aws-samples / lambda-refarch-webapp Goto Github PK

The design of the storage + indexes for DynamoDB isn't clear. Could the README.md be updated to explain the way the data is stored?

Currently the user token appears in the URL. When user gets authenticated Amazon Cognito generates a token and returns it to the website in the URL as a parameter.
This is not best security practice.
Is there a better (more secure) way of passing that token?

Hi:
Under directory ...\website, running command " gulp server", I got Task 'server' is not in your gulpfile

The CFN template mentions/assumes you'll deploy into us-east-1, however the Lambda function for receiving votes has us-west-2 hardcoded on line 7. It'd be good to either parameterise that, or to call it out in the README.

miss spell in template.yml

not exist 'todo-src/completeToDo/'

      Properties:
-        CodeUri: todo-src/completeToDo/
+        CodeUri: todo-src/completeTodo/
        Handler: app.completeToDoItem

ConfigHelperStack has failed with a reason.

Embedded stack arn:aws:cloudformation:us-east-1:696770747654:stack/serverless-web-refarch-ConfigHelperStack-IR7BHVLQ0B2V/df2f9280-13c6-11e9-b19b-12967e4454e6 was not successfully created: The following resource(s) failed to create: [AddConfigSetting].

This may be caused by the setting here.

I don't know what caused this.

It's failing with the following message:

<Error> <Code>AllAccessDisabled</Code> <Message>All access to this object has been disabled</Message> <RequestId>D4E69E7C80C26889</RequestId> <HostId> Co6bADFBvbqEXJHx3SnTb0VA9Eb8yFQjpw1/m4Fuk0Ro5aQZ2dIgIpzZ7joQ1weFBnti2BD5bY0= </HostId> </Error>

https://github.com/aws-samples/lambda-refarch-webapp/tree/master/todo-src doesn't share any code between the functions. This is a little detached from reality!

The CognitoID output by the template is used to populate the aws_user_pools_id config on the client. This isn't referenced anywhere, and it seems to be redundant with the Cognito API token. Is there any use for this config?

and

description of the bug:
When you login and attempt to delete a todo, it just logs you out of the console. I am able to add and complete todo's but not delete them. I've pasted the traceback that I'm getting in X-ray.

Reproduction Steps

minimal amount of code that causes the bug (if possible) or a reference:
Login and Create a Todo, and then attempt to delete it. It will send you back to the login page.

Error Log

what is the error message you are seeing?
Xray Trace:

MissingRequiredParameter: Missing required key 'Key' in params
at features.constructor.captureAWSRequest [as customRequestHandler] (/var/task/node_modules/aws-xray-sdk-core/lib/patchers/aws_p.js:77)
at features.constructor.addAllRequestListeners (/var/task/node_modules/aws-sdk/lib/service.js:279)
at features.constructor.makeRequest (/var/task/node_modules/aws-sdk/lib/service.js:203)
at features.constructor.svc.<computed> [as deleteItem] (/var/task/node_modules/aws-sdk/lib/service.js:685)
at DocumentClient.makeServiceRequest (/var/task/node_modules/aws-sdk/lib/dynamodb/document_client.js:100)
at DocumentClient.delete (/var/task/node_modules/aws-sdk/lib/dynamodb/document_client.js:237)
at deleteRecordById (/var/task/app.js:57)
at anonymous (/var/task/app.js:75)
at anonymous (/var/task/node_modules/aws-embedded-metrics/lib/logger/MetricScope.js:35)
at Generator.next (<anonymous>)

Environment

• SAM CLI Version :
• OS :
• Language :

Other

This is 🐛 Bug Report

Please merge nodejs runtime error into

https://s3.amazonaws.com/awslambda-serverless-web-refarch/serverless-web-master.template

I want to have a try.

Firstly, great effort in putting up the reference architecture, well done guys!

I have been trying to launch the stack recently to no avail.

I was using a user with admin role, and subsequently a root user (this is for my personal account, and I know this is a security risk). I used the default setting during the launch, I did not use IAM role to launch the stack.

This is the error when I click on the stack in Cloud Formation:

ROLLBACK_IN_PROGRESS AWS::CloudFormation::Stack serverless-web-refarch The following resource(s) failed to create: [DDBConfigTable, LambdaToDynamoDBUserTableRole, WebsiteBucket]. . Rollback requested by user.

