Node.js 将cookie设置为无服务器
目标:从aws serverless设置cookie 我正在使用自定义身份验证流Node.js 将cookie设置为无服务器,node.js,cookies,aws-lambda,aws-api-gateway,Node.js,Cookies,Aws Lambda,Aws Api Gateway,目标:从aws serverless设置cookie 我正在使用自定义身份验证流 domain: mydomain.com current domain: dev.mydomain.com login api (api gateway): account-api.mydomain.com 登录Lambda 登录函数是实际调用的函数 这个lambda接收用户名和密码并创建/返回一个JWT&cookie字符串,我已经删除了不相关的逻辑 *现在,我的响应包含了一些额外的东西来帮助我调试/弄清楚如
domain: mydomain.com
current domain: dev.mydomain.com
login api (api gateway): account-api.mydomain.com
登录函数是实际调用的函数 这个lambda接收用户名和密码并创建/返回一个JWT&cookie字符串,我已经删除了不相关的逻辑 *现在,我的响应包含了一些额外的东西来帮助我调试/弄清楚如何映射——一旦成功设置了cookie,我将迁移它
...
const handler = async event => {
const jwtBody = {
email: event.email,
uuid: current_user_info.uuid.S,
zipcode: current_user_info.zipcode.S,
}
var now = new Date();
var time = now.getTime();
var expireTime = time + (milliToHour*24*10);
now.setTime(expireTime);
var jwt = jsonwebtoken.sign(jwtBody, SMCData.secret, { algorithm: SMCData.alg, expiresIn: '1hr'});
const cookieString = "token="+jwt+";expires=" + now.toUTCString() + ";secure;HttpOnly;"
return {
statusCode: 200,
payload: {
verified: current_user_info.verified.BOOL,
jwt: jwt,
cookie: cookieString
}
}
}
const login = middy(handler).use(cors({
origins:[
"https://dev.mydomain.com",
"https://account-api.mydomain.com",
"https://*.mydomain.com"
],
credentials:true
}))
post_body = {
"email": "valid_email@email.com",
"password": "correct_password"
}
response_body = {
"statusCode":200,
"payload":{
"verified":false,
"jwt":"eyJh...KAQ",
"cookie":"token=ey...KAQ;expires=Tue, 12 Nov 2019 22:10:32 GMT;secure;HttpOnly;"
}
}
*我知道我“应该”将集成响应中的映射值更改为映射模板,但我想在弄清楚如何进行更改之前让事情正常运行。在API网关中正确设置cors会有所帮助。啊
我怀疑我需要在CORS middy handler中设置一些内容
post_body = {
"email": "valid_email@email.com",
"password": "correct_password"
}
response_body = {
"statusCode":200,
"payload":{
"verified":false,
"jwt":"eyJh...KAQ",
"cookie":"token=ey...KAQ;expires=Tue, 12 Nov 2019 22:10:32 GMT;secure;HttpOnly;"
}
}