· 6 years ago · Dec 01, 2019, 12:36 AM
1'use strict';
2
3const https = require('https');
4
5exports.handler = (event, context, callback) => {
6 // API Key
7 const api_key = "RGAPI-XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX";
8
9 // We need to validate the region so the request isn't hijacked
10 // An example of a hijacked request:
11 // "www.hijacker.com/.api.riotgames.com/lol/champion-mastery/v4/champion-masteries/by-summoner/"
12 const region = event['pathParameters']['region'];
13 const validRegions = ["br1", "eun1", "euw1", "jp1", "kr", "la1", "la2", "na1", "oc1", "ru", "tr1"];
14 if (validRegions.indexOf(region) < 0) {
15 callback(null, {"statusCode": 400});
16 }
17
18 // Set the options for the https request
19 const options = {
20 hostname: region + ".api.riotgames.com",
21 port: 443,
22 path: "/lol/champion-mastery/v4/champion-masteries/by-summoner" + "/" + event['pathParameters']['id'] + "?api_key=" + api_key,
23 method: "GET"
24 };
25
26 // Make the https request
27 const req = https.request(options, (res) => {
28 let body = '';
29 res.setEncoding('utf8');
30 res.on('data', (chunk) => body += chunk);
31 res.on('end', () => {
32 let response = {
33 "statusCode": res.statusCode,
34 "headers": {
35 "Access-Control-Allow-Origin": "*",
36 "Access-Control-Allow-Headers": "Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token",
37 "Access-Control-Allow-Credentials": true,
38 "Content-Type": "application/json"
39 },
40 "body": body
41 }
42 callback(null, response);
43 });
44 });
45 req.on('error', callback);
46 req.end();
47};