Class: Otto::RouteHandlers::LambdaHandler

Inherits:
BaseHandler
  • Object
show all
Defined in:
lib/otto/route_handlers.rb

Overview

Custom handler for lambda/proc definitions (future extension)

Instance Attribute Summary

Attributes inherited from BaseHandler

#otto_instance, #route_definition

Instance Method Summary collapse

Methods inherited from BaseHandler

#initialize

Constructor Details

This class inherits a constructor from Otto::RouteHandlers::BaseHandler

Instance Method Details

#call(env, extra_params = {}) ⇒ Object 



335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
 
# File 'lib/otto/route_handlers.rb', line 335

def call(env, extra_params = {})
  req = Rack::Request.new(env)
  res = Rack::Response.new

  begin
    # Security: Lambda handlers require pre-configured procs from Otto instance
    # This prevents code injection via eval and maintains security
    handler_name = route_definition.klass_name
    lambda_registry = otto_instance&.config&.dig(:lambda_handlers) || {}

    lambda_proc = lambda_registry[handler_name]
    unless lambda_proc.respond_to?(:call)
      raise ArgumentError, "Lambda handler '#{handler_name}' not found in registry or not callable"
    end

    result = lambda_proc.call(req, res, extra_params)

    handle_response(result, res, {
      lambda: lambda_proc,
      request: req
    })

  rescue => e
    error_id = SecureRandom.hex(8)
    Otto.logger.error "[#{error_id}] #{e.class}: #{e.message}"
    Otto.logger.debug "[#{error_id}] Backtrace: #{e.backtrace.join("\n")}" if Otto.debug

    res.status = 500
    res.headers['content-type'] = 'text/plain'

    if Otto.env?(:dev, :development)
      res.write "Lambda handler error (ID: #{error_id}). Check logs for details."
    else
      res.write "An error occurred. Please try again later."
    end

    # Add security headers if available
    if otto_instance&.respond_to?(:security_config) && otto_instance.security_config
      otto_instance.security_config.security_headers.each do |header, value|
        res.headers[header] = value
      end
    end
  end

  res.finish
end