Cognito如何验证密码?

时间:2019-03-28 23:43:47

标签: javascript amazon-cognito

我可以使用以下方法在AWS用户池中创建用户

module.exports.signup = function(req, res, next) {
    let attributeList = [];
    let dataEmail = {
        Name : 'email',
        Value : req.body.username
    };

    let attributeEmail = new CognitoUserAttribute(dataEmail);

    attributeList.push(attributeEmail);
    userPool.signUp(req.body.username, req.body.password, attributeList, null, function(err, result){
        if (err) {
            console.log('Sigup failure:',err);
            res.status(403).send(err.message);
        }
        let cognitoUser = result.user;
        res.status(200).send({ "user": cognitoUser.getUsername() });
    });
}

,但是似乎密码没有以任何方式存储在用户池中。这意味着它应该存储在其他地方,然后从那里检索。在AWS上存储和验证密码的最简单或最常见的方法是什么? 注册后,我无法登录(假设由于密码存储问题)。返回“获取错误的用户名或密码”错误。

1 个答案:

答案 0 :(得分:0)

Cognito不允许您查看存储的密码,这是安全的一部分。您可以像这样authenticate使用javascript SDK的用户:

    var authenticationData = {
    Username : 'username',
    Password : 'password',
};
var authenticationDetails = new AmazonCognitoIdentity.AuthenticationDetails(authenticationData);
var poolData = { UserPoolId : 'us-east-1_TcoKGbf7n',
    ClientId : '4pe2usejqcdmhi0a25jp4b5sh3'
};
var userPool = new AmazonCognitoIdentity.CognitoUserPool(poolData);
var userData = {
    Username : 'username',
    Pool : userPool
};
var cognitoUser = new AmazonCognitoIdentity.CognitoUser(userData);
cognitoUser.authenticateUser(authenticationDetails, {
    onSuccess: function (result) {
        var accessToken = result.getAccessToken().getJwtToken();

        /* Use the idToken for Logins Map when Federating User Pools with identity pools or when passing through an Authorization Header to an API Gateway Authorizer*/
        var idToken = result.idToken.jwtToken;
    },

    onFailure: function(err) {
        alert(err);
    },

});
相关问题
最新问题