This lambda is a mini express app (using aws-serverless-express) with an API Gateway in front, with domain mapping...
pinboard.gutools.co.ukforPRODpinboard.code.dev-gutools.co.ukforCODEpinboard.local.dev-gutools.co.ukfor local development (achieved withdev-nginx)
It has a few endpoints...
This is explicitly not cached and exists to...
- verify the pan-domain cookie and double-check user has
pinboardpermission - lookup the AppSync connection details
- generate a authentication token, which AppSync will verify with
auth-lambda - return some JavaScript which then injects a further script tag in the page (which will load the main client-side PinBoard code with the latest hash in its name, this is bundled in the lambda's ZIP), which upon loading is passed the AppSync config/secrets - so it can make the connection to AppSync.
This endpoint ensures there is long-lived caching headers (since the content of this file never change given the hash in the name) and then continues on to serve the main client-side PinBoard code (via next() since there's also a server.use(express.static(clientDirectory)); handler).
This endpoint has no auth and facilitates PRout by serving the GIT_COMMIT_HASH constant in the GIT_COMMIT_HASH.ts file (which is overritten in CI with the current commit hash).