import boto3 import os import requests from base64 import b64decode from botocore.exceptions import ClientError dynamodb = boto3.resource('dynamodb', region_name='us-west-2') ENCRYPTED = os.environ['RECAPTCHA_SECRET'] # Decrypt code should run once and variables stored outside of the function # handler so that these are decrypted once per container RECAPTCHA_SECRET = boto3.client('kms').decrypt(CiphertextBlob=b64decode(ENCRYPTED))['Plaintext'] def lambda_handler(event, context): table = dynamodb.Table('urlshorten') if 'from' in event and 'to' in event: captcha_data = { 'secret': RECAPTCHA_SECRET, 'response': event['g-recaptcha-response'], 'remoteip': event['remoteip'] } verify = requests.get('https://www.google.com/recaptcha/api/siteverify', params=captcha_data) if not (verify.status_code == 200 and verify.json()['success']): return { 'status': 'error', 'error': verify.json() } ssl = event['to'][:5].lower() == 'https' url = ('https://' if ssl else 'http://') + event['to'].split('://')[-1] try: table.put_item( Item={ 'key': event['from'], 'value': url }, ConditionExpression='attribute_not_exists(#key)', ExpressionAttributeNames={ '#key': 'key' } ) except ClientError as e: return { 'status': 'error', 'error': e.response['Error'] } except KeyError: return { 'status': 'error', 'error': 'Invalid Request', 'location': '/' } else: return { 'status': 'ok' } try: response = table.get_item(Key={ 'key': event['shortUrl'] }) location = response['Item']['value'] except ClientError as e: return e.response['Error'] except KeyError: return { 'location': '/' } else: return { 'location': response['Item']['value'] }