问题描述
我使用AWS Cognito,并且需要通过lambda函数授权用户。我在网上看到了示例,当我尝试应用它们时,Cognito身份验证无法运行,并以某种方式被跳过:
const AWS = require('aws-sdk');
const AmazonCognitoIdentity = require('amazon-cognito-identity-js');
global.fetch = require("node-fetch");
const CognitoUserPool = AmazonCognitoIdentity.CognitoUserPool;
var AuthenticationDetails = AmazonCognitoIdentity.AuthenticationDetails;
var CognitoUser = AmazonCognitoIdentity.CognitoUser;
var USER_POOL_ID = 'my_pool_id';
var CLIENT_ID = 'my_client_id';
var idToken = '';
exports.handler = async (event,callback) => {
var email = event['username'];
var password = event['password'];
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails({
Username: email,Password: password
});
const poolData = {
UserPoolId: USER_POOL_ID,ClientId: CLIENT_ID
};
const userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
Username: email,Pool: userPool
}
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails,{
onSuccess: (result) => {
var accesstoken = result.getAccesstoken().getJwtToken();
console.log(result);
console.log(accesstoken);
idToken = result.idToken.jwtToken;
console.log(idToken);
callback(null,accesstoken);
},onFailure: (err) => {
console.log(err);
idToken = err;
callback(err);
},});
console.log("cognitoUser after: ",cognitoUser);
};
我可以看到在日志中打印的最后一个console.log,但是lambda似乎没有等待cognitoUser.authenticateUser的请求解析,因为onSuccess或onFailure内部的console.log都没有被打印。
解决方法
这里有几个选择
-
从
exports.handler = async (event,callback)中删除authenticateUser。 -
保持异步并将
Promise包裹为await,并使用const res = await new Promise((resolve,reject) => { cognitoUser.authenticateUser(authenticationDetails,{ onSuccess: (result) => { var accessToken = result.getAccessToken().getJwtToken(); console.log(result); console.log(accessToken); idToken = result.idToken.jwtToken; console.log(idToken); resolve(accessToken); },onFailure: (err) => { console.log(err); idToken = err; reject(err); },}); }delegate?.reloadTableData()
注意:代码未经测试。