Created
January 29, 2017 10:25
-
-
Save ddewaele/0933f8142878bd325ce088256028024f to your computer and use it in GitHub Desktop.
cognito authentication from nodeJS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var AWS = require('aws-sdk'); | |
| var AWSCognito = require('amazon-cognito-identity-js'); | |
| var util = require('util'); | |
| var params = { | |
| Username: '', | |
| Password: '', | |
| UserPoolId: 'us-west-2_aLI134pRo', | |
| ClientId: '3jmku5aeaqe6pdkqa5q18trjk5', | |
| IdentityPoolId: 'us-west-2:93be5994-d1aa-4e3a-b088-3ed28fa4b068', | |
| AWSRegion: 'us-west-2' | |
| } | |
| AWS.config.update({region: params.AWSRegion}); | |
| var authenticationData = { | |
| Username : params.Username, | |
| Password : params.Password | |
| }; | |
| var authenticationDetails = new AWSCognito.AuthenticationDetails(authenticationData); | |
| var poolData = { | |
| UserPoolId : params.UserPoolId, | |
| ClientId : params.ClientId | |
| }; | |
| var userPool = new AWSCognito.CognitoUserPool(poolData); | |
| var userData = { | |
| Username : params.Username, | |
| Pool : userPool | |
| }; | |
| var cognitoUser = new AWSCognito.CognitoUser(userData); | |
| cognitoUser.authenticateUser(authenticationDetails, { | |
| onSuccess: function (result) { | |
| console.log("User Authenticated !"); | |
| cognitoUserPoolLoginProvider = 'cognito-idp.' + params.AWSRegion + '.amazonaws.com/' + params.UserPoolId; | |
| var logins = {}; | |
| logins[cognitoUserPoolLoginProvider] = result.getIdToken().getJwtToken(); | |
| AWS.config.credentials = new AWS.CognitoIdentityCredentials({ | |
| IdentityPoolId : params.IdentityPoolId, // your identity pool id here | |
| Logins : logins | |
| }); | |
| AWS.config.credentials.get(function(err) { | |
| if (err) { | |
| callback(err, null); | |
| } else { | |
| var creds = { | |
| AccessKeyId: AWS.config.credentials.accessKeyId, | |
| SecretAccessKey: AWS.config.credentials.secretAccessKey, | |
| SessionToken: AWS.config.credentials.sessionToken, | |
| } | |
| } | |
| var cognitoidentityserviceprovider = new AWS.CognitoIdentityServiceProvider(); | |
| cognitoidentityserviceprovider.listUsers({UserPoolId: params.UserPoolId}, function(err, data) { | |
| if (err) { | |
| console.error("Unable to read item. Error JSON:", JSON.stringify(err, null, 2)); | |
| } else { | |
| console.log("GetItem succeeded:", JSON.stringify(data, null, 2)); | |
| } | |
| }); | |
| var dynamodb = new AWS.DynamoDB(); | |
| var docClient = new AWS.DynamoDB.DocumentClient(); | |
| var readParams = { | |
| TableName: "Movies", | |
| Key:{ | |
| "year": 2015, | |
| "title": "The Big New Movie" | |
| } | |
| }; | |
| docClient.get(readParams, function(err, data) { | |
| if (err) { | |
| console.error("Unable to read item. Error JSON:", JSON.stringify(err, null, 2)); | |
| } else { | |
| console.log("GetItem succeeded:", JSON.stringify(data, null, 2)); | |
| } | |
| }); | |
| }); | |
| }, | |
| onFailure: function(err) { | |
| console.log("Error authenticating ! Trying an API call anyway.... (will fail)"); | |
| var cognitoidentityserviceprovider = new AWS.CognitoIdentityServiceProvider(); | |
| cognitoidentityserviceprovider.listUsers({UserPoolId: params.UserPoolId}, function(err, data) { | |
| if (err) { | |
| console.log(err, err.stack); | |
| } else { | |
| console.log(data); | |
| } | |
| }); | |
| }, | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thanks for this @ddewaele, it was useful to see things laid out this way.