[英]When using Amazon API Gateway, how do I get the API key used in the request from a Django backend?
Pretty self explanatory title.相当不言自明的标题。 I'm using API Gateway in AWS, requiring an API key to access a backend written in Django (not using lambda).
我在 AWS 中使用 API Gateway,需要一个 API 密钥来访问用 Django 编写的后端(不使用 lambda)。 I need to know how to access the API key used in the request to keep track of who did what at the app level.
我需要知道如何访问请求中使用的 API 密钥以跟踪谁在应用程序级别做了什么。
You can use mapping templates and get the API Key from the $context variable, it's the apiKey property inside the identity object: http://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference您可以使用映射模板并从 $context 变量中获取 API 密钥,它是身份对象内的 apiKey 属性: http ://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template -reference.html#context-variable-reference
Create a mapping template for your requests and include the property in it.为您的请求创建一个映射模板并在其中包含该属性。 For example, if you wanted to include the entire request body + the API Key you would do this:
例如,如果您想包含整个请求正文 + API 密钥,您可以这样做:
{
"body": $input.json('$'),
"apiKey": "$context.identity.apiKey"
}
Depending on how your backend application is built, you could send the API key to your application in a HTTP parameter (path, query string, or header) or in the request body.根据您的后端应用程序的构建方式,您可以在 HTTP 参数(路径、查询字符串或标头)或请求正文中将 API 密钥发送到您的应用程序。 Please have a read through the docs on how to move data between the two systems.
请通读有关如何在两个系统之间移动数据的文档。
Thanks, Ryan谢谢,瑞安
Here is how I finally made it work.这是我最终使它工作的方式。 At the top or bottom of the template, include this line.
在模板的顶部或底部,包含此行。
#set($context.requestOverride.header.x-api-key = $context.identity.apiKey)
When your backend receives this request, the api key will be in the header x-api-key
.当您的后端收到此请求时,api 密钥将位于标头
x-api-key
。
Here is a basic mapping template that just forwards the (json) body and the header.这是一个基本的映射模板,它只转发 (json) 正文和标题。
$input.json("$")
#set($context.requestOverride.header.x-api-key = $context.identity.apiKey)
API Gateway uses the X-API-Key header, so I like for my backend to also use that. API Gateway 使用 X-API-Key 标头,所以我希望我的后端也使用它。 That way I can use the same testing commands with only the URL being different.
这样我就可以使用相同的测试命令,只是 URL 不同。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.