Saving some info as a session in API Gateway or lambda

Question

I am going to design a single sign on website and in one component of my project I am using API Gateway. API Gateway is responsible to direct the to the appropriate services based on the user status so if the user is valid(the token sent from user is not expired) the related service for getting what he is requesting will be serve and if the token sent from the UI is expired then he will be sent to authorization service first. So as you noticed I need to save the tokens and their expiration dates somewhere in API gateway. Is there anyway I can achieve this via API Gateway? if not can I use lambda function to achieve this?

Answer 1

You might be able to accomplish this with an API Gateway custom authorizer.

Walk Through of Using Custom Authorizers in API Gateway Documentation

Blog Post Introducing Customer Authorizers

Answer 2

• API Gateway and Lambda are stateless services.
• You need to make use of some other persistent storage on AWS like DynamoDB or RDS or Elasticache and call it from the Lambda function in order to implement the desired functionality.

You may also want to take a look at API Gateway Custom Authorizers on how to implement this functionality on API Gateway, using a lambda function.

I would implement a DynamoDB table and set the TTL expiry as the token expiration. That way you don't have to manage the deletion of the records. You can enhance your authentication system to add the token entry to this table.