What could be the issue and how can I get around the error?

Thanks!

Hi, I am interested in knowing how would one calculate or estimate the cost associated to running this application.

Reproduction Steps

Error Log

Environment

• **SAM CLI Version : 1.17.0
• **OS : Mac
• **Language : JS

Other

This is 🐛 Bug Report

Hello,

After deploying the webapp, when I sign up and then login, the page that is in the screenshot (attached) appears briefly then I get redirected to the login page again.

This seem to be an issue with the CORS policy, do you know how I can solve this?

Thank you!

Reproduction Steps

Error Log

Environment

• SAM CLI Version :
• OS :
• Language :

Other

This is 🐛 Bug Report

The aggregation function needs to be hung off the DynamoDB table "Votes" being updated. This isn't currently handled in the CFN template nor the README.md. Possibly best to do the latter with some guidance around batch sizing/etc.

Lets rename the CF template to lambda_webapp.template or something, Just keeping the same format as the other refarchs. Thanks

Cannot access stream arn:aws:dynamodb:us-east-1:6641*************:table/VoteApp/stream/2016-08-03T08:24:05.612. Please ensure the role can perform the GetRecords, GetShardIterator, DescribeStream, and ListStreams Actions on your stream in IAM. (Service: AWSLambda; Status Code: 400; Error Code: InvalidParameterValueException; Request ID: bc964133-5********************)

When you login and attempt to delete(or complete) a todo, it just logs you out of the console.

Reproduction Steps

Login and Create a Todo, and then attempt to delete(complete) it. It will send you back to the login page.

// todo-src/completeTodo, delteTodo/app.js
  if (!isValidRequest(context, event)) {
    metrics.putMetric('Error', 1, Unit.Count);
    return response(400, { message: 'Error: Invalid request' });
  }

Error Log

ERROR	Invoke Error 
{
    "errorType": "TypeError",
    "errorMessage": "Cannot read property 'id' of undefined",
    "stack": [
        "TypeError: Cannot read property 'id' of undefined",
        "    at isValidRequest (/var/task/app.js:36:26)",
        "    at /var/task/app.js:74:8",
        "    at /var/task/node_modules/aws-embedded-metrics/lib/logger/MetricScope.js:35:42",
        "    at Generator.next (<anonymous>)",
        "    at /var/task/node_modules/aws-embedded-metrics/lib/logger/MetricScope.js:22:71",
        "    at new Promise (<anonymous>)",
        "    at __awaiter (/var/task/node_modules/aws-embedded-metrics/lib/logger/MetricScope.js:18:12)",
        "    at Runtime.wrappedHandler [as handler] (/var/task/node_modules/aws-embedded-metrics/lib/logger/MetricScope.js:32:41)",
        "    at Runtime.handleOnce (/var/runtime/Runtime.js:66:25)"
    ]
}

Environment

• SAM CLI Version :
• OS :
• Language :

Other

Like addTodo, updateTodo, getTodo
  // if (!isValidRequest(context, event)) {
  if (!isValidRequest(event)) {
    metrics.putMetric('Error', 1, Unit.Count);
    return response(400, { message: 'Error: Invalid request' });
  }

This is 🐛 Bug Report

After couple hours of gooling and code examination (frontend) it's still unknown how headers are generated.

"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3", "accept-encoding": "gzip, deflate, br", "Accept-Language": "en-US,en;q=0.9,pt-BR;q=0.8,pt;q=0.7,es-CO;q=0.6,es;q=0.5,zh-CN;q=0.4,zh;q=0.3", "cache-control": "max-age=0", "CloudFront-Forwarded-Proto": "https", "CloudFront-Is-Desktop-Viewer": "true", "CloudFront-Is-Mobile-Viewer": "false", "CloudFront-Is-SmartTV-Viewer": "false", "CloudFront-Is-Tablet-Viewer": "false", "CloudFront-Viewer-Country": "US", "Host": "asdasd.execute-api.us-east-1.amazonaws.com", "sec-fetch-mode": "navigate", "sec-fetch-site": "none", "sec-fetch-user": "?1", "upgrade-insecure-requests": "1", "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36", "Via": "2.0 af59cbeda88e3a41b2689a63q4f61c64d.cloudfront.net (CloudFront)", "X-Amz-Cf-Id": "NzOz5TfgbqItgmy_C2Zj4TjAnkqMteY-aNMmshY4W9TZ1U-rJr5LHWw==", "X-Amzn-Trace-Id": "Root=1-5dc86974-035aeec025a456001d3ac4b6cb", "X-Forwarded-For": "72.21.196.66, 54.239.145.80", "X-Forwarded-Port": "443", "X-Forwarded-Proto": "https"

