Aws lambda 使用Cognito for auth从AWS Amplify中的Lambda函数查询和变异GraphQL
我通过Aws lambda 使用Cognito for auth从AWS Amplify中的Lambda函数查询和变异GraphQL,aws-lambda,aws-amplify,aws-amplify-cli,Aws Lambda,Aws Amplify,Aws Amplify Cli,我通过放大api add命令创建了一个graphqlapi,并在下面添加了模式。我用cognito来表示auth type User @model @auth(rules: [{ allow: owner }]) { id: ID! videos: [Video!] @connection(keyName: "videosByUser", fields: ["id"]) adverts: [Advert] @connection(keyName:"advertsByUser",
放大api add
命令创建了一个graphqlapi,并在下面添加了模式。我用cognito来表示auth
type User @model
@auth(rules: [{ allow: owner }]) {
id: ID!
videos: [Video!] @connection(keyName: "videosByUser", fields: ["id"])
adverts: [Advert] @connection(keyName:"advertsByUser", fields: ["id"])
}
type Video @model
@key(name: "videosByUser", fields: ["userId"])
@auth(rules: [{ allow: owner, operations: [create, update, delete] }]) {
id: ID!
title: String!
description: String!
size: Float!
length: Float!
hashMarks: [Float!]!
userId: ID!
# bidrectional connection, if needed
# user: User! @connection(fields: ["userId"])
adverts: [VideoAdverts!] @connection(keyName: "advertsByVideo", fields: ["id"])
streamingLink: AWSURL
}
type VideoAdverts @model(queries: null)
@key(name: "advertsByVideo", fields: ["videoId", "advertId"])
@key(name: "videosByAdvert", fields: ["advertId", "videoId"]) {
id: ID!
videoId: ID!
advertId: ID!
video: Video! @connection(fields: ["videoId"])
advert: Advert! @connection(fields: ["advertId"])
}
type Advert @model
@key(name: "advertsByUser", fields: ["userId"])
@auth(rules: [{ allow: owner, operations: [create, update, delete] }]) {
id: ID!
title: String!
description: String!
size: Float!
length: Float!
creatorId: ID!
# bidrectional connection, if needed
# creator: Creator! @connection(fields: ["creatorId"])
videos: [VideoAdverts!] @connection(keyName: "videosByAdvert", fields: ["id"])
blacklist: [AdvertBlacklist!] @connection(keyName: "blacklistByAdvert", fields: ["id"])
startDate: AWSDateTime
endDate: AWSDateTime
}
这是我的第一个amplify项目,我很难弄清楚如何实现以下用例:
放大存储添加
命令添加的数据进行交互
我在这里找到的关于Stackoverflow的其他几个示例没有将cognito用于auth
type User @model
@auth(rules: [{ allow: owner }]) {
id: ID!
videos: [Video!] @connection(keyName: "videosByUser", fields: ["id"])
adverts: [Advert] @connection(keyName:"advertsByUser", fields: ["id"])
}
type Video @model
@key(name: "videosByUser", fields: ["userId"])
@auth(rules: [{ allow: owner, operations: [create, update, delete] }]) {
id: ID!
title: String!
description: String!
size: Float!
length: Float!
hashMarks: [Float!]!
userId: ID!
# bidrectional connection, if needed
# user: User! @connection(fields: ["userId"])
adverts: [VideoAdverts!] @connection(keyName: "advertsByVideo", fields: ["id"])
streamingLink: AWSURL
}
type VideoAdverts @model(queries: null)
@key(name: "advertsByVideo", fields: ["videoId", "advertId"])
@key(name: "videosByAdvert", fields: ["advertId", "videoId"]) {
id: ID!
videoId: ID!
advertId: ID!
video: Video! @connection(fields: ["videoId"])
advert: Advert! @connection(fields: ["advertId"])
}
type Advert @model
@key(name: "advertsByUser", fields: ["userId"])
@auth(rules: [{ allow: owner, operations: [create, update, delete] }]) {
id: ID!
title: String!
description: String!
size: Float!
length: Float!
creatorId: ID!
# bidrectional connection, if needed
# creator: Creator! @connection(fields: ["creatorId"])
videos: [VideoAdverts!] @connection(keyName: "videosByAdvert", fields: ["id"])
blacklist: [AdvertBlacklist!] @connection(keyName: "blacklistByAdvert", fields: ["id"])
startDate: AWSDateTime
endDate: AWSDateTime
}
看起来我将能够使用cloudwatch触发lambda,所以我现在的主要问题是如何从lambda中查询和修改GraphQLAPI,使用cognito进行身份验证。
任何帮助都会非常有用,谢谢:)验证Lambda函数以与AppSync API交互的关键是配置多个验证方法。您正在为前端应用程序用户使用Cognito,但是,您不希望将其用于Lambda函数身份验证。AppSync支持API的多种身份验证机制。在您的情况下,您需要添加IAM作为第二个身份验证机制 您可以从Amplify CLI执行此操作:
$ amplify update api
Scanning for plugins...
Plugin scan successful
? Please select from one of the below mentioned services: GraphQL
? Choose the default authorization type for the API Amazon Cognito User Pool
Use a Cognito user pool configured as a part of this project.
? Do you want to configure advanced settings for the GraphQL API Yes, I want
to make some additional changes.
? Configure additional auth types? Yes
? Choose the additional authorization types you want to configure for the API IAM
使用
amplify add function
定义lambda和@function
作为解析程序使用。@Alex成功了,但不知道如何进行身份验证和查询查看此查询和变异,