Cognito 通过 AWS lambda 函数授权用户
Cognito authorizing a user through AWS lambda function
我使用 AWS Cognito,需要通过 lambda 函数授权用户。我在网上看过示例,当我尝试应用它们时,Cognito 身份验证不会 运行 并且以某种方式被跳过:
const AWS = require('aws-sdk');
const AmazonCognitoIdentity = require('amazon-cognito-identity-js');
global.fetch = require("node-fetch");
const CognitoUserPool = AmazonCognitoIdentity.CognitoUserPool;
var AuthenticationDetails = AmazonCognitoIdentity.AuthenticationDetails;
var CognitoUser = AmazonCognitoIdentity.CognitoUser;
var USER_POOL_ID = 'my_pool_id';
var CLIENT_ID = 'my_client_id';
var idToken = '';
exports.handler = async (event, callback) => {
var email = event['username'];
var password = event['password'];
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails({
Username: email,
Password: password
});
const poolData = {
UserPoolId: USER_POOL_ID,
ClientId: CLIENT_ID
};
const userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
Username: email,
Pool: userPool
}
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: (result) => {
var accessToken = result.getAccessToken().getJwtToken();
console.log(result);
console.log(accessToken);
idToken = result.idToken.jwtToken;
console.log(idToken);
callback(null, accessToken);
},
onFailure: (err) => {
console.log(err);
idToken = err;
callback(err);
},
});
console.log("cognitoUser after: ", cognitoUser);
};
我可以看到日志中打印的最后一个 console.log,但是 lambda 似乎没有等待 cognitoUser.authenticateUser 的请求解析,因为 console.log 的 none ]s 在 onSuccess 或 onFailure 中得到打印。
这里有几个选项
从 exports.handler = async (event, callback) 中删除 async。
保持异步并将 authenticateUser 包装为 Promise 并使用 await
const res = await new Promise((resolve, reject) => {
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: (result) => {
var accessToken = result.getAccessToken().getJwtToken();
console.log(result);
console.log(accessToken);
idToken = result.idToken.jwtToken;
console.log(idToken);
resolve(accessToken);
},
onFailure: (err) => {
console.log(err);
idToken = err;
reject(err);
},
});
}
注:代码尚未测试。
我使用 AWS Cognito,需要通过 lambda 函数授权用户。我在网上看过示例,当我尝试应用它们时,Cognito 身份验证不会 运行 并且以某种方式被跳过:
const AWS = require('aws-sdk');
const AmazonCognitoIdentity = require('amazon-cognito-identity-js');
global.fetch = require("node-fetch");
const CognitoUserPool = AmazonCognitoIdentity.CognitoUserPool;
var AuthenticationDetails = AmazonCognitoIdentity.AuthenticationDetails;
var CognitoUser = AmazonCognitoIdentity.CognitoUser;
var USER_POOL_ID = 'my_pool_id';
var CLIENT_ID = 'my_client_id';
var idToken = '';
exports.handler = async (event, callback) => {
var email = event['username'];
var password = event['password'];
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails({
Username: email,
Password: password
});
const poolData = {
UserPoolId: USER_POOL_ID,
ClientId: CLIENT_ID
};
const userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
Username: email,
Pool: userPool
}
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
onSuccess: (result) => {
var accessToken = result.getAccessToken().getJwtToken();
console.log(result);
console.log(accessToken);
idToken = result.idToken.jwtToken;
console.log(idToken);
callback(null, accessToken);
},
onFailure: (err) => {
console.log(err);
idToken = err;
callback(err);
},
});
console.log("cognitoUser after: ", cognitoUser);
};
我可以看到日志中打印的最后一个 console.log,但是 lambda 似乎没有等待 cognitoUser.authenticateUser 的请求解析,因为 console.log 的 none ]s 在 onSuccess 或 onFailure 中得到打印。
这里有几个选项
从
exports.handler = async (event, callback)中删除async。保持异步并将
authenticateUser包装为Promise并使用awaitconst res = await new Promise((resolve, reject) => { cognitoUser.authenticateUser(authenticationDetails, { onSuccess: (result) => { var accessToken = result.getAccessToken().getJwtToken(); console.log(result); console.log(accessToken); idToken = result.idToken.jwtToken; console.log(idToken); resolve(accessToken); }, onFailure: (err) => { console.log(err); idToken = err; reject(err); }, }); }
注:代码尚未测试。