echo "$answer" | grep -iq "^y"; then
+        echo Yes
+        echo "Continuing (be aware things may not work as expected)"
+    else
+        echo No
+        exit
+    fi
+fi
+
+# Set the user that will be used for private authorised endpoints - the user that logs in on the client will be ignored.
+# AUTHORIZER is a value detected by serverless offline https://github.com/dherault/serverless-offline#remote-authorizers
+# This user is and can be linked in local seed data so that there is user specific relationships.
+# Restart the API when this is changed.
+export AUTHORIZER='{"claims":{"email":"example@devika.com", "sub":"ed805890-d66b-4126-a5d9-0b22e70fce80"}}'
+
+# Required to install/use local DynamoDB
+pnpm run install:dynamodb
+
+# Provides stack trace using source map so the correct file and line numbers are shown
+export NODE_OPTIONS=--enable-source-maps
+
+# Start the API with serverless
+npx serverless offline start --stage local --region "$REGION" --httpPort 4000 --verbose "$@"
+
+cd "$CURRENT_DIR" || exit