AWS Cognito js:getCurrentUser() returns 空

AWS Cognito js: getCurrentUser() returns null

使用他们 github page. I can log into my application using Cognito. What I can not do is logout because no matter what I try I can't get a hold of the user object. I've dorked around with various other calls to no avail (found here on their API page). The only other post on SO 上的示例构建一个简单的应用程序我发现不适用,因为我没有使用联合身份。我使用的代码几乎是 github 页面上的逐字记录,但为了方便起见,将 post 放在这里:

登录码:

        var userName = $('#user_name_login').val();
    var userPassword = $('#user_password_login').val();

    var userData = {Username: userName, Pool : userPool};
    var cognitoUser = new AWSCognito.CognitoIdentityServiceProvider.CognitoUser(userData);

    var authenticationData = {Username : userName, Password : userPassword};
    var authenticationDetails = new AWSCognito.CognitoIdentityServiceProvider.AuthenticationDetails(authenticationData);

    cognitoUser.authenticateUser(authenticationDetails, {
        onSuccess: function (result) {

            // now that we've gotten our identity credentials, we're going to check in with the federation so we can
            // avail ourselves of other amazon services
            //

            // critical that you do this in this manner -- see https://github.com/aws/amazon-cognito-identity-js/issues/162
            // for details
            var loginProvider = {};
            loginProvider[cognitoCredentialKey] = result.getIdToken().getJwtToken();

            AWS.config.credentials = new AWS.CognitoIdentityCredentials({                   
                IdentityPoolId: identityPoolId,
                Logins: loginProvider,
            }); 

            // //AWS.config.credentials = AWSCognito.config.credentials;
            // AWSCognito.config.credentials = AWS.config.credentials;

            // //call refresh method in order to authenticate user and get new temp credentials
            // AWS.config.credentials.refresh((error) => {
            //     if (error) {
            //         alert(error);
            //     } else {
            //         console.log('Successfully logged in!');
            //     }
            // });

            // this is the landing page once a user completes the authentication process. we're getting a
            // temporary URL that is associated with the credentials we've created so we can access the
            // restricted area of the s3 bucket (where the website is, bruah).
            var s3 = new AWS.S3();
            var params = {Bucket: '********.com', Key: 'restricted/pages/user_logged_in_test.html'};
            s3.getSignedUrl('getObject', params, function (err, url) {
                if (err) { 
                    alert(err); 
                    console.log(err);

                }
                else {
                    console.log("The URL is", url);
                    window.location = url;
                }

            });

        },

        mfaRequired: function(session){
            new MFAConfirmation(cognitoUser, 'login');
        },

        onFailure: function(err) {
            alert("err: " + err);
        },

    });

我正在尝试通过执行注销:

userPool.getCurrentUser().signOut();

注意 userPool 等是在另一个文件中定义的,因此被初始化:

    var poolData = {
    UserPoolId : '*****', 
    ClientId : '*****' 
};

var userPool = new AWSCognito.CognitoIdentityServiceProvider.CognitoUserPool(poolData);

那么如何让我的用户退出应用程序?

关闭此问题,如此处所述,原来是一个转移注意力的问题。如果你正在做我在上面尝试做的事情,使用 cognito 生成一个带符号的 url 来访问位于存储桶中受限 'folder' 中的 html 文件,并且你想成为能够从新的 window 位置注销,请确保已签名的 url 与您的登录页面属于同一域。

例如,如果您登陆 foo.com,因为您设置了 A 或 CNAME DNS 记录,这样您的用户就不必访问愚蠢的云端或生成的 s3 url 为了访问您的网站,您需要确保还生成具有相同域名的已签名 URL。否则您将无法访问存储桶。此外 - 您将无法访问您的用户对象,因为会话对象键控到与您当前所在的域名不同的域名。

有关如何指定已签名 url 的域的信息,请参阅 this

另请注意,如果您使用第三方域名注册商,可能会遇到很多麻烦。因为那个,我刚刚燃烧了两个星期来解开自己:-/