yai333 · June 27, 2021 05:59
diff --git a/login.js b/login.js
 'use strict';
 const AWS = require('aws-sdk');
 const dynamo = new AWS.DynamoDB();
 const dynamoClient = new AWS.DynamoDB.DocumentClient();
 const cognitoidentity = new AWS.CognitoIdentity();
 const crypto = require('crypto');
 const Web3 = require('web3');


 const headers = {
  'Access-Control-Allow-Origin': '*',
  'Access-Control-Allow-Credentials': true,
 };
 module.exports.handler = async (event) => {
  const requestBody = JSON.parse(event.body);
  const { address, signature } = requestBody;
  const { Items: nonces } = await getNonce(address);

  if (nonces && nonces.length > 0) {
    const { nonce } = AWS.DynamoDB.Converter.unmarshall(nonces[0]);
    const sigValidated = await validateSig(address, signature, nonce);
    if (sigValidated) {
      const { IdentityId: identityId, Token: token } = await getIdToken(
        address
      );

      console.log('identityId', identityId);
      console.log('token', token);

      const { Credentials: credentials } = await getCredentials(
        identityId,
        token
      );

      console.log('credentials', credentials);

      //change nonce at final step
      await updateNonce(address);

      return {
        headers,
        statusCode: 200,
        body: JSON.stringify(credentials),
      };
    }
  }
  return {
    headers,
    statusCode: 401,
    body: JSON.stringify({
      login: false,
    }),
  };
 };

 const updateNonce = (address) => {
  const nonce = crypto.randomBytes(16).toString('hex');
  const params = {
    TableName: process.env.USERTABLE_NAME,
    Key: {
      address,
    },
    UpdateExpression: 'set nonce = :n',
    ExpressionAttributeValues: {
      ':n': nonce,
    },
    ReturnValues: 'ALL_NEW',
  };
  return dynamoClient.update(params).promise();
 };

 const validateSig = async (address, signature, nonce) => {
  const message = `Welcome message, nonce: ${nonce}`;
  const hash = web3.utils.sha3(message);
  const signing_address = await web3.eth.accounts.recover(hash, signature);
  return signing_address.toLowerCase() === address.toLowerCase();
 };

 const getIdToken = (address) => {
  const param = {
    IdentityPoolId: process.env.IDENTITY_POOL_ID,
    Logins: {},
  };
  param.Logins[process.env.DEVELOPER_PROVIDER_NAME] = address;
  return cognitoidentity.getOpenIdTokenForDeveloperIdentity(param).promise();
 };

 const getCredentials = (identityId, cognitoOpenIdToken) => {
  const params = {
    IdentityId: identityId,
    Logins: {},
  };
  params.Logins['cognito-identity.amazonaws.com'] = cognitoOpenIdToken;
  return cognitoidentity.getCredentialsForIdentity(params).promise();
 };
	'use strict';
	const AWS = require('aws-sdk');
	const dynamo = new AWS.DynamoDB();
	const dynamoClient = new AWS.DynamoDB.DocumentClient();
	const cognitoidentity = new AWS.CognitoIdentity();
	const crypto = require('crypto');
	const Web3 = require('web3');


	const headers = {
	'Access-Control-Allow-Origin': '*',
	'Access-Control-Allow-Credentials': true,
	};
	module.exports.handler = async (event) => {
	const requestBody = JSON.parse(event.body);
	const { address, signature } = requestBody;
	const { Items: nonces } = await getNonce(address);

	if (nonces && nonces.length > 0) {
	const { nonce } = AWS.DynamoDB.Converter.unmarshall(nonces[0]);
	const sigValidated = await validateSig(address, signature, nonce);
	if (sigValidated) {
	const { IdentityId: identityId, Token: token } = await getIdToken(
	address
	);

	console.log('identityId', identityId);
	console.log('token', token);

	const { Credentials: credentials } = await getCredentials(
	identityId,
	token
	);

	console.log('credentials', credentials);

	//change nonce at final step
	await updateNonce(address);

	return {
	headers,
	statusCode: 200,
	body: JSON.stringify(credentials),
	};
	}
	}
	return {
	headers,
	statusCode: 401,
	body: JSON.stringify({
	login: false,
	}),
	};
	};

	const updateNonce = (address) => {
	const nonce = crypto.randomBytes(16).toString('hex');
	const params = {
	TableName: process.env.USERTABLE_NAME,
	Key: {
	address,
	},
	UpdateExpression: 'set nonce = :n',
	ExpressionAttributeValues: {
	':n': nonce,
	},
	ReturnValues: 'ALL_NEW',
	};
	return dynamoClient.update(params).promise();
	};

	const validateSig = async (address, signature, nonce) => {
	const message = `Welcome message, nonce: ${nonce}`;
	const hash = web3.utils.sha3(message);
	const signing_address = await web3.eth.accounts.recover(hash, signature);
	return signing_address.toLowerCase() === address.toLowerCase();
	};

	const getIdToken = (address) => {
	const param = {
	IdentityPoolId: process.env.IDENTITY_POOL_ID,
	Logins: {},
	};
	param.Logins[process.env.DEVELOPER_PROVIDER_NAME] = address;
	return cognitoidentity.getOpenIdTokenForDeveloperIdentity(param).promise();
	};

	const getCredentials = (identityId, cognitoOpenIdToken) => {
	const params = {
	IdentityId: identityId,
	Logins: {},
	};
	params.Logins['cognito-identity.amazonaws.com'] = cognitoOpenIdToken;
	return cognitoidentity.getCredentialsForIdentity(params).promise();
	};
No results found