Deploys an AWS stack which provides JWT access + refresh tokens authenticated by a single master password
The deployed service has two endpoints:
GET /pubkey: serves the public key part used to verify signed tokensPOST /token: upon successful authentication, sets a new refresh token cookie, and returns a new access token in the response body- authentication succeeds if the master password is supplied in the request body or a valid refresh token is present
- register a domain
- create a certificate for this domain using AWS Certificate Manager
- clone this repo
cd authnpm install- modify
config.mk make deploy
make secret
make key
auth.ts- AWS Cloudformation stack defined with AWS CDKhandler/main.go- AWS Lambda for auth service (deployed to/tokenendpoint)gensecret/main.go- utility for hashing the master passwordauthorizer/main.go- AWS Lambda for AWS API Gateway custom authorizer