boostercloud / rocket-auth-aws-infrastructure Goto Github PK
View Code? Open in Web Editor NEWDEPRECATED - Booster rocket to deploy an auth api using AWS Cognito
DEPRECATED - Booster rocket to deploy an auth api using AWS Cognito
onSignUpEvent when a new user signs up in the application.
Create an event and an entity in the event store when a new user signs up. This entity will register the user with relevant data so that it is not necessary to create it using a command after the sign-up.
Create the event in the event-store DynamoDB table as the last step in the signup process. Look how it is done in the kafka consumer or the storage rockets. The event could look like:
@Event
export class UserInfoCreated {
public constructor(
public id: string,
readonly email: string,
readonly phone: string,
readonly role: AppRole,
readonly isDeleted: boolean
) {}
Document the procedure to change an user forgotten password.
Currently, the user gets an accessToken (necessary to sign out) and an idToken (necessary to access restricted resources).
It would be great to unify both tokens, so the API would be cleaner and less confusing.
In order to use the tokenVerifier
object in the config
, generated in the Auth rocket, in other rockets, the rolesClaim
field need to be set as well as the issuer
and the jwksUri
Only issuer and the jwksUri are set in the tokenVerifier object
rolesClaim
is added as well to the tokenVerifier
object
Right now, if we decide to create a role without sign-up method, the user has to manually create the user with its role in AWS. The idea is to automate this so a user can run a script like ./createUser <user_pool_id> <user_email> <role>
and the user sets up automatically. Leaving more info below:
This affect these kind of roles (no sign-up methods):
@Role({
auth: {
signUpMethods: [],
},
})
export class Admin {}
To sign in, the user has to manually create a user:
aws cognito-idp admin-set-user-password
--user-pool-id <your-user-pool-id> \
--username <username> \
--password <password> \
--permanent
aws cognito-idp admin-update-user-attributes \
--user-pool-id <pool_id> \
--username <username> \
--user-attributes Name="custom:role",Value="Admin"
The tokenId is missing from the sign-in response and the refresh token response.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.