GithubHelp home page GithubHelp logo

bsdkurt / aws-node-custom-user-pool Goto Github PK

View Code? Open in Web Editor NEW
16.0 2.0 15.0 9 KB

Serverless AWS Cognito Custom User Pool Example

License: MIT License

JavaScript 100.00%
serverless aws cognito-user-pool javascript lambda cloudformation

aws-node-custom-user-pool's Introduction

Serverless AWS Cognito Custom User Pool Example

This example demonstrates how to create an AWS Cognito custom user pool.

serverless License: MIT

Use-cases

As of October 2017 AWS Cloud Formation does not directly support creating Cognito user pools with UsernameAttributes or VerificationMessageTemplate. The UsernameAttributes setting may not be changed after creation. In order to create a user pool with the UsernameAttributes set, a custom resource type must be used which calls a lambda that uses the AWS api to create the pool for you. When AWS fixes these issues this will become obsolete, however it still serves as an example of how to implement a custom resource type backed by a lambda.

Prerequisites

You will need serverless and aws-cli installed and configured.

How to Install

serverless install -u https://github.com/bsdkurt/aws-node-custom-user-pool
cd aws-node-custom-user-pool
serverless deploy

How to Test

The service includes a lambda that is configured to run as a post confirmation trigger when a new user is confirmed by Cognito. To test everything is working as expected create and confirm a user in Cognito via the aws-cli. First you will need the User Pool Id and the Pool App Client Id.

export UserPoolId=$(aws cloudformation describe-stacks --stack-name custom-user-pool-dev | grep -A 1 UserPoolId | tail -1 | cut -d'"' -f 4)
export UserPoolClientId=$(aws cloudformation describe-stacks --stack-name custom-user-pool-dev | grep -A 1 UserPoolClientId | tail -1 | cut -d'"' -f 4)

Then create and confirm a user. Note, please change the email address below to your email address.

aws cognito-idp sign-up --region us-east-2 --client-id ${UserPoolClientId} --username [email protected] --password Passw0rd! --user-attributes Name="name",Value="Your Name"
aws cognito-idp admin-confirm-sign-up --region us-east-2  --user-pool-id ${UserPoolId} --username [email protected]

The postConfirmation lambda will have executed when the user was confirmed. To verify it executed go to the AWS web console and navigate to the CloudWatch Logs for the lambda at /aws/lambda/custom-user-pool-dev-postConfirmation. There should be a log message similar to:

2017-09-28T13:29:18.504Z ExaMple0-a451-11e7-91f3-edc45b79707c User confirmed: User-Pool us-east-2_ExaMple00, UserId: ExAmplE0-53a5-45df-b480-96b1bb6b0b51

How to Remove

serverless remove

aws-node-custom-user-pool's People

Contributors

bsdkurt avatar p-jackson avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

jonsaw p-jackson hzwildcat lingxiao-ma geraldinee valleria05 hmphu fortuner6023 yuu-sakai youngmikee alimovakatrin diegofleitas testingiacwithnewaccount riseansmal lennon-mawele

aws-node-custom-user-pool's Issues

Question: How you get the Service token value?

Hi,

First of all, great repo thanks!
I finished this tutorial https://serverless-stack.com/ and I wanted to see how to implement the same but using 100% Infra as Code. For this your solution to create user pools in Cognito is great.

However, there is a piece of the code that I cannot understand yet. In the custom cloudformation resource CognitoUserPoolUserPool.
From where you are getting the name of the CloudFormationCustomUserPoolLambdaFunction ??

I mean, by default the lambda responsible for the creation of the UserPool will be called custom-user-pool-dev-cloudFormationCustomUserPool not CloudFormationCustomUserPoolLambdaFunction.
I cannot find to what this CloudFormationCustomUserPoolLambdaFunction name is pointing to.

Finally, I know this is more related with CloudFormation rather than your repo, so sorry in advance ๐Ÿ˜†

Regards,
Mictian

Add Identitypool

I got the custom user pool working for me, the only issue I'm encountering is that I want to add a Identitypool like so

CognitoUserPoolUserPool:
      Type: "Custom::UserPool"
      Version: "1.0"
      DependsOn: CloudFormationCustomUserPoolLambdaFunction
      Properties:
        ServiceToken:
          Fn::GetAtt: [ "CloudFormationCustomUserPoolLambdaFunction", "Arn" ]
        Region:
          Ref: AWS::Region
        AccountId:
          Ref: AWS::AccountId
        PoolProperties:
          PoolName: ${self:provider.stage}-UserPool
          MfaConfiguration: OFF
          VerificationMessageTemplate:
            DefaultEmailOption: "CONFIRM_WITH_CODE"
          AdminCreateUserConfig:
            UnusedAccountValidityDays: 7
            AllowAdminCreateUserOnly: false
          AutoVerifiedAttributes:
            - email
          Policies:
            PasswordPolicy:
              RequireLowercase: true
              RequireSymbols: true
              RequireNumbers: true
              MinimumLength: 8
              RequireUppercase: true
          UsernameAttributes:
            - email
          Schema:
            - Name: name
              AttributeDataType: String
              Mutable: true
              Required: true
            - Name: email
              AttributeDataType: String
              Mutable: false
              Required: true

# Creates a User Pool Client to be used by the identity pool
CognitoUserPoolClientUserPoolClient:
  Type: "AWS::Cognito::UserPoolClient"
  Properties:
    ClientName: ${self:provider.stage}-UserPoolClient
    UserPoolId:
      Ref: CognitoUserPoolUserPool

# Creates a federeated Identity pool
IdentityPool:
  Type: "AWS::Cognito::IdentityPool"
  Properties:
    IdentityPoolName: xIdentity
    AllowUnauthenticatedIdentities: true
    CognitoIdentityProviders:
      - ClientId:
          Ref: CognitoUserPoolClientUserPoolClient
      - ProviderName:
          Fn::GetAtt: [CognitoUserPoolUserPool, ProviderName]
    SupportedLoginProviders:
      'graph.facebook.com': "xxxxxxxxxx"
      'accounts.google.com': "xxxxxxxxxx" # 123456789012.apps.googleusercontent.com`

The only problem is that I get this error message:

An error occurred: IdentityPool - CustomResource attribute error: Vendor response doesn't contain ProviderName key in object

The problem is that the custom userpool doesn't give back a ProvderName, any idea on how to make this work?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.