[英]How to authenticate user in browser using AWS Cognito?
I need to authenticate users in browser (not mobile app) using AWS Cognito with username/pass, not FB/google IdProviders. 我需要使用带有用户名/密码的AWS Cognito,而不是FB / google IdProviders,在浏览器(非移动应用程序)中对用户进行身份验证。
There are a lot of docs but they seem to be separate blocks which either incomplete, do not fit the requirements or do not fit each others :( 有很多文档,但它们似乎是单独的块,不完整,不符合要求或不适合彼此:(
I created Cognito User Pool, then Identity pool and tied the userPool to the idPool, then I stuck. 我创建了Cognito User Pool,然后创建了Identity pool并将userPool绑定到了idPool,然后我就卡住了。 Do not know which library to use and how to use it. 不知道使用哪个库以及如何使用它。 The closest I find are: 我找到的最近的是:
All I need is plain html form with username/pass, send the request to Cognito and a way to check during the next page load whether the password was correct. 我需要的只是带有用户名/密码的简单html表单,将请求发送给Cognito以及在下一页加载时检查密码是否正确的方法。 If it matters I will use AWS Lambda as back-end for processing future tasks. 如果重要,我将使用AWS Lambda作为后端来处理未来的任务。
How can I do it? 我该怎么做? Is there a tutorial/doc for my case? 我的案例有教程/文档吗? Thank you. 谢谢。
You can use AWS Cognito UserPools Hosted UI for your use case. 您可以将AWS Cognito UserPools托管UI用于您的用例。 The simplest form of authentication is using the Implicit Grant. 最简单的身份验证形式是使用隐式授权。
For more information about setting up Hosted UI refer Add an App to Enable the Hosted Web UI. 有关设置托管UI的更多信息,请参阅添加应用程序以启用托管Web UI。 . 。 This will create a UserPool where users can register them self (If you plan to restrict this, you will need to either add users using the AWS Web Console, Cognito UserPools or using their SDK) 这将创建一个UserPool,用户可以在其中自行注册(如果您计划对此进行限制,则需要使用AWS Web Console,Cognito UserPools或使用其SDK添加用户)
The steps are as follows. 步骤如下。
Note: If you need to keep the user's logged in for a longer time period (Than 1 hr), you might need to use the Code Grant flow which will return a Refresh Token, which could be used to retrieve new id_tokens programmatically. 注意:如果您需要让用户登录更长的时间段(超过1小时),您可能需要使用代码授予流程,该流程将返回刷新令牌,可用于以编程方式检索新的id_tokens。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.