Reactjs 在Lambda函数中验证Cognito会话
我有一些数据存储在DynamoDB中。为了检索数据,我要求用户根据Cognito用户池进行身份验证。我已经成功地使用AWS Amplify库对用户进行了身份验证,并且Cognito在成功身份验证后返回以下JSON数据:Reactjs 在Lambda函数中验证Cognito会话,reactjs,aws-lambda,aws-cognito,Reactjs,Aws Lambda,Aws Cognito,我有一些数据存储在DynamoDB中。为了检索数据,我要求用户根据Cognito用户池进行身份验证。我已经成功地使用AWS Amplify库对用户进行了身份验证,并且Cognito在成功身份验证后返回以下JSON数据: { "username":"....", "pool":{ "userPoolId":"....", "clientId":"...", "client":{ "endpoint":"....",
{
"username":"....",
"pool":{
"userPoolId":"....",
"clientId":"...",
"client":{
"endpoint":"....",
"userAgent":"aws-amplify/0.1.x js"
},
"advancedSecurityDataCollectionFlag":true,
"storage":{
"loglevel:webpack-dev-server":"INFO"
}
},
"Session":"abcd12345", <-------------------------------------------
"client":{
"endpoint":"......",
"userAgent":"aws-amplify/0.1.x js"
},
"signInUserSession":null,
"authenticationFlowType":"USER_SRP_AUTH",
"storage":{
"loglevel:webpack-dev-server":"INFO"
},
"challengeName":"NEW_PASSWORD_REQUIRED",
"challengeParam":{
"userAttributes":{
"email_verified":"true",
"phone_number_verified":"true",
"phone_number":"...",
"email":"....."
},
"requiredAttributes":[
]
}
}
{
“用户名”:“…”,
“池”:{
“userPoolId”:“…”,
“客户ID”:“…”,
“客户”:{
“端点”:“…”,
“用户代理”:“aws放大/0.1.x js”
},
“advancedSecurityDataCollectionFlag”:true,
“存储”:{
“日志级别:网页包开发服务器”:“信息”
}
},
“Session”:“abcd12345”,也许你能找到解决这个问题的方法,那么我希望它能帮助其他人
如果我答对了你的问题,你可以用
这样做:
const AWS = require('aws-sdk');
const cisp = new AWS.CognitoIdentityServiceProvider({ apiVersion: '2016-04-18'});
exports.handler = (event, context, callback) => {
const accessToken = event.accessToken;
const cispParams = {
"AccessToken": accessToken
};
cisp.getUser(cispParams, (err, result) => {
if (err) {
console.log(err);
callback(err);
} else {
// code in this part is reached only if accessToken is valid.
// So add your code to respond to a verified user here.
}
// rest of your Lambda code.
但是默认情况下accessToken将不在那里。您必须从前端传递它
//your code to generate API Gateway url//
+ '?accessToken=' + session.getAccessToken().getJwtToken();
然后设置API网关将其传递给Lambda(可以搜索如何通过API网关将url参数传递给Lambda)。如果您能找到解决方案,那么我希望它能帮助其他人
如果我答对了你的问题,你可以用
这样做:
const AWS = require('aws-sdk');
const cisp = new AWS.CognitoIdentityServiceProvider({ apiVersion: '2016-04-18'});
exports.handler = (event, context, callback) => {
const accessToken = event.accessToken;
const cispParams = {
"AccessToken": accessToken
};
cisp.getUser(cispParams, (err, result) => {
if (err) {
console.log(err);
callback(err);
} else {
// code in this part is reached only if accessToken is valid.
// So add your code to respond to a verified user here.
}
// rest of your Lambda code.
但是默认情况下accessToken将不在那里。您必须从前端传递它
//your code to generate API Gateway url//
+ '?accessToken=' + session.getAccessToken().getJwtToken();
然后设置API网关将其传递给Lambda(可以搜索如何通过API网关将url参数传递给Lambda)