@awsless/awsless 0.0.535 → 0.0.536

package/dist/bin.js

@@ -1564,6 +1564,10 @@ var SitesSchema = z32.record(
       origins: z32.string().array().default(["*"]),
       methods: z32.enum(["GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "POST", "PUT", "ALL"]).array().default(["ALL"])
     }).optional().describe("Specify the cors headers."),
+    auth: z32.object({
+      username: z32.string().describe("Basic auth username"),
+      password: z32.string().describe("Basic auth password")
+    }).optional().describe("Enable basic authentication for the site"),
     security: z32.object({
       // contentSecurityPolicy: z.object({
       // 	override: z.boolean().default(false),
@@ -4736,13 +4740,16 @@ var getCacheControl = (file) => {
 var getContentType = (file) => {
   return contentType(extname2(file)) || "text/html; charset=utf-8";
 };
-var getViewerRequestFunctionCode = (domain2, bucket, functionUrl) => {
+var getViewerRequestFunctionCode = (domain2, bucket, functionUrl, basicAuth) => {
   return $resolve([bucket?.bucketRegionalDomainName, functionUrl?.functionUrl], (bucketDomain, lambdaUrl) => {
     return CF_FUNC_WRAP([
       // --------------------------------------------------------
       // Block direct access to cloudfront.
       domain2 ? BLOCK_DIRECT_ACCESS_TO_CLOUDFRONT : "",
       // --------------------------------------------------------
+      // Basic Authentication
+      basicAuth ? BASIC_AUTH_CHECK(basicAuth.username, basicAuth.password) : "",
+      // --------------------------------------------------------
       // Define functions.
       bucketDomain ? GET_PREFIXES : "",
       bucketDomain ? SET_S3_ORIGIN : "",
@@ -4775,6 +4782,18 @@ if (event.request.headers.host.value.includes('cloudfront.net')) {
 		statusDescription: 'Forbidden'
 	};
 }`;
+var BASIC_AUTH_CHECK = (username, password) => `
+var auth = event.request.headers.authorization && event.request.headers.authorization.value;
+if (!auth || !auth.startsWith('Basic ') || atob(auth.slice(6)) !== '${username}:${password}') {
+	return {
+		statusCode: 401,
+		headers: {
+			'www-authenticate': {
+				value: 'Basic realm="Protected"'
+			}
+		}
+	};
+}`;
 var SET_S3_ORIGIN = `
 function setS3Origin(s3Domain) {
 	const origin = {
@@ -4787,8 +4806,8 @@ function setS3Origin(s3Domain) {
 		}
 	};
 
-	console.log("s3 origin")
-	console.log(origin)
+	// console.log("s3 origin")
+	// console.log(origin)
 	cf.updateRequestOrigin(origin);
 }`;
 var SET_LAMBDA_ORIGIN = `
@@ -5089,7 +5108,7 @@ var siteFeature = defineFeature({
         runtime: `cloudfront-js-2.0`,
         comment: `Viewer Request - ${name}`,
         publish: true,
-        code: getViewerRequestFunctionCode(domainName, bucket, functionUrl),
+        code: getViewerRequestFunctionCode(domainName, bucket, functionUrl, props.auth),
         keyValueStoreAssociations: kvs ? [kvs.arn] : void 0
       });
       const distribution = new $15.aws.cloudfront.Distribution(group, "distribution", {

package/dist/build-json-schema.js

@@ -959,6 +959,10 @@ var SitesSchema = z29.record(
       origins: z29.string().array().default(["*"]),
       methods: z29.enum(["GET", "DELETE", "HEAD", "OPTIONS", "PATCH", "POST", "PUT", "ALL"]).array().default(["ALL"])
     }).optional().describe("Specify the cors headers."),
+    auth: z29.object({
+      username: z29.string().describe("Basic auth username"),
+      password: z29.string().describe("Basic auth password")
+    }).optional().describe("Enable basic authentication for the site"),
     security: z29.object({
       // contentSecurityPolicy: z.object({
       // 	override: z.boolean().default(false),

package/dist/prebuild/rpc/HASH

@@ -1 +1 @@
-067ac22da538619c808461cfb4c14803a7a8917d
+8446d078f922ef61f32bfa9a1e660975640f784c