Infrastructure as code framework used: AWS CDK AWS Services used: AWS Lambda, AWS DynamoDB
In this setup, you can sign up, verify, and login using Amazon Cognito. Additionally, you can create, read, update, and delete to-do tasks using the API.
Given more time, I would have implemented the following features to improve the application:
- Magic links for account verification
- Rate limiting using API keys
- More comprehensive models for data storage
- A comprehensive suite of tests to ensure the stability and reliability of the application
- Detailed documentation, including an OpenAPI specification for generating the API automatically
- A security audit to identify and mitigate any potential vulnerabilities.
- A Better access control pattern, I'm sure there is a better pattern for resticting users to only there todo's with dynmodb
- AWS CLI already configured with Administrator permission
- AWS CDK - v2
- NodeJS 14.x installed
- CDK bootstrapped in your account
Deploy the project to the cloud:
cdk synth
cdk deploy
When asked about functions that may not have authorization defined, answer (y)es. The access to those functions will be open to anyone, so keep the app deployed only for the time you need this demo running.
To delete the app:
cdk destroy
This endpoint creates a new user in the Cognito user pool.
Request Body:
- email (string): email of the user
- password (string): password of the user
- username (string): username of the user
Response:
- message (string): Descriptive message about the outcome of the request
This endpoint logs in an existing user and returns a JWT.
Request Body:
- email (string): email of the user
- password (string): password of the user
Response:
- message (string): Descriptive message about the outcome of the request
- token (string): JWT for the authenticated user
This endpoint verifies a user using a AWS verification code sent to the user by email.
Request Query parameters:
- code (string): Aws confirmation code
- username (string): Username of the account to verify
Response:
- message (string): Descriptive message about the outcome of the request
This endpoint is used to manage to-do tasks.
Method:
- GET: Retrieve all tasks for the authenticated user
- POST: Create a new task for the authenticated user
- PUT: Update an existing task for the authenticated user
- DELETE: Delete a task for the authenticated user
- GET: Retrieve a single task for the authenticated user
Request Body (POST and PUT only):
- taskDetails (string): Description of the task
- taskCompleted (Boolean): Task completion status
Response:
- message (string): Descriptive message about the outcome of the request
- data (list of tasks): List of tasks for the authenticated user
Authentication The API uses Amazon Cognito to authenticate users. Requests to the API must include a valid JWT in the Authorization header.
npm run build
compile typescript to jsnpm run watch
watch for changes and compilenpm run test
perform the jest unit tests (still to write)cdk deploy
deploy this stack to your default AWS account/regioncdk diff
compare deployed stack with current statecdk synth
emits the synthesized CloudFormation template