Using Vandium with AWS SAM CLI

[skylerrichter]

What are the best practices for using Vandium with AWS SAM CLI?

Everything works great when I am using CLI events and Postman to test my endpoints, however when I try to consume endpoints via my client application CORS does not seem to be enabled.

I have added this to my handler:

.cors({
  allowOrigin: 'http://localhost:8080',
  allowCredentials: true
})

And I have this in my SAM template:

Api:
  Cors:
    AllowMethods: "'*'"
    AllowHeaders: "'*'"
    AllowOrigin: "'*'"

However Vandium does not respond to the pre flight OPTION request, and does not seem to have a method for defining OPTION routes.

I had to make a vanilla lambda to respond to OPTION requests:

exports.handler = function (event, context, callback) {
  callback(null, {
    'statusCode': 200,
    'headers': {
      'Access-Control-Allow-Origin': 'http://localhost:8080',
      'Access-Control-Allow-Headers': 'Content-Type',
    },
  });
}

What is the right way of dealing with this?

[richardhyatt]

There's an issue that has been raised with the SAM project - not sure if that might help. I would caution against having the lambda code handle the OPTIONS request. Typically it's handled with an API Gateway Mock request

[lolJS]

@richardhyatt it seems the doc has been updated to state that if using lambda proxy you must handle your own options request: For a Lambda proxy integration or HTTP proxy integration, you can still set up the required OPTIONS response headers in API Gateway. However, your backend is responsible for returning the Access-Control-Allow-Origin and Access-Control-Allow-Headers headers, because a proxy integration doesn't return an integration response.

[richardhyatt]

The 5.x and 6.0 versions changed how response headers are handled. Is this issue still valid?