There also no documentation for this. any chance getting the answer or direction to dig?
Thanks

Just small stuff.
Anyway:
in the diagram image
Point 4:

Requests are passed through the API Gateway where they canbe

(not can be, divided. I think is just a typo)

Point 6. There is like a white line above the last row.

User A has access to User B's todos, and vice versa. There is no restriction of a todo list to the logged in user.

Reproduction Steps

1. Deploy the stack.
2. Go to the site.
3. Sign up as a user and enter a few todos.
4. Open another browser and sign up as a whole different user and view the todos.

Expected: The second user should only be able to see their todos and thus should have none.
Actual: The second user can see all of the first users todos.

Error Log

No error message.

Environment

• SAM CLI Version : 0.53.0
• OS :
• Language :

Other

The README.md states:
"As the ToDo application contains personal information (the user's ToDo items), access is restricted only to registered and authenticated users. Each user can access only their own items."

So I would expect a logged in user to only see their todos.

This is 🐛 Bug Report

description of the bug: In the README.md of this repo, a link "AWS SAM Template" pointing to https://github.com/aws-samples/lambda-refarch-webapp/blob/master/template.yml results in 404 page.

Reproduction Steps

minimal amount of code that causes the bug (if possible) or a reference:
Click on the "AWS SAM Template" link on the README.md file

Error Log

what is the error message you are seeing?
404 Page not found

Environment

• SAM CLI Version :
• OS :
• Language :

Other

This is 🐛 Bug Report

Keep getting message "TypeError: Cannot call method 'toUpperCase' of undefined at exports.handler (/var/task/app.js:11:32)" from votingapp lambda function.

API Gateway has 'request body passthrough' set to "When there are no templates defined", but fails with all other settings..

Hello,
I just deployed this example, but the functions of lambda are taking too much time. Is taking 1.6 seconds in getting only one post result. Any idea to improve this performance??

Thanks

config-helper.template
cognito-creation-helper.template

Replace "Runtime": "nodejs" with "Runtime": "nodejs4.3"

Hello

When I use the deploy script, the AWS Amplify app is not immediately functional:
I need to go manually through the AWS UI and click on "run build"

Is this expected? Or is there something I am missing?
Thanks!

Reproduction Steps

Error Log

Environment

• SAM CLI Version :
• OS :
• Language :

Other

This is 🐛 Bug Report

Reproduction Steps

(ins)[hendry@t14s todo-src]$ npm run test

> [email protected] test
> mocha tests/unit/

Error: No test files found: "tests/unit/"

I also tried following the steps in the README, but the dynamodb create-table line doesn't work

(ins)[hendry@t14s ~]$ aws dynamodb create-table --table-name TodoTable --attribute-definitions AttributeName=id,AttributeType=S --key-schema AttributeName=id,KeyType=HASH --billing-mode PAY_PER_REQUEST --endpoint-url http://127.0.0.1:8000

You must specify a region. You can also configure your region by running "aws configure".
(ins)[hendry@t14s ~]$ aws --region ap-southeast-1 dynamodb create-table --table-name TodoTable --attribute-definitions AttributeName=id,AttributeType=S --key-schema AttributeName=id,KeyType=HASH --billing-mode PAY_PER_REQUEST --endpoint-url http://127.0.0.1:8000

Unable to locate credentials. You can configure credentials by running "aws configure".
(ins)[hendry@t14s ~]$ aws --version
aws-cli/2.2.39 Python/3.8.8 Linux/5.14.8-arch1-1 exe/x86_64.arch prompt/off

This is 🐛 Bug Report