Ann*_*lan 9 validation amazon-web-services aws-lambda aws-api-gateway serverless-framework
我在后端使用无服务器框架.如何实现请求验证?(不想在lambda函数中编写验证).
Nic*_*zer 23
要使用serverless您实现请求验证,您需要执行以下操作:在堆栈中包含模型/标头定义,然后告诉API网关使用它们进行请求验证.
您需要安装以下软件包:
然后你需要将它们包括在你的serverless.yml:
plugins:
- serverless-reqvalidator-plugin
- serverless-aws-documentation
注意:下面只是快速了解如何合并软件包.访问包的文档页面以获取更全面的示例...
为API网关提供模型/标题的描述.
您可以为模型导入json模式,并使用serverless-aws-documentation插件声明http标头.以下是您为自己添加模型的方法serverless.yml:
custom:
documentation:
api:
info:
version: v0.0.0
title: Some API title
description: Some API description
models:
- name: SomeLambdaRequest
contentType: application/json
schema: ${file(models/SomeLambdaRequest.json)} # reference to your model's json schema file. You can also declare the model inline.
以下是您在lambda定义中引用模型的方法:
functions:
someLambda:
handler: src/someLambda.handler
events:
- http:
# ... snip ...
documentation:
summary: some summary
description: some description
requestBody:
description: some description
requestModels:
application/json: SomeLambdaRequest
您还可以针对lambda定义声明请求标头,如下所示:
functions:
someLambda:
handler: src/someLambda.handler
events:
- http:
# ... snip ...
documentation:
summary: some summary
description: some description
requestHeaders:
- name: x-some-header
description: some header value
required: true # true or false
- name: x-another-header
description: some header value
required: false # true or false
告诉API网关实际使用模型进行验证
这部分使用了serverless-reqvalidator-plugin包,您需要向文件中添加AWS::ApiGateway::RequestValidator资源serverless.yml.您可以指定是否要验证请求正文,请求标头或两者.
resources:
Resources:
onlyBody:
Type: AWS::ApiGateway::RequestValidator
Properties:
Name: 'only-body'
RestApiId:
Ref: ApiGatewayRestApi
ValidateRequestBody: true # true or false
ValidateRequestParameters: false # true or false
然后在个别函数上,您可以使用验证器,如下所示:
functions:
someLambda:
handler: src/someLambda.handler
events:
- http:
# ... snip ...
reqValidatorName: onlyBody # reference and use the 'only-body' request validator
将所有lambda定义放在一起最终会看起来像这样:
functions:
someLambda:
handler: src/someLambda.handler
events:
- http:
# ... snip ...
reqValidatorName: onlyBody # reference and use the 'only-body' request validator
documentation:
summary: some summary
description: some description
requestBody:
description: some description
requestModels:
application/json: SomeLambdaRequest
requestHeaders:
- name: x-some-header
description: some header value
required: true # true or false
- name: x-another-header
description: some header value
required: false # true or false
Iva*_*tyk 12
Serverless框架现在支持此功能,因此无需使用外部插件。
要启用请求验证,需要将以下内容添加到中serverless.yml:
HttpHandler:
handler: src/lambda/http/create.handler
events:
- http:
method: post
path: items
request:
schema:
application/json: ${file(models/create-todo-model.json)}
| 归档时间: |
|
| 查看次数: |
5885 次 |
| 最近记录: |