Verify the aws api gateway secret

hasankhan · ahadith · commit 93d5fcab6308 · 2020-06-13T23:57:22.000-07:00
diff --git a/.env.local.sample b/.env.local.sample
@@ -6,3 +6,5 @@ MYSQL_DATABASE=hadithdb
 
 FLASK_ENV=development
 FLASK_APP=main.py
+
+AWS_SECRET=secret
diff --git a/config.py b/config.py
@@ -4,5 +4,6 @@
 load_dotenv('.env.local')
 
 class Config(object):
+    AWS_SECRET = '{AWS_SECRET}'.format(**os.environ)
     SQLALCHEMY_TRACK_MODIFICATIONS = False
     SQLALCHEMY_DATABASE_URI = 'mysql+pymysql://{MYSQL_USER}:{MYSQL_PASSWORD}@{MYSQL_HOST}/{MYSQL_DATABASE}'.format(**os.environ)
diff --git a/main.py b/main.py
@@ -1,5 +1,5 @@
 import functools
-from flask import Flask, jsonify, request
+from flask import Flask, jsonify, request, abort
 from flask_swagger import swagger
 from sqlalchemy import func
 
@@ -29,6 +29,11 @@ def decorated_function(*args, **kwargs):
 def home():
     return "<h1>Welcome to sunnah.com API.</p>"
 
+@app.before_request
+def verify_secret():
+    if request.headers.get('x-aws-secret') != app.config['AWS_SECRET']:
+        abort(401)
+
 @app.route("/v1/spec")
 def spec():
     swag = swagger(app